SIM Card Swap

An adversary could convince the mobile network operator (e.g. through social networking, forged identification, or insider attacks performed by trusted employees) to issue a new SIM card and associate it with an existing phone number and account [1] [2]. The adversary could then obtain SMS messages or hijack phone calls intended for someone else [3].

One use case is intercepting authentication messages or phone calls to obtain illicit access to online banking or other online accounts, as many online services allow account password resets by sending an authentication code over SMS to a phone number associated with the account [4] [5][6][7].

ID: T1451
Sub-techniques:  No sub-techniques
Tactic Type: Without Adversary Device Access
Tactic: Network Effects
Platforms: Android, iOS
Version: 1.1
Created: 25 October 2017
Last Modified: 03 February 2019


This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.