SIM Swap Attack
Hijacking your phone number to intercept SMS codes and reset your accounts — why texting is the weakest 2FA.
In a SIM swap, an attacker convinces (or bribes) a mobile carrier to port your number to their SIM. Your phone goes dead; theirs now receives your calls and SMS — including one-time codes and account-recovery texts. From there, email and exchange accounts fall in sequence. Crypto holders are prime targets because losses are instant and irreversible.
Defenses: remove your phone number as a recovery/2FA method wherever possible, use app-based or hardware 2FA instead of SMS, set a carrier port-out PIN, and treat sudden loss of signal as an incident — check email and exchange access immediately. High-value targets often keep a separate, unpublished number solely for financial accounts.