Stay informed on SIM Swapping: your hub for the latest news, prevention tips, and insights into combating this rising information security threat.
Search across headline titles and summaries.
Background for this topic.
SIM Swapping is a type of account takeover fraud that targets a weakness in two-factor authentication and verification where a user's phone number is used as a way to gain access to accounts. In this scam, a hacker tricks a victim's cellular service provider into transferring their phone number to a SIM card held by the perpetrator. By having access to the victim's phone number, the attacker can then receive any calls or texts that are meant for the victim, including those that contain security codes for various online accounts.
In the context of information security, SIM Swapping poses a significant threat as it can lead to unauthorized access to a victim's personal and financial accounts, resulting in identity theft, financial loss, and other fraudulent activities. Protecting against SIM Swapping requires both personal vigilance and improved measures by service providers, including multi-layered authentication processes that are not solely dependent on SMS-based verification. Awareness and prevention strategies are critical in mitigating the risks associated with this type of attack.
Weekly headline count for the current query.
Orange Belgium revealed that a threat actor has compromised 850,000 customer accounts, with SIM card numbers among the data accessed
A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major hacks and cryptocurrency thefts
A 21-year-old Florida man at the center of a prolific cybercrime group known as "Scattered Spider" was sentenced to 10 years in federal prison today, and ordered to pay roughly $13 million in restitution to victims. Noah Michael Urban of Palm Coast, Fla. pleaded guilty in April 2025 to charges of wire fraud and conspiracy. Florida prosecutors alleged Urban conspired with others to steal at least $800,000 from five victims via SIM-swapping attacks that diverted their mobile phone calls and text messages to devices controlled by Urban and his co-conspirators.
AT&T has launched a new security feature called "Wireless Lock" that protects customers from SIM swapping attacks by preventing changes to their account information and the porting of phone numbers while the feature is enabled. [...]
The weakness in Google's password-recovery page, discovered by a researcher called Brutecat, exposed private user contact information to attackers, opening the door to phishing, SIM-swapping, and other attacks.
A vulnerability allowed researchers to brute-force any Google account's recovery phone number simply by knowing a their profile name and an easily retrieved partial phone number, creating a massive risk for phishing and SIM-swapping attacks. [...]
SIM swapping fraud surges in the Middle East as cybercriminals exploit websites mimicking legitimate services to steal personal data
Said to have asked search engine 'What are some signs that the FBI is after you?' An Alabama man is pleading guilty after being charged with SIM swapping the Securities and Exchange Commission's (SEC) X account in January last year.…
Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. [...]
SIM swapping and “adversary-in-the-middle” can bypass security for accounts on X (formerly Twitter)
The gang already uses varied tools in its attacks, such as phishing, SIM swapping, and MFA fatigue.
PLUS: more glibc vulns discovered; DraftKings hacker sentenced; and a hefty dose of critical vulnerabilities Infosec In Brief The recent indictment of a massive SIM-swapping ring may mean convicted crypto conman Sam Bankman-Fried is innocent of at least one allegation still hanging over his head: The theft of more than $400 million in crypto hacked from wallets belonging to his crypto firm, FTX, just before it declared bankruptcy.…
Also: US Courts Announce Guilty Pleas and Hand Out Sentences in Crypto-Linked CasesThis week, a Ripple co-founder and a karaoke platform were hacked, Mexican crypto banks were targeted, authorities seized crypto in the U.S. and Germany, the DOJ made charges in crypto cases, people pleaded guilty to money laundering and SIM swapping, monero was traced, and FTX will not restart.
Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX, which had just filed for bankruptcy on that same day.
On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.
Hackers Spread Fake News About SEC Approving Spot Bitcoin Exchange-Traded FundIt wasn't a sophisticated hack on Jan. 9 that allowed hackers to briefly take control of an official U.S. Securities and Exchange Commission social media account, the agency said Monday. The hackers simply scammed the account's mobile phone provider in a SIM swap attack.
The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. [...]
A California man who lost $100,000 in a 2021 SIM-swapping attack is suing the unknown holder of a cryptocurrency wallet that harbors his stolen funds. The case is thought to be first in which a federal court has recognized the… Read More »
Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency theft. [...]
The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. [...]