A SIM swapping attack, also known as SIM interception, is a form of identity theft in which the attacker convinces a cellular service provider to change the victim's phone number to a new device to access bank accounts, credit card numbers, and other sensitive information. Sometimes, this is achieved by using the victim's real data to bypass authentication.
Once this is accomplished, the attacker gains access to all text messages, phone calls, and accounts linked to the victim's phone number. If not detected early, the attacker could open new accounts to transfer funds in the victim's name or lock the victim out of all their accounts.
One indicator of a SIM swapping attack is the disruption of text messages and call delivery to a device without any request.
You can protect yourself by doing the following:
- Avoid relying on SMS for primary communication, as the data within these messages is not encrypted.
- Enable two-factor authentication (2FA) for social media, credit cards, and bank accounts.
- Do not provide your cell phone number on accounts or social media profiles that do not require it.