📲

SIM Swapping

Threats

Account Takeover (ATO) Mobile Privacy Two-Factor Authentication (2FA) Social Engineering

Account takeover technique involving fraudulent SIM reassignment at a carrier to intercept calls/SMS.

Definition

SIM swapping abuses carrier processes (often via social engineering) to port or reissue a number. It enables interception of SMS-based MFA and account recovery flows.

In plain English Account takeover technique involving fraudulent SIM reassignment at a carrier to intercept calls/SMS.

Why this matters

Why it matters: SMS is weak for account recovery and MFA; SIM swap attacks can bypass protections and lead to rapid compromise.

Example

Example: Use phishing-resistant MFA where possible, set a carrier PIN, and avoid SMS as the primary recovery method for critical accounts.

SIM Swapping

Definition

Why this matters

Example

Accessibility Settings

Text Size

Theme

Contrast Level

Language & Content

Need help with a term? Open the glossary