SIM swapping is an account takeover technique in which an attacker gets a mobile carrier to transfer a victim's phone number to a SIM card under the attacker's control. Once the number moves, calls and text messages intended for the victim go to the attacker instead..
What is SIM Swapping?
SIM swapping is an account takeover technique in which an attacker gets a mobile carrier to transfer a victim's phone number to a SIM card under the attacker's control. Once the number moves, calls and text messages intended for the victim go to the attacker instead.
How SIM Swapping Works
The attacker gathers personal information about the victim, contacts the carrier while impersonating them, and claims the phone was lost, damaged, or upgraded. If the carrier accepts the request, the number is ported or reissued to the attacker's device. In some cases, insiders or social engineering against carrier support staff are part of the process.
Why SIM Swapping Matters for Security
SIM swapping can intercept SMS-based MFA codes, password reset messages, recovery calls, and account alerts. That makes it a powerful bridge between publicly available personal data and full account takeover, especially when organizations still rely on phone numbers as a trusted recovery factor.
SIM Swapping and Help Desk Attacks
Groups running help desk and identity workflow attacks often use SIM swapping to strengthen the pretext or receive follow-up verification. If a support team relies on SMS codes or call-backs to the registered number, a successful SIM swap can turn a weak verification process into a complete bypass.
How to Reduce SIM Swap Risk
Frequently Asked Questions
What does a SIM swap let an attacker do?
A SIM swap lets an attacker receive calls and text messages sent to the victim's number. That can include MFA codes, password reset links, recovery calls, and security alerts.
Does app-based MFA help against SIM swapping?
Yes. App-based authenticators and hardware tokens are generally more resilient than SMS because they do not depend on control of the victim's phone number.
How do attackers convince carriers to perform a SIM swap?
They usually use impersonation and social engineering, supported by personal data gathered from breaches, public records, or open-source research. In some cases, insider assistance is also involved.
Why is SIM swapping relevant to enterprise security?
Enterprise help desks and identity systems often treat the registered phone number as a trusted recovery channel. If that assumption is wrong, attackers can bypass password reset and MFA recovery workflows.