Skip to main content
    Back to Guides

    What to Do If Your Phone Number Is Stolen (SIM Swap Recovery)

    GetCyberRight TeamMarch 27, 20264 min read
    SIM swap recovery
    phone number stolen
    account recovery
    identity theft response
    emergency security

    If your phone suddenly loses service and you suspect a SIM swap attack, every minute counts. This is your emergency response guide.

    How to Recognize a SIM Swap Attack

    A SIM swap is happening if:

    • Your phone shows "No Service," "SOS Only," or "Emergency Calls Only" without a known carrier outage
    • You cannot make calls or send texts
    • You receive emails about password resets you did not request
    • Your bank sends transaction alerts for activity you did not authorize

    Do not assume it is a temporary outage. If your phone loses service unexpectedly and you cannot explain why, treat it as a SIM swap until proven otherwise.

    The First 30 Minutes: Critical Actions

    1. Call Your Carrier Immediately (From Another Phone)

    This is the single most important step. Call from a family member's phone, a landline, or a neighbor's phone.

    • AT&T: 1-800-331-0500
    • Verizon: 1-800-922-0204
    • T-Mobile: 1-800-937-8997

    Tell them: "I believe my number has been SIM swapped without my authorization. I need the change reversed immediately and a temporary lock placed on my account."

    2. Change Your Email Password

    From a secure device (a computer, not the affected phone), change your primary email password immediately. Your email is the key to resetting all other passwords.

    3. Change Your Bank Password

    Log into your bank from a secure device and change your password. If possible, freeze your accounts temporarily through the bank's app or by calling.

    4. Lock Your Cryptocurrency Accounts

    If you hold cryptocurrency, lock or freeze those accounts immediately. Crypto transactions are irreversible.

    The First 24 Hours: Securing Everything

    Change Passwords on Critical Accounts

    Work through accounts in this priority order:

    1. Primary email (Gmail, Outlook, iCloud)
    2. Banking and financial accounts
    3. Cryptocurrency exchanges
    4. Secondary email accounts
    5. Social media accounts
    6. Shopping accounts (Amazon, PayPal)
    7. Any account that used SMS 2FA

    Switch All Accounts Away From SMS 2FA

    As you change each password, switch from SMS-based two-factor authentication to an authenticator app (Google Authenticator, Authy) or a hardware key.

    Check for Email Forwarding Rules

    Attackers often set up email forwarding to copy your messages to their address. Check your email settings for any forwarding rules you did not create.

    Review Bank and Financial Statements

    Look for unauthorized transactions. Report any you find to your bank immediately.

    Recovery and Reporting

    File Reports

    1. FBI IC3: Report at ic3.gov. SIM swapping is a federal crime.
    2. Local police: File a police report. You may need this for bank claims.
    3. FTC: Report at identitytheft.gov if identity theft occurred.
    4. Credit bureaus: Place a fraud alert with Equifax (1-800-525-6285), Experian (1-888-397-3742), and TransUnion (1-800-680-7289).

    Contact Your Bank

    Provide your bank with the FBI IC3 report number and police report number. Request a review of all transactions during the period your number was compromised.

    Document Everything

    Keep records of:

    • The exact time you lost phone service
    • All fraudulent transactions
    • All report numbers (FBI, police, carrier)
    • Screenshots of unauthorized account activity
    • Communications with your carrier about the incident

    Preventing Future Attacks

    After recovery, take these steps to prevent another attack:

    1. Set a carrier PIN: Require a PIN for any account changes
    2. Enable number transfer lock: Prevent unauthorized port-out requests
    3. Switch to authenticator apps: Remove SMS as a 2FA option on all accounts
    4. Use hardware security keys: For your most valuable accounts (email, banking)
    5. Remove personal data: Use our Data Shield tool to find and remove personal information from data brokers that attackers use for social engineering
    6. Monitor regularly: Watch for unexpected service interruptions

    A SIM swap attack is stressful, but acting quickly can prevent most of the damage. Keep this guide bookmarked and share it with family members so everyone knows what to do in an emergency.

    Frequently Asked Questions

    Got a suspicious link, email, or text?

    Run it through our free Scam Guard before you click or reply.

    Check a suspicious link now