SIM Swapping
SIM swapping transfers a victim's phone number to an attacker-controlled SIM by social engineering the mobile carrier, enabling interception of SMS-based authentication codes.
SIM swapping transfers a victim's phone number to an attacker-controlled SIM by social engineering the mobile carrier, enabling interception of SMS-based authentication codes.
Continue your mission
SIM swapping is a social engineering attack where the attacker convinces a mobile carrier to transfer a victim's phone number to a SIM card controlled by the attacker. Once the transfer is complete, the attacker receives all calls and text messages intended for the victim, including SMS-based two-factor authentication codes. This enables account takeover across any service that relies on phone-based verification.
The attacker gathers personal information about the victim through data breaches, social media, or phishing. Armed with details like the victim's name, address, date of birth, and account PIN, the attacker contacts the victim's mobile carrier and impersonates them. They claim their phone was lost or damaged and request the number be ported to a new SIM card. Alternatively, the attacker may bribe or socially engineer carrier employees directly. Once the port is complete, the victim's phone loses service, and the attacker begins receiving their calls and messages. The attacker then initiates password resets on targeted accounts, intercepting the SMS verification codes. High-value targets include cryptocurrency exchanges, banking applications, email accounts, and social media profiles.
SIM swapping has caused millions of dollars in cryptocurrency theft and has been used to compromise high-profile individuals including executives, journalists, and government officials. The attack exposes a fundamental weakness in SMS-based two-factor authentication. Organizations and individuals should migrate to app-based or hardware-based MFA, set carrier PINs and port-freeze protections, avoid using phone numbers as account recovery options, and treat SMS 2FA as a last resort rather than a security measure.
CDA Theater missions that address topics covered in this article.
Rogue access point detection identifies unauthorized wireless APs on the network using WIPS sensors, wired-side monitoring, and signal triangulation to prevent network bypass.
LLM security risks include data leakage, prompt injection, model supply chain attacks, and unauthorized tool execution, requiring organizations to treat AI models as high-privilege components.
Written by CDA Editorial
Found an issue? Help improve this article.