hijacking sim card

Archangel

Hi. I’ve been hearing about scams involving criminals hijacking somebody’s SIM card and gaining access to that person’s telephone number, thereby giving access to 2FA authorization and access to bank accounts and more.

My wife and I still have physical SIM cards so I hope for now that this would make it more difficult for a criminal to steal one of our numbers. Or would it??? Could they call Sunrise and convince the help-desk that they are us, and then get Sunrise to send them an e-SIM? If so, that could be done in a matter of a few minutes. So my questions are a) is this possible if they know enough about us and b) if so, is there a way for me to more securely lock our current SIM cards so that the numbers can’t easily be transferred to some other device? Thanks very much for any answers… Mike

maxell182

Hi Archangel

normally, this should not happen because you have to identify yourself when you call sunrise via phone.

If a person have some private infos about you, it technically could happen.

so for A)
Yes it is possible (with enough private information about you)
B)
Don’t post any private information about you to the public.
Change your passwords on a regular basis
and so on

eg in this forum there are many posts where the posting person
states mobilenumber, account id, address and name….
you see, with this info provided its a matter of time for one to get an e-sim…

to calm you down a little.
If this would happen it normally happes due to a databreach somewhere, where private info is leaked in a big way.
For you to become a single target would be very unlikely

br
maxell182

Daniele_Sunrise

Archangel Welcome to the community!

Thanks for your thoughtful question – you’re absolutely right to be aware of SIM‑swap fraud, as it’s a real threat and criminals do actively try to exploit it.

A few important points to clarify:

Physical SIM vs. eSIM
Having a physical SIM does not automatically make a SIM swap impossible. In most cases, SIM‑swap fraud does not happen by physically stealing a SIM card, but by social engineering – meaning someone tries to convince a mobile operator to transfer a number to another SIM or eSIM.

Could someone call Sunrise and request an eSIM?
In general, a SIM or eSIM replacement cannot be done just “within minutes” without proper verification. Any SIM change request goes through identity and security checks. Simply knowing a name or phone number is not sufficient.

That said, no system is 100% immune if a criminal has gathered a lot of personal information, which is why additional protection is always recommended.

How you can better protect your number
There are a few effective steps you can take:

Make sure your customer account (e.g. online account) is well protected with a strong, unique password.
Avoid using SMS-based 2FA alone for critical services like banking if alternatives are available (e.g. authenticator apps or hardware keys).
Be cautious with sharing personal information publicly or on social media.

The good news
SIM‑swap fraud is taken very seriously, and operators continuously improve their processes to prevent exactly these scenarios. Physical SIMs are not “unsafe”, and moving to an eSIM does not automatically increase risk either – the decisive factor is account security and verification, not the SIM format itself.

If you’d like to review or strengthen the security settings on your account, customer support can help you check what options are available.

Thanks again for raising an important topic – staying informed is one of the best protections.

Greetings
Daniele

Archangel

Thanks so much for two really relevant and helpful answers. I understand that it is important to keep my private data safe so that fraudsters do not use it to access my Sunrise account. I am in the process of upgrading my 2FA to use authorization apps rather than SMS or email messages. And I understand that Sunrise tries to verify identity of callers before taking any action. I just hope that Sunrise asks enough questions and good questions to filter out criminals who might be trying to do something nefarious.

Big thanks to both maxell182 and Daniele_Sunrise for the time you took to answer. Archangel

adrianlondon

I had this happen years ago in the UK.

Someone convinced my mobile provider to have a new SIM card sent out, As two SIM cards (eSIM or physical) can’t be active at the same time for the same number, my SIM was deactivated at the time the replacement SIM was requested.

This meant I knew something was up before the fraudster had received the new SIM and hence I rang up and got the new one cancelled and my original one re-activated.

So, if you ever discover your current SIM is deactivated, try to ring up immediately and find out why.

(There were other issues with people living nearby and it was suspected that the fraudster was working for the post office and intercepting mail.)

Archangel

Thanks Adrian. You are right when the situation is physical SIMs. But what if a crook convinces Sunrise that he is me and gets them to issue him an e-SIM. My physical SIM would be dead but he would have a few hours or more to use my number to try to take control of my bank account or other things.

Others who answered stressed how important it is to keep one’s personal info. private, like birth date, etc. Such good advice. If nobody can find much about you, then they can’t impersonate you.

Big thanks to all. I’m very impressed by the great responses.

adrianlondon

Ideally, a mobile company would require ID (the same as when you want a contract in the first place) to get a replacement e/SIM, or they could text the number first so the original owner (if not the person requesting the SIM!) can cancel the request.

I’ve not read anything here about SIM fraud (not that Sunrise would publicise this. of course, but users would!) so hopefully this is extremely rare.

Of course, another and better fix would be for companies to stop using text messages for 2FA, but we’re a long way from that happening.