What Is SIM Swapping and Should I Be Concerned?

Written By Terry Bradley

Most people think of their phone number as just a way to receive calls and texts. Attackers see it differently. To them, your phone number may be a way into your email, bank account, business systems, social media, or cryptocurrency accounts.

That is the basic idea behind SIM swapping.

A SIM swap happens when a criminal convinces a mobile carrier to move your phone number to a SIM card or eSIM they control. Once that happens, calls and text messages meant for you go to the attacker instead. If your accounts rely on text messages for password resets or multi-factor authentication, the attacker may be able to use your phone number to get into those accounts.

KrebsOnSecurity recently highlighted this issue in an article about a Scattered Spider member who pleaded guilty after involvement in SMS phishing, SIM swapping, and cryptocurrency theft. The article also described how some SIM-swapping criminals kept leaderboard-style rankings based on claimed cryptocurrency thefts — a reminder that, for some attackers, phone-number takeover is a direct path to financial crime:
https://krebsonsecurity.com/2026/04/scattered-spider-member-tylerb-pleads-guilty/

How SIM Swapping Works

SIM swapping is usually not very technical at the victim’s end. The attacker does not need to steal your physical phone.

Instead, they try to convince your mobile carrier that they are you. They may claim they lost their phone, bought a new one, or need to activate a replacement SIM. To make the request sound legitimate, they may use personal information gathered from data breaches, phishing, social media, or other sources.

In some cases, attackers also try to move the number to another carrier. This is often called port-out fraud.

Once the attacker controls the number, they can receive text messages and calls intended for the victim. That can make it possible to reset passwords, receive login codes, and take over accounts.

Is This Mostly About Cryptocurrency?

SIM swapping has become closely associated with cryptocurrency theft because crypto accounts can be high-value and stolen funds are often difficult to recover. That makes cryptocurrency holders attractive targets.

But SIM swapping is not only a crypto problem.

For businesses, the bigger issue is account takeover. If an owner, executive, finance employee, or IT administrator has important accounts tied to SMS recovery, a SIM swap could create a path into email, payroll, banking, cloud services, domain registrar accounts, or other sensitive systems.

In other words, the phone number becomes a stepping stone.

Warning Signs

A possible SIM swap may be underway if:

  • your phone suddenly loses cellular service;

  • you receive unexpected carrier alerts;

  • you get password reset notifications you did not request;

  • you are locked out of email, banking, or social media accounts;

  • your carrier says your number was moved to a new device or carrier.

Unexpected loss of service does not always mean fraud, but it should be taken seriously.

How to Reduce the Risk

The most important step is to avoid relying on SMS as the primary security control for important accounts.

For higher-risk accounts, consider these protections:

  • Use stronger MFA, such as passkeys, authenticator apps, or hardware security keys.

  • Add a PIN or passcode to your mobile carrier account.

  • Ask your carrier about port-out protection or number lock features.

  • Remove SMS recovery from critical accounts where better options exist.

  • Protect your primary email account first, since email is often the gateway to password resets.

  • Use a password manager and unique passwords.

  • Train employees never to share one-time codes with anyone.

SMS-based MFA is better than no MFA, but it is not the strongest option for high-value accounts.

What to Do If It Happens

If your phone suddenly loses service and you suspect a SIM swap, act quickly.

Contact your mobile carrier using a trusted phone number and ask whether your SIM was changed or your number was ported. Then secure your most important accounts, especially email, banking, payroll, cloud services, and password managers. Change passwords, revoke active sessions, and review recent account activity.

If financial accounts are involved, notify your bank immediately.

Should You Be Concerned?

Yes, but the concern should be practical, not panicked.

Most people will not be individually targeted by sophisticated SIM-swapping groups. However, business owners, executives, finance teams, IT administrators, and anyone holding cryptocurrency are at higher risk because their accounts are more valuable.

For organizations, the lesson is simple: a phone number should not be treated as strong proof of identity.

Mile High Cyber helps organizations evaluate identity security, MFA settings, cloud accounts, email security, and incident response readiness. SIM swapping is not just a mobile phone problem. It is an identity security problem — and identity is now one of the main front doors attackers try to open.

Contact Mile High Cyber today to discuss: https://www.milehighcyber.com/contact-us

Terry Bradley
Next

Understanding How Attackers Think and Helping You Avoid Threats with Terry Bradley from Mile High Cyber