Yes, even basic technology like SIM cards poses the risk of getting hacked. Today, cell phones have almost become tiny supercomputers, so users must learn how to secure their mobile phones. From social engineering scams to SIM hijacking, sensitive data can easily become compromised without adequate cybersecurity awareness.

Learn more about why SIM card hacking is on the rise and how you can prevent it from happening.

What Are SIM Cards?

All phones contain a SIM (subscriber identity module) card, a tiny chip that stores information that phone carriers use to identify users. Every user is assigned a unique phone number to send and receive data through their network provider (AT&T, Verizon, T-Mobile, etc.). Whether you own an iPhone or Android, you can swap out SIM cards in any unlocked phone.

Each card contains a unique 17-digit code that records the country of origin, service provider, and unique user ID. Additionally, SIM cards store two passwords: your Personal Identification Number (PIN) and your Personal Unblocking Key (PUK).

The PIN code is required to unlock the SIM card when inserting it into a new phone or after a reboot. In the case you forgot the PIN, you'll need a PUK to gain access to the SIM card.

Main Reasons for Hacking SIM Cards

SIM cards typically only contain up to 256KB of storage, enough to store about 250 contacts and not much else. However, even with limited data, hackers only need access to your phone number to steal personally identifiable information (PII).

One of the most important things linked to phone numbers is access to two-factor authentication (2FA) or multi-factor authentication (MFA). Many security procedures that require authentication codes will send verification through SMS text messages or emails.

If hackers or scammers can impersonate you by receiving those verification texts, they can:

  1. Steal your identity and private information
  2. Monitor and send phone calls and texts
  3. Access email accounts
  4. Access social media accounts
  5. Access online bank accounts
  6. Access cryptocurrency accounts

Common Ways To Hack SIM Cards

1. SIM Swapping

SIM card swapping is one of the fastest-growing cyber epidemics and one of the main types of cyber attacks in recent years. It's the result of many social engineering strategies that target phone providers to gain access to new SIM cards.

The main tactic scammers employ is calling the phone companies and asking for a replacement SIM card, pretending there was a new device upgrade or a lost phone. If they can successfully verify basic information, the phone companies will send out a new SIM card and deactivate the old one.

Once the scammers receive the new SIM card, they’ll be able to intercept all calls and messages, including any 2FA or MFA authentication texts. The deactivated SIM card will no longer receive any calls or texts and won’t be able to send them either. It's highly recommended to use a authentication application instead of using SMS text messaging, as the application can use other security measures like face ID, PIN, or fingerprint to verify identity.

How secure is your cell phone provider?

In many cases, scammers source personal data regarding the victim's identity from data leaks, data breaches, phishing scams, or purchasing from criminal parties on the dark web. Nobody is safe, as even Jack Dorsey, co-founder and former CEO of Twitter, fell victim to a SIM swap attack in 2019.


2. SIM Cloning

Although less common, SIM cloning involves gaining physical access to a SIM card and using a SIM card reader to duplicate the data. Once the copied SIM card is used in a new smartphone, it will automatically render the old card useless. SIM card writers are entirely legal and can be found relatively cheaply online.

If the hackers aren't able to verify information with phone companies, they may attempt to use social engineering to get you to send in your SIM card. They may pretend to be from tech support and use excuses like you need to send your phone in for repair. In some cases, expert hackers may try to steal your phone and clone the SIM card in public in under five minutes.

3. Simjacker

Simjacker is a security vulnerability that was recently discovered in 2019. This attack sends a series of STK (SIM Application Toolkit) commands in the form of SMS messages to the victims. Once opened, the hackers can use spyware-like codes to track calls, texts, and even geolocation.

Simjacker takes advantage of the S@T Browser, an application located within the SIM Toolkit that comes preloaded on many SIM cards. The S@T browser provides an environment for the STK commands to execute and ultimately track user data.

Over a billion SIM cards worldwide in an estimated 30 countries still contain this vulnerability, which means that there is still a significant risk of individuals getting hacked.

How To Tell If Your SIM Card Was Hacked

If you suspect that your SIM card was recently hacked, here are some signs that you may want to look out for:

  • Not receiving any calls or texts - If your card has been successfully cloned or swapped, the one in your possession will be deactivated. A SIM card can only link to one phone number at a time.
  • Request to restart your phone - One important thing to note is that once a SIM card has been hacked, the hackers can only activate it once the original SIM card goes offline. If you receive one of these messages, call your phone provider immediately to check if any SIM card ports were authorized recently. Do NOT restart your phone.
  • Wrong location - Many phones today have a "Find My Device" feature, allowing you to see your phone's most recent location. Because the location is linked to the SIM card, if you notice a different location, it could be a sign you were probably hacked.
  • Can't access accounts - One of the easiest ways to tell that you've been hacked is when you are locked out of all of your accounts. Because any authentication message was most likely sent to the new SIM card, the hackers were able to change the passwords to lock you out.
  • Suspicious account activity - Although your device may no longer receive calls or texts, you may still be getting the phone bill. Take a look at the phone records from your service provider and see if there are any unknown numbers. There may also be excessive data usage or subscriptions tied to your account.

How To Protect Yourself From Getting Hacked

Even as the world moves towards stronger cybersecurity practices, SIM card hacking may become more prevalent. Authentication processes are no longer as secure (although still necessary), so here are a few things you can do to protect yourself from becoming a victim of SIM attacks.

  • Never give out personal information
  • Don't click on suspicious links (also a malware risk)
  • Don't open messages from unrecognized numbers
  • Remove your number from online accounts (if possible)
  • Don't leave your phone unattended while out in public
  • Always create a passcode for your SIM card
  • Use an authentication app

What To Do If Your SIM Card Was Hacked

After confirming that you've been hacked, the first thing you need to do is call your phone service provider immediately. Explain to them that your SIM card was illegally swapped or cloned and request immediate deactivation of the new SIM card. If possible, provide proof of location, unverified bank transactions, or suspicious account activity.

If any other accounts have been affected, report them to the respective institutions. Make sure to reset the passwords to as many accounts as you can, even for the ones that weren't affected directly.

If your Social Security Number (SSN) has also been stolen, call the Social Security Administration (1-800-772-1213). You may need to put a credit freeze on your accounts to get fraud alerts on suspicious transactions.

Ready to see
UpGuard in action?

Ready to save time and streamline your trust management process?