SIM swapping is when someone swaps your number from your SIM to one they own.

This lets them receive your calls and texts, including passwords and multi-factor authentication codes.

They do this by using personal data (taken from data leaks, phishing, or other methods) to pass security checks. Then they’ll ask your phone provider to transfer your number.

Signs of SIM swapping

Signs that your SIM has been swapped can be when you:

• are unable to make calls or texts
• are unable to connect to a service
• get notifications of activity elsewhere (such as messages that your SIM card or phone number is being used on a new device)
• get one-time password (OTP) codes you did not ask for
• can no longer log into accounts
• find out people you know have been asked for money by you, but you did not ask for any
• are contacted by someone pretending to be your network provider, asking for your multi-factor authentication (MFA) code (do not give it to them)

You can read more information on SIM swapping and what to do if it happens from the Cyber and Fraud hub.

If you want to tell us about SIM swapping, you can report it online, by phone, or in person.

Report it using our online form

Learn about other ways you can report a crime to us

To protect your phone, you can:

• ask your provider what extra protection they offer
• turn on two-factor authentication for your phone provider and accounts
• use a strong password using three random words for your phone provider and accounts
• ignore spam or unexpected emails, texts, or calls to protect your data
• avoid oversharing on social media to protect your data