Definition
SIM Swap Fraud refers to a form of fraud in which an attacker takes control of a victim’s mobile phone number by fraudulently transferring it to a new SIM card issued by a mobile network provider.
By gaining control over the phone number, the attacker can intercept SMS-based authentication messages, including one-time passwords (OTPs), and use them to access and compromise existing accounts.
Context
SIM Swap Fraud is closely associated with:
• Account Takeover
• Identity Fraud
• Social Engineering
• bypassing Multi-Factor Authentication (MFA)
The attack exploits weaknesses in identity verification processes at telecom providers, often combined with previously obtained personal data.
It commonly targets:
• online banking systems
• cryptocurrency platforms
• email accounts
• social media accounts
Meaning
SIM Swap Fraud represents a critical vulnerability in systems relying on SMS-based authentication.
Key risks include:
• Bypassing authentication controls: SMS-based OTPs are compromised
• Rapid escalation: multiple accounts can be accessed quickly
• High financial impact: particularly in financial and crypto environments
• Third-party dependency: security depends on telecom provider processes
The method highlights the limitations of SMS-based multi-factor authentication as a standalone security measure.
Example
An attacker impersonates a victim when contacting a mobile network provider, using stolen or publicly available personal data. The attacker requests a SIM replacement for the victim’s phone number.
Once the number is transferred, the attacker receives all incoming messages, including authentication codes, and uses them to access banking or email accounts.
Sources
Suggested citation
wirtschaftsforensik.ch Editorial Team: "SIM Swap Fraud", in: Glossary, wirtschaftsforensik.ch, https://wirtschaftsforensik.ch/glossar/sim-swapping/, accessed April 18, 2026.