An attack where a criminal convinces a mobile carrier to transfer a victim's phone number to a SIM card they control, enabling them to intercept calls, text messages, and two-factor authentication codes.
An attack where a criminal convinces a mobile carrier to transfer a victim's phone number to a SIM card they control, enabling them to intercept calls, text messages, and two-factor authentication codes.
Think you've been targeted?
Paste the suspicious content here for an instant analysis.
No signup · 6 detection layers · Results in seconds · Cmd+Enter
SIM swapping (also called SIM hijacking) exploits the ability to transfer a phone number between SIM cards — a legitimate feature intended for when you get a new phone. Criminals use social engineering to convince carrier employees to perform this transfer without the real owner's authorization.
Once the attacker controls your phone number, they receive all your calls and texts, including two-factor authentication (2FA) codes. This gives them access to your email, bank accounts, cryptocurrency wallets, and any other accounts protected by SMS-based 2FA.
SIM swapping has become the preferred method for targeting cryptocurrency holders, as blockchain transactions are irreversible. High-profile victims have lost millions of dollars worth of crypto within minutes of their SIM being swapped.
In 2023, a 25-year-old was sentenced to 5 years in federal prison for conducting SIM swaps that stole $20 million in cryptocurrency from victims across the US. He bribed employees at mobile carriers to perform unauthorized SIM transfers.