SIM Swap: What It Is and How to Protect Yourself

SIM swapping is a cell phone scam where criminals take over phone numbers, which can unlock financial, email and social media accounts.
A SIM swap is when criminals take over phone numbers, which can unlock financial, email and social media accounts.

Many, or all, of the products featured on this page are from our advertising partners who compensate us when you take certain actions on our website or click to take an action on their website. However, this does not influence our evaluations. Our opinions are our own. Here is a list of our partners and here's how we make money.

Updated · 4 min read
Profile photo of Amanda Barroso
Written by Amanda Barroso
Lead Writer
Profile photo of Pamela de la Fuente
Edited by Pamela de la Fuente
Assigning Editor
Fact Checked
Profile photo of Liz Weston, CFP®
Co-written by Liz Weston, CFP®
Senior Writer

What is SIM swapping?

SIM swapping, also known as SIM swap, is a scam that allows criminals to use your personal information to hijack your cell phone number by transferring it to a new SIM card. Once they have your number, scammers may be able to clean out your financial accounts, confiscate your email, delete your data and take over your social media profiles.

Fraudsters can do all of this because many companies — including banks, brokerages, email providers and social media platforms — use a two-step system to verify your identity. For example, logging in to your bank account might require you to type in your password and then a code that your bank texted you. Intercepting those codes can give a criminal an all-access pass to your financial and digital life.

This kind of identity fraud has been around for years, but it’s gotten more attention after a wave of cryptocurrency thefts and attacks on high profile victims, including Jack Dorsey, who briefly lost control of his Twitter account when he was the CEO of Twitter.

How does SIM swapping work?

Sometimes the fraudsters bribe or blackmail carrier employees; sometimes, the employees initiate the scam. Other times, the fraudsters use identifying data they’ve stolen, bought on the dark web or gleaned from social media to convince carriers that they’re you.

They pretend they want to change carriers or say they need a new SIM card, which identifies a phone’s owner and allows it to connect to a network. Once they persuade the carrier to transfer your number to a phone they control, they can attack your other accounts.

Did you know...

In 2023, the Federal Communications Commission created rules to fight against cell phone scams, including SIM swap. Carriers must create more secure ways of verifying the caller’s identity and immediately notify account holders if there is a request to change the SIM card.

How to tell if you’ve been SIM swapped

There are a few signs that you might be a victim of this scam:

  • You suddenly lose the ability to make calls or send texts from your cell phone. 

  • You get notifications that you are logged on from places you have never been or are far from where you live. 

  • You can’t access your bank, credit cards or other personal accounts using your credentials. 

  • Your credit card or bank statements show charges you never made. 

How to prevent SIM swapping

The term “SIM swapping” can be misleading. Maybe you’re picturing someone stealing your actual SIM card from your phone and replacing it with a new one. But that’s not the case. In fact, SIM cards can be physical or digital (eSIM cards), and they both can be hacked.

You can reduce the chances of being victimized by SIM swapping with these tips.

Make your passwords distinct and stronger

You should ideally have unique passwords for each of your personal accounts so if one gets hacked, the criminals can’t use that same password to breach the others. And complex passwords, rather than simple or commonly used ones, are harder for scammers to guess.

If you find new passwords hard to create and remember, there are password managers — Google has one, for example — that can create and store complicated passwords for you. Passwords will then automatically populate on personal devices, so you don’t have to remember them.

Put a PIN on your account

Ask your phone company to put a personal identification number on your account. The point of a PIN is to force the cell phone carrier to ask you for it before it makes any changes to your account. In the case of SIM swap, the hope is that the carrier will require the PIN before your phone number is “ported out” to a new carrier or assigned to a different SIM card.

Download an authenticator app for stronger security

Investigate whether you can switch to more secure authentication on your sensitive accounts. Using an authenticator app such as Authy, Google Authenticator or Duo Mobile on your smartphone provides better protection than getting a text on your phone, although that’s better than nothing.

Clean up your social media profiles

Hackers and scammers comb through social media profiles to try to get as much personal information as they can. Criminals use birthdays; kids, pets and mother’s maiden names; locations; and other personal information to try to figure out what your password might be. Err on the side of safety and purge your profiles of the details.

Steps to take if you’re a victim of SIM swapping

If your phone stops working or you can’t send or receive texts, don’t assume it’s a glitch. Immediately, call your carrier using an alternate method or go to one of its stores to report phone takeover fraud.

After you report the fraud:

The important thing is to move quickly, because the bad guys won’t wait.

On a similar note...