One moment your phone shows full bars; the next it’s a paperweight. No calls, no texts, no data. By the time you find Wi-Fi, your bank balance is zero and your Instagram handle belongs to someone in another time zone. That silence is the first symptom of a SIM-swap attack, and the numbers show it’s spreading fast.
The FBI opened 1,075 SIM swap investigations last year, recording close to $50 million in losses. UK fraud-prevention group Cifas saw unauthorized swaps rocket from 289 cases in 2023 to almost 3,000 in 2024—a jump of more than 1,000 percent. Nearly half of all account-takeover incidents reported to Cifas now start with a hijacked mobile number.
Carriers route SMS through their own switches, so anyone who convinces customer service to issue a replacement SIM gains the keys to every account that relies on a text for password resets or two-factor codes.
Encrypted chat apps such as WhatsApp, Signal, and iMessage avoid the carrier chokepoint, but they still fall if the attacker steals your credentials or adds a linked device while you’re locked out.
Warning signs are blunt: sudden loss of service, “new device” alerts you didn’t trigger, friends receiving messages you never sent, or a battery that starts hemorrhaging charge as the attacker syncs your cloud backups. If any of these appear, assume your number is already in someone else’s handset.
The fix list is short and entirely on you: set a carrier PIN or passcode with your mobile provider, switch every two-factor setting from SMS to an authenticator app, audit linked devices in your chat apps weekly, delete software you don’t recognize, and run a mobile-security scanner such as Bitdefender Mobile Security on Android or iOS. Do these things or don’t complain later.
Source: Bitdefender | ic3