Talk:SIM swap attack

From Wikipedia, the free encyclopedia

This is the talk page for discussing improvements to the SIM swap attack article.
This is not a forum for general discussion of the subject of the article.

Put new text under old text. Click here to start a new topic.
New to Wikipedia? Welcome! Learn to edit; get help.

Article policies

Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL

While the biographies of living persons policy does not apply directly to the subject of this article, it may contain material that relates to living persons, such as friends and family of persons no longer living, or living persons involved in the subject matter. Unsourced or poorly sourced contentious material about living persons must be removed immediately. If such material is re-inserted repeatedly, or if there are other concerns related to this policy, please see this noticeboard.

More information Things you can help WikiProject Computer security with: ...

Computer security: Computing Mid‑importance

This article is within the scope of WikiProject Computer security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer securityWikipedia:WikiProject Computer securityTemplate:WikiProject Computer securityComputer security

Mid

This article has been rated as Mid-importance on the project's importance scale.

This article is supported by WikiProject Computing (assessed as Mid-importance).

An editor has requested that an image or photograph be added to this article.

Things you can help WikiProject Computer security with:

Article alerts are available, updated by AAlertBot. More information...

Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

Crime and Criminal Biography: Organized crime Mid‑importance

	This article is within the scope of WikiProject Crime and Criminal Biography, a collaborative effort to improve the coverage of crime and criminal biography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Crime and Criminal BiographyWikipedia:WikiProject Crime and Criminal BiographyTemplate:WikiProject Crime and Criminal BiographyCrime-related
Mid	This article has been rated as Mid-importance on the project's importance scale.
	This article is supported by the Organized crime task force (assessed as Mid-importance).

Telecommunications Low‑importance

	Telecommunication portal This article is within the scope of WikiProject Telecommunications, a collaborative effort to improve the coverage of Telecommunications on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.TelecommunicationsWikipedia:WikiProject TelecommunicationsTemplate:WikiProject TelecommunicationsTelecommunications
Low	This article has been rated as Low-importance on the project's importance scale.

This article has previously been nominated to be moved. Please review the prior discussions if you are considering re-nomination.

Discussions

Not moved, 11 May 2024, see discussion.
Moved, 21 December 2025, from SIM swap scam to SIM swap attack, see discussion.

How the fraud works through Law Enforcement agencies

PIN1, PIN2 and PUK codes are available at the backend, sometimes even in frontend customer care section of company outlets. A dummy card is used to activate with the codes and use the account on another mobile phone. That's all.
It becomes easier to manipulate and hijack identity when there are Dual SIM slots in the phone and the person switches off the phone. Keeping phone always switched "on" has the disadvantage of allowing eavesdropping as well as the possibility of hostile programs being downloaded, and so a balance has to be made.

— Preceding unsigned comment added by 122.164.135.180 (talk) 12:11, 29 July 2019 (UTC)

Details missing

Why Sim PIN and PUKs are not required for the switch? Zezen (talk) 21:19, 4 January 2020 (UTC)

AT&T etc. employees do it themselves: https://www.vice.com/en_us/article/d3n3am/att-and-verizon-employees-charged-sim-swapping-criminal-ring

-> Let us update it.

Zezen (talk) 18:23, 23 January 2020 (UTC)

Section of mitigations?

I know that there are alleged defenses against SIM swapping, like using VOIP numbers (e.g. Google Voice) or avoiding SMS 2FA whenever possible. I don't think there's any data to support those defenses, but I could be wrong. Should there be a section on this? RentedUniverse (talk) 14:18, 3 August 2020 (UTC)

If any mitigations are discussed in Reliable Sources WP:RS than it would be good to include statements about such in this article. Please also see: WP:OR. Thanks!---Avatar317 ^(talk) 22:16, 4 August 2020 (UTC)

A number of mitigations are discussed in this 2021 AARP article. That's a bit old, so I don't know how accurate it is. Also at howtogeek. The chief recommendation seems to be not to use text-based 2FA, but rather an app-based 2FA, if possible. And this androidpolice article recommends locking (= freezing) your phone number. I can't judge whether any of these is judged a Reliable Source. Mcswell (talk) 18:32, 2 August 2024 (UTC)

Requested move 11 May 2024

The following is a closed discussion of a requested move. Please do not modify it. Subsequent comments should be made in a new section on the talk page. Editors desiring to contest the closing decision should consider a move review after discussing it on the closer's talk page. No further edits should be made to this discussion.

The result of the move request was: not moved. – robertsky (talk) 07:24, 19 May 2024 (UTC)

SIM swap scam → SIM swapSIM swap OR SIM swappingSIM swapping – WP:COMMONNAME. This is generally just referred to as "SIM swap" (or the action of performing it, "SIM swapping"), so having "scam" in the title is not exceptionally necessary and can just be introduced in the lead section. B3251 (talk) 18:17, 11 May 2024 (UTC)

Oppose: I have swapped the SIM in my phone many times. It is a common thing to do that does not involve fraud or scamming. The current article title makes it clear that the ordinary action of swapping SIMs is not what the article is about. The article is about a scam, and the current article title makes that clear. The proposed article title does not. —⁠ ⁠BarrelProof (talk) 03:57, 12 May 2024 (UTC)
Important to note that "SIM swap" redirects to the current article, meaning that any mention of "swapping SIMs" on Wikipedia currently refers to SIM swapping. That being said, I hadn't thought about that when making the request, but I'd still like to propose moving the article title to "SIM swapping" due to being much more commonly used to refer to this practice rather than "SIM swap scam". As a matter of fact, "SIM swapping" online seems to completely refer to the illicit practice. I'll modify my request. Thanks, B3251 (talk) 04:32, 12 May 2024 (UTC)
The proposal was slightly modified after I made my comment to add "OR SIM swappingSIM swapping". I don't think that makes much of a difference. The current title seems more clear that this is referring to an illicit activity. As I said before, the ordinary action of swapping SIMs is not what the article is about. —⁠ ⁠BarrelProof (talk) 07:31, 14 May 2024 (UTC)
I’d argue that “sim swapping” today almost entirely refers to the illicit practice of doing so, looking it up it through search engines return only the illicit practice/scam. Yes, it is a more recent term/practice (over the past ~10 yrs probably) though I still feel as if the more common term for this action should be the WP name to conform with familiarity. “Changing SIMs” seems to be a more widely used term for non-illicit swapping of SIMs. B3251 (talk) 11:20, 14 May 2024 (UTC)

Oppose: Whereas the most common CURRENT media usage may be just "SIM swapping" I would bet that is not an accurate picture of what the great majority of people understand it as. It is a scam, and it is more clear when the title says that when someone is searching, rather than only in the article. We currently have "SIM swapping" as a redirect to "SIM swap scam", I think this is the most clear way for it to be.

---Avatar317 ^(talk) 01:27, 16 May 2024 (UTC)

The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

History?

As I read about it, it seems it came to prominence in late 2010s. If someone knows of some history it would be good to add. Setenzatsu.2 (talk) 15:00, 9 June 2024 (UTC)

Requested move to SIM swapping, 2025-11-28

Discussion moved to a correctly bot-driven request below #Requested move 21 December 2025.

SIM swap scam → SIM swappingSIM swapping – WP:COMMONNAME. "SIM swapping" is by far the common term for this particular attack. Chumpih ^t 18:58, 28 November 2025 (UTC)

Support: I suggested this over a year ago and this wasn't passed. I still support moving this to "SIM swapping" or at the very least "SIM swap attack", as it's referred to as such (the process of maliciously attacking/accessing a device) more than a scam, seeing how the most notorious SIM swapping instances have occurred as means of social engineering telecom employees with the victim's phone number rather than 'directly scamming' them in a sense. "SIM swapping" already redirects to this page so I see no issue with changing it to the more widely used result. I addressed this in my own proposal but search results predominantly return only the criminal context rather than legitimate SIM swaps and if a distinction is that necessary it can be made in the lead of the article. WP:COMMONNAME uses common in the context of what name is most frequently used in reliable sources, and that is clearly "SIM swapping". Non illicit acts of SIM swapping are distinguished and more commonly search terms like "changing SIMs" or "switching SIMs", not "SIM swapping". B3251_(talk) 01:21, 29 November 2025 (UTC)
BTW, the scam is not aimed at the telecom employees conned into doing the switch, the scammers' goals are to be able to capture multi-factor authentication codes sent to the victim's cell phone so fraudsters can access the victim's bank or other online accounts. ---Avatar317 ^(talk) 06:03, 2 December 2025 (UTC)
Thanks for going in more depth, mostly social engineering or bribing telecom employees B3251_(talk) 13:44, 2 December 2025 (UTC)

Oppose - I opposed this in my statement in the discussion above, but I would support a move to "SIM swap attack", since this has also been infamously used to steal Twitter accounts for political/other purposes (not making money).

---Avatar317 ^(talk) 06:00, 2 December 2025 (UTC)

IMHO SIM swap attack would be an improvement. Chumpih ^t 20:09, 5 December 2025 (UTC)

Discussion moved to a correctly bot-driven request below #Requested move 21 December 2025.

Requested move 21 December 2025

The following is a closed discussion of a requested move. Please do not modify it. Subsequent comments should be made in a new section on the talk page. Editors desiring to contest the closing decision should consider a move review after discussing it on the closer's talk page. No further edits should be made to this discussion.

The result of the move request was: moved. (closed by non-admin page mover) Jeffrey34555 (talk) 18:12, 27 December 2025 (UTC)

SIM swap scam → SIM swap attack – "SIM swap attack" is a more helpful term, per consensus achieved in the discussion above #Requested move to SIM swapping, 2025-11-28 Chumpih ^t 02:53, 21 December 2025 (UTC)

Support. A SIM swap is not a scam, but rather a tactic used as an element of scams. Including "attack" also clarifies that this is not the ordinary practice of swapping SIM cards for legitimate everyday purposes. —⁠ ⁠BarrelProof (talk) 03:55, 21 December 2025 (UTC)

There is also another argument for this renaming. A "scam" involves gaining the trust of the victim. SIM swaps are a tactic that is typically used for thefts that are not "scams". No trust from the victim is needed. Thus, the word "scam" is not accurate here, and should be removed from the article's title. —⁠ ⁠BarrelProof (talk) 17:53, 22 December 2025 (UTC)

Support I still stand by my belief that SIM swapping would work just as well as per my arguments made in previous proposals, but this works at least better than the current title. B3251_(talk) 01:05, 22 December 2025 (UTC)

The discussion above is closed. Please do not modify it. Subsequent comments should be made on the appropriate discussion page. No further edits should be made to this discussion.

Related Articles