SIM Swapping
What is SIM Swapping?
SIM SwappingA fraud technique in which an attacker tricks or bribes a mobile carrier into transferring a victim's phone number to a SIM the attacker controls.
SIM swapping (also called SIM-jacking or port-out fraud) abuses carrier account-recovery and number-portability processes. Using stolen personal data and social engineering of customer-service staff, or insider help, the attacker has the victim's number ported to a new SIM. Once the number is theirs, the criminal intercepts SMS codes, voice calls, and password-reset links and rapidly takes over email, banking, and crypto-wallet accounts. Mitigations include moving off SMS-based MFA toward FIDO2 keys, passkeys, or authenticator apps; setting a carrier PIN or port-out lock; using non-public recovery emails; and monitoring for sudden loss of cellular service, which is often the first sign of an attack.
● Examples
- 01
Calling the carrier with leaked PII to request a new SIM and then resetting bank-account passwords by SMS.
- 02
An insider at a mobile store performing the swap for a fee.
● Frequently asked questions
What is SIM Swapping?
A fraud technique in which an attacker tricks or bribes a mobile carrier into transferring a victim's phone number to a SIM the attacker controls. It belongs to the Attacks & Threats category of cybersecurity.
What does SIM Swapping mean?
A fraud technique in which an attacker tricks or bribes a mobile carrier into transferring a victim's phone number to a SIM the attacker controls.
How does SIM Swapping work?
SIM swapping (also called SIM-jacking or port-out fraud) abuses carrier account-recovery and number-portability processes. Using stolen personal data and social engineering of customer-service staff, or insider help, the attacker has the victim's number ported to a new SIM. Once the number is theirs, the criminal intercepts SMS codes, voice calls, and password-reset links and rapidly takes over email, banking, and crypto-wallet accounts. Mitigations include moving off SMS-based MFA toward FIDO2 keys, passkeys, or authenticator apps; setting a carrier PIN or port-out lock; using non-public recovery emails; and monitoring for sudden loss of cellular service, which is often the first sign of an attack.
How do you defend against SIM Swapping?
Defences for SIM Swapping typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for SIM Swapping?
Common alternative names include: SIM-jacking, Port-out fraud, SIM hijacking.
● Related terms
- attacks№ 010
Account Takeover (ATO)
An attack in which a criminal gains unauthorised control of a legitimate user account and uses it to steal funds, data, or commit further fraud.
- identity-access№ 708
Multi-Factor Authentication (MFA)
An authentication method that requires two or more independent factors — typically from different categories — before granting access.
- attacks№ 1065
Social Engineering
The psychological manipulation of people into performing actions or disclosing confidential information that benefits an attacker.
- attacks№ 511
Identity Theft
The misuse of another person's personal information to impersonate them, open accounts, obtain credit, claim benefits, or commit other fraud.
- identity-access№ 754
One-Time Password (OTP)
A short numeric code that is valid for only a single login attempt or a brief time window, typically used as a second authentication factor.
- identity-access№ 414
FIDO2
An open authentication standard from the FIDO Alliance combining WebAuthn (browser API) and CTAP (authenticator protocol) to enable phishing-resistant, passwordless sign-in.