A SIM card is a small chip in your phone that acts as the connection between your account and your phone. Your phone uses a SIM card to connect with the mobile network. Through the SIM connection, your mobile service provider links the phone to your number and account. 

Thieves are motivated to find ways to steal your phone number. And they don’t have to physically have your phone.

First, they target a person with valuable online accounts. These could include a financial account or a social media account with a large following.

Illustration a cell phone with a sim card and a "mobile account id" note
Illustration of person in dark jacket and gloves with finger holes talking on cell phone as they stare at a face outline on a computer screen with icons of money, contacts and their home on hooks over their head

If you become a target, a thief gathers information about you like email, home address and phone numbers. They may try to trick you into revealing information about yourself through phishing or social engineering. But they often get the information with a few simple internet searches or from social media.

Once he has the information, the thief may call your phone carrier, pretending to be you, and attempt a “SIM swap.” He may convince your mobile service provider to link your mobile service with the SIM card of a mobile phone in the thief’s possession. If successful, the mobile network will start sending calls and texts to the new SIM card – which is really the thief’s phone.

This will deactivate your phone, and the thief will start getting your calls and texts on his device, including authentication texts, one-time PINs or phone responses. This means the thief may be able to gain access to your financial or social media accounts.

What AT&T is doing

We are working hard with other major phone carriers and business partners to help prevent unauthorized SIM swaps. However, the thieves constantly change their tactics. So, we are continually enhancing safety measures, including:

Illustration of two cell phones with the text "your phone" and the screen saying "No Service Found" next to their phone with the text "Service Activated"
Illustration of two sim cards with arrows pointing away from each and a lightning bolt with the text "we are working hard to prevent Sim swaps"
  • Building tools to make it harder for someone to pretend to be you
  • Helping companies flag suspected thieves during online transactions by strengthening text-authentication tools
  • Training employees and customers to better recognize impersonation attempts
  • Expanding fraud detection and support
  • Applying advanced technology to detect and stop suspected unauthorized SIM swaps
  • Working closely with law enforcement to identify these criminals and bring them to justice

What can you do? 

These scams tend to target high-profile individuals. But it could happen to anyone. Here are a few tips to help avoid having your number taken over: 

  • Add "extra security" measures to your AT&T Wireless accounts. If you create a unique passcode on your AT&T account, in most cases we'll require you to provide that passcode before any significant changes can be made, including porting initiated through another carrier. You can learn more about passcodes at this link.
Illustration of cell phone, laptop, and tablet device with a lock in the middle and an icon under each to show they are secure
Illustration of personal information such as a fingerprint and name with a lock at the bottom next to a brick wall with a lock and text message chain on the right with the text "Don't share personal information online"
  • Don't share personal information online. Don't post, or at least carefully limit, information on social media that a thief could use to gain access to your accounts or convince someone he is you. This includes legal names, birth dates and information that could be an answer to a security question, such as a pet's name, your best friend or high school mascot.
  • Keep your personal email in box clean. Delete phone bills, bank statements and other emails that may include personal information. Don't store passwords, passcodes or pins in unencrypted or unsecure email accounts. This will help reduce the risk of your sensitive information falling into the wrong hands.
Illustration of empty inbox with an arrow pointing to an "offline/private" folder
Illustration of a piggy bank with a lock on the side and a cell phone number sticking out of the top with the text "Be careful about sharing your mobile phone number"
  • Be careful about sharing your mobile phone number. Consider using a different number, such as a landline, with businesses like grocery stores and dry cleaners. Limit sharing your mobile number anywhere it might be posted publicly or to many people, such as on social media, email signatures, and phone lists.
  • Add additional authentication measures to other accounts, such as financial accounts, and don’t use your mobile phone number as a source of security and authentication. For example, enable app-based multiple authentication on your accounts whenever possible. 

Security experts recommend a number of additional safeguards for managing cryptocurrency.

  • Learn about the security measures available and make sure you are using the most secure authentication methods.
  • If you want to be particularly careful, store cryptocurrency in “cold storage” – an environment without online access.
  • Don’t store cryptocurrency wallet credentials online. Instead, write them down and keep them in a secure physical location.
  • When choosing financial investments and services, consider that some are protected from theft and fraud, others are not. For example, cryptocurrency accounts are not insured from theft like other types of traditional financial accounts. If cryptocurrency is stolen from you, it most likely cannot be recovered.
  • Protect all your financial accounts and information.

If you believe your SIM card has been swapped without your consent, report it to your carrier right away. AT&T customers can report unauthorized SIM swaps and other suspected fraud at this website.

You can also refresh yourself on our Cyber Aware tips to protect yourself online.