Why this matters: SIM swapping lets criminals transfer your phone number to a SIM they control. With your number, they can hijack WhatsApp, email, banking, and reset your passwords in minutes.
What Is SIM Swapping?
SIM swapping (also called SIM hijacking or port-out fraud) happens when an attacker convinces your mobile provider to move your number to their SIM card. Once they receive your calls and SMS codes, they can break into your accounts, impersonate you, and steal money or data.
How Attackers Pull It Off
- Social engineering the carrier: Impersonating you via call/chat to request a “SIM replacement.”
- Leaked personal data: Using info from breaches or your public profiles to pass verification.
- Phishing for OTPs: Tricking you into sharing one-time codes “to keep your number active.”
- Insider abuse: Rare, but a corrupt support agent can process the swap.
Why It’s So Dangerous
- Bypasses SMS-based 2FA and password resets.
- Enables takeover of WhatsApp, Facebook, email, and banking apps.
- Lets attackers impersonate you to family, friends, and colleagues.
How to Protect Yourself
- SIM PIN Set a SIM PIN and ask your carrier to add a port freeze / SIM swap lock + a strong account PIN.
- 2FA Prefer app-based authentication (Authenticator/Authy) over SMS codes.
- Hygiene Use strong, unique passwords with a password manager; enable login alerts.
- Verify Never share codes; verify any “urgent” calls/texts directly via the official number/app.
- Privacy Keep your phone number and personal details off public profiles where possible.
- Updates Keep your phone OS and apps up to date to reduce device compromise risks.
If You Think You’re a Victim
- Call your carrier immediately to reclaim your number; add a port block and new account PIN.
- Secure your email first (new password + app-based 2FA), then banking and social accounts.
- Revoke sessions/devices in account settings and remove suspicious third-party apps.
- Warn contacts not to trust messages from your number until you confirm recovery.
- Contact your bank’s fraud team and monitor transactions; file reports as needed.
Common Red Flags
- Sudden loss of mobile signal for no reason.
- Login/password-reset notifications you didn’t request.
- WhatsApp or SMS messages appearing on another device / not reaching you.
- Carrier messages about SIM changes you didn’t initiate.
Tip: If SMS 2FA is your only option, set strict wallet/bank limits and turn on transaction alerts to reduce impact.