SIM swap attacks have become one of the most effective tools criminals use to drain Bitcoin accounts. Unlike phishing emails or malware, a SIM swap doesn't require you to click anything or download anything. The attacker simply convinces your mobile carrier to transfer your phone number to a SIM card they control, and from that moment, every SMS-based security code you receive goes straight to them. For Bitcoin holders, the consequences can be swift and irreversible.
How a SIM swap attack works
The attack begins with reconnaissance. Before calling your carrier, a fraudster will typically gather personal information about you: your full name, date of birth, address, and the last four digits of your identity document. Much of this is sourced from data breaches, social media profiles, or targeted phishing. Armed with enough details, the attacker calls your mobile provider and impersonates you, claiming they've lost their phone or need to upgrade their SIM. If the customer service representative is convinced, they port your number to a new SIM.
Once the swap is complete, the attacker triggers a password reset on your email, your exchange account, or both. The reset code arrives via SMS, but to their phone. Within minutes, they can have full access to your accounts, even if you've set a strong password. Your own phone, meanwhile, loses all signal, which is often the first sign something has gone wrong.
Why Bitcoin holders are prime targets
Cryptocurrency accounts are particularly attractive for SIM swap attackers because transactions are irreversible. With a bank account, fraud can be disputed and funds potentially recalled. With Bitcoin, once a transaction is broadcast to the network, there is no mechanism to claw it back. Attackers know this, and they often move quickly: the gap between gaining access and emptying a wallet can be a matter of minutes.
High-profile cases have involved losses of hundreds of thousands of dollars in Bitcoin, and the victims aren't always inexperienced users. Even people with a solid grasp of Bitcoin security practices have been caught out because they relied on SMS-based two-factor authentication without fully appreciating how vulnerable phone numbers can be as an identity anchor.
Protecting yourself from SIM swap attacks
Switch away from SMS-based 2FA
The most impactful step you can take is to stop using SMS as a second factor for any account connected to your Bitcoin holdings. Authenticator apps such as Google Authenticator or Authy generate time-based codes that live only on your device and are not tied to your phone number. A hardware security key (like a YubiKey) goes even further, requiring physical possession of a device to authenticate. Understanding what two-factor authentication actually does and which methods are genuinely secure is essential before you assume your accounts are protected.
Set a SIM lock or port freeze with your carrier
Most Australian mobile carriers allow you to place a SIM lock or a port-out PIN on your account. This adds a secondary verification step that must be completed in person or via a unique PIN before any SIM change is processed. Contact your carrier directly to ask what options are available. This single step significantly raises the bar for would-be attackers, since it eliminates the most common social engineering route.
Use a separate, private email for crypto accounts
If your email address is publicly linked to your name on social media or business directories, it becomes part of the attacker's attack surface. Consider creating a dedicated email account for your exchange registrations and Bitcoin-related services. Use a provider that supports hardware key login, and never share that email address publicly. The goal is to make it harder to connect your identity to your crypto holdings.
Minimise the amount of Bitcoin held on exchanges
The less Bitcoin you hold on an internet-connected exchange account, the less damage a successful SIM swap can do. Moving the bulk of your holdings into a cold wallet means that even if an attacker gains access to your exchange account, they can only reach what's sitting there. A hardware wallet kept offline and secured by a strong seed phrase is not accessible via an SMS code or a compromised email.
Be cautious about what you share publicly
Social media posts about your Bitcoin investments, the exchanges you use, or even your mobile carrier can give attackers the context they need to mount a convincing impersonation. Operational security (sometimes called opsec) doesn't require paranoia, but it does require discretion. Avoid broadcasting the details of your holdings or the platforms you use, and be selective about the personal information you share online.
What to do if you suspect a SIM swap is happening
If your phone suddenly loses service in an area where you'd normally have coverage, treat it as a potential SIM swap immediately. Call your carrier from another phone and ask them to freeze your account. At the same time, log into any crypto exchange accounts from a device that isn't connected to your phone number, change your passwords, and revoke any active sessions. Speed matters: the faster you react, the less time the attacker has to move funds.
You should also report the incident to your carrier's fraud team and, if funds have been stolen, file a report with the Australian Federal Police and the Australian Cyber Security Centre. While recovery of Bitcoin itself is unlikely, a report creates a paper trail that may help with any insurance claims or civil proceedings.
The bigger picture
SIM swap attacks exploit the gap between how we think about phone security and how mobile carriers actually verify identity. As Bitcoin adoption grows, so does the sophistication of those trying to steal it. Treating your phone number as a secure authentication factor is a mistake that attackers are actively counting on. The good news is that the protective steps are straightforward, and most of them cost nothing to implement. Moving to an authenticator app, setting a SIM lock, and keeping the bulk of your Bitcoin in cold storage removes the conditions that make a SIM swap damaging in the first place.