The quiet moment that signals a takeover. Your phone, which contains your whole life, goes silent. No bars. No calls. No texts. Most of us shrug and assume a glitch. That pause is often the first and only early warning. By the time people ring their carrier from another device, resets are already racing through email, banking, trading, and messaging.
Across the UK, SIM swap attacks have moved from a fringe threat to a mainstream problem. Cifas reports a 1,055 percent surge in unauthorized SIM swaps in 2024, with nearly 3,000 cases filed to the National Fraud Database.
I spoke with Paul Weathersby, Chief Product Officer for Identity and Fraud at Experian UK and Ireland, to discuss what is driving this latest threat.
Key Takeaways
SIM swap fraud surged 1,055% in the UK, hitting nearly 3,000 reported cases.
Attackers exploit SMS-based authentication, treating phone numbers as master keys for account access.
eSIM provisioning accelerates takeovers, reducing friction between social engineering and account compromise.
NCSC and police urge users to treat sudden service loss as an urgent security event.
Experts recommend moving from SMS codes to passkeys, app prompts, and multi-layered authentication.
What Is SIM Swap Fraud?
SIM swapping refers to the transfer of a mobile service from one SIM to another. Fraudsters identify a target and contact their victim's mobile operator to request that they move their number to a SIM card they possess.
If your number has been hacked, criminals will gain access to any two-factor authentication (2FA) texts and begin resetting your accounts.
As an end-user, you can take measures to decrease vulnerability by protecting personal information:
Do not share your PIN with your carrier.
Carry a mobile app security profile with biometric capabilities.
Limit the amount of personal information you share on social media to reduce your risk.
Keep up-to-date bank accounts and credit reports for any unusual activity.
🚨 @Experian warns: Unauthorized SIM swaps are up 1000%. Fraudsters hijack your number, bypass SMS authentication, and take over accounts.
— Neil C. Hughes (@NeilCHughes) September 29, 2025
If your phone suddenly loses service, treat it as a red flag.🎙️ Full episode: https://t.co/eU6Blfs1Rz pic.twitter.com/HruUhUhvl8
Why Do They Bother?
Experian's Paul Weathersby put it plainly: "They do this because a lot of the authentication systems rely on receiving an SMS message to verify the identity of the individual."
He added an important detail that explains the scale: "They seem to already have partial access to a different account, which then requires the phone."
The tactic is organized rather than random. Attackers map numbers to valuable accounts, then approach the mobile operator they believe they can persuade.
"What appears to be happening behind the scenes is whether using artificial intelligence (AI) or general automation or not, but certainly they appear to be very well coordinated," Weathersby stated.
Why Is the Spike Happening Now?
Identity fraud in the telecom sector has increased by 87%.
Facility takeovers increased by 76%, with 48% tied to mobile accounts.
These are not one-off outliers. They reflect repeatable playbooks that move through call centers and online flows.
Experian's own analysis shows the backdrop. The number of UK businesses reporting AI-related fraud increased from 23% to 35% within a year. This jump mirrors what frontline teams are seeing: document forgeries that appear clean, phishing that mimics brand copy, synthetic identities constructed from leaked data, and machine-generated filler. Attackers increase both volume and quality simultaneously.
Paul Weathersby described the effect of these tools with everyday clarity:
"We're finding it's now harder to prevent attacks using documents because of the ease of using AI within documents."
He also called out voice risk:
"AI can replicate someone's voice, so getting a small signature of a person talking can then be used to replicate the voice and potentially get around some of those verification mechanisms."
Older adults are being struck, with those 61 and over now accounting for 29% of takeovers. The numbers tell a simple story. Phone numbers are treated like master keys across the internet, and organized crews know it.
The National Cyber Security Center (NCSC) has warned that SMS codes should not be used to secure critical processes. While convenient, text messages can be intercepted and hacked.
When a phone drops off the network without explanation, treat it as a priority event. Police forces across the UK have issued clear notices this year that sudden loss of service and unexpected SIM or PAC notifications require urgent action. Speed matters because resets cascade quickly once an attacker controls the number.
eSIM Made the Handover Faster
eSIM has turned provisioning into software. "If the hacker can gain access to the mobile operator and convince them that they are the account holder, whether it's on a physical SIM or an eSIM, then the process is similar," Weathersby said.
An eSIM profile can be delivered over the air by an operator's SM-DP+ system, often via a QR-based activation flow. That is great for legitimate customers who have lost a device or upgraded mid-journey. But GSMA warns that it also shortens the window between a convincing social-engineering call and a live takeover.
This speed is why a sudden loss of service needs immediate escalation. Consumer guidance and police notices are consistent on the basic steps because those steps work.
So, how to prevent SIM swapping?
Call your provider from another device using an official number
Ask whether a SIM change or port-out request has been made.
Lock down banking and email while the number is recovered.
Keep a written record of the timeline for any later claim or complaint.
📱 Scam Interceptors’ @staplenick investigates eSIM swap fraud. Scammers can hijack your phone to access calls, texts and even bank accounts.
— BBC Morning Live (@BBCMorningLive) June 2, 2025
He meets one couple whose holiday was ruined, and shares tips to stay safe online.
📺 Watch in full👉 https://t.co/voAfIoeRaZ pic.twitter.com/9fiRjQBgzp
The Dangers of SMS codes
SMS codes seem safe because they use a code, but the code travels over a channel that is easy to redirect.
The NCSC's guidance for high-risk individuals emphasizes key factors essential for adequate SIM protection. App-based prompts and hardware keys tie login to a cryptographic secret on a device rather than a phone number. That shift removes the most significant incentive to steal your number.
Security teams across banks and fintechs are making the same move for sensitive actions.
Passkeys and authenticator prompts reduce exposure to number-based resets, and they complement well with device risk checks and geolocation heuristics that flag unusual behavior.
Consumer publications now echo that advice in plain language, nudging readers to switch high-value accounts away from text messages where possible.
Paul Weathersby's operational advice lines up with that: "A multi-layered authentication strategy is certainly necessary."
He argues for adaptive controls that respond to live risk:
"You might, for example, do a primary first-level scan, which could be a check to see whether the SIM within the mobile number that the customer presents has actually changed service recently."
🚨 The biggest lie you’ve been told about two-factor authentication?
— Haseeb Awan - efani.com (@haseeb) September 22, 2025
That it’s secure if it uses SMS.
Here’s the truth: SMS-based 2FA is one of the weakest forms of protection today.
If a hacker gets control of your phone number through a SIM swap - they instantly get access… pic.twitter.com/8L2arz0usP
What Banks & Telcos Are Changing
Defences are improving in ways that are practical rather than flashy. On the fraud side, Weathersby sees gains from model quality, document forensics, selfie liveness, and better triage that reduces manual workload. He said:
"If you can stop things getting through the front door, and, you know, effectively stop the fraud earlier, it allows you to reduce the cost of investigations, which in this higher-volume scenario is really starting to make a difference."
He also supported cross-industry sharing and graph analysis to identify patterns rather than isolated cases.
On the telecoms side, Ofcom has been tightening rules on caller ID, with decisions in 2024 to extend blocking to international calls that present a UK number, and a 2025 consultation to deal specifically with incoming calls that spoof UK mobile numbers.
What to Watch For & How to Respond
Most victims describe the same pattern. A phone drops off the network. Emails about SIM activation or account changes arrive. Password reset emails start landing. Police guidance frames these as warning signs that deserve immediate attention rather than a shrug and a reboot.
SiM swap fraud prevention can be as simple as moving your banking and email to app prompts or passkeys, setting a memorable customer service password with your carrier if offered, and prioritizing addressing unexpected service loss.
If an incident occurs, contact the provider from a different phone, alert banks, and log everything. Those SIM swap protection steps are intentionally simple, and they shorten the window during which attackers can move money or seize accounts.
Weathersby offered one line that everyone should keep handy:
"If your mobile phone service stops working, that should be a priority to rectify it because it can mean your other accounts are vulnerable."
That is the quiet alarm many people miss in the moment.
Where the Fight Goes Next
Weathersby was also direct about the bigger picture.
"We're in the middle of an arms race, and it's got no indication that it's going to slow down anytime soon," he said.
Attackers are becoming increasingly adept at identifying vulnerabilities in onboarding and customer-service processes. Defenders are becoming faster at rolling out adaptive checks that look for SIM changes, device reputation, and behavioral oddities in real-time.
The Bottom Line
SIM swap fraud is growing because phone numbers still unlock far too much, and a cultural shift is also underway. For years, people were taught that a text code on a phone equals safety. That habit runs deep. The transition to cryptographic factors will take time, and during that period, attackers will continue to exploit the existing gap.
Honest communication helps here. When banks and telcos explain why some prompts have changed and why text codes are being retired, customers will be informed with steps to avoid becoming just another SIM swap victim.
Listen to the full conversation below:
FAQs
How to tell if you've been SIM-swapped?
One of the first signs of being a victim of a SIM swap scam is when your phone suddenly loses service. Your calls and texts will stop coming through. You may also get alerts about account changes or password resets you didn't request.
Can you protect yourself from SIM swapping?
Yes. Use app-based authentication instead of SMS codes, set a carrier PIN or password, and act fast if your phone loses service unexpectedly.
Can someone steal your info with a SIM card?
Yes. If criminals control your SIM, they can intercept texts and calls to reset passwords and access your accounts. The SIM doesn't store your data, but it provides access to it.