About SIM swap fraud

SIM swap (SIM hijacking) transfers a victim's phone number to an attacker-controlled SIM via social engineering of carrier support

Once executed, all SMS 2FA codes and calls are received by the attacker — enabling account takeover of email, banking, crypto, and social media accounts

Risk assessment based on: FTC/FCC reports, ENISA threat landscape, carrier security audits, news coverage of documented incidents

Defense: replace SMS 2FA with TOTP or FIDO2 keys — eliminates SIM swap bypass of 2FA entirely