Privacy Virtual Cards
Spending Limits

Set a spending limit and Privacy will decline any transactions that go over the limit

Merchant-Locked Cards

Lock Privacy Cards to the first merchant they’re used at to prevent misuse if stolen

Single-Use Cards

Create Privacy Cards that close automatically after the first purchase is made on them

Pause/Close Cards

Pause or close your Privacy Cards at any time to block future transaction attempts

SIM Swap Scam—What It Is and How To Keep Your Payment Information Safe

Reviewed by
Apr 24, 2025
 • 
10
 Min Read
Protect Your Payments

Your mobile number is more than just a way to stay connected—it’s a gateway to your digital identity. And when that number falls into the wrong hands, consequences can be severe. In 2023 alone, SIM swap scams resulted in over $48 million in losses across 1,075 complaints made to the FBI’s Internet Crime Complaint Center[1].

To help you avoid falling prey to a SIM swap scam and safeguard your personal and payment information, we’ve covered everything you need to know about these scams—from how they work to how you can recognize the warning signs and reduce the risk of becoming a target. 

You’ll also learn how using virtual cards can help you reduce the risk of payment fraud and add an extra layer of security to your online transactions.

What Is a SIM Swap Scam?

A SIM swap scam is a form of fraud where an attacker deceives your mobile carrier into transferring your phone number to a SIM card they control. Once they gain access to your number, they can intercept sensitive communications—most importantly, one-time passwords (OTPs) sent via text to authorize card transactions or account logins. 

A close-up shot of a person holding a gold credit card in one hand and a smartphone in the other
Source: Tima Miroshnichenko

This access might allow fraudsters to reset passwords, log into your banking or shopping accounts, steal your card details, and make unauthorized card transactions—all while you’re locked out of your phone and wondering why your signal suddenly dropped.

How Does the SIM Swap Scam Work?

SIM swap scams don’t rely on technical hacking. Instead, fraudsters manipulate the systems we use every day to carefully orchestrate attacks that exploit the link between your mobile number and your online identity.

Here’s how the scam is typically carried out:

  1. Collecting your personal information—Scammers may start by gathering your personal information from leaked data sold on the dark web or your social media accounts. In some cases, they go a step further and reach out to you directly through phishing emails, messages, or phone calls (vishing) designed to trick you into revealing sensitive details.
  2. Impersonating you to your mobile carrier—The fraudster usually impersonates you and contacts your mobile service provider, claiming that your SIM card has been lost or damaged and requesting that the number be transferred to a card in their possession. Thanks to the data they’ve already extracted, they may be able to answer your security questions and get the request approved. 
  3. Gaining control of your accounts—At this point, the scammer effectively takes over your phone number. They may begin intercepting your calls and text messages, including any OTPs or authentication codes sent by your bank, retailers, or other service providers.

How To Detect a SIM Swap Scam

A photo featuring imitation paper currency with wooden letter blocks placed on top, spelling out the word “scam”
Source: Tara Winstead

SIM swap scams can happen quickly and quietly, often before you even realize anything’s wrong. 

Watch out for these warning signs:

Warning Sign What It Means
Sudden loss of mobile service An unexplained drop in mobile service—such as the inability to make calls, send texts, or use mobile data—can signal that your number has been transferred to a new SIM without your knowledge.
Notifications of SIM or account change Alerts from your mobile provider about SIM card activations or changes to your account that you didn’t request are a red flag.
Inability to access accounts If you find yourself locked out of your accounts or notice your passwords have been changed, it could mean a fraudster is using your phone number to bypass SMS-based two-factor authentication.
Unauthorized transaction or activity Fraudsters may use a hijacked number to access banking or credit accounts, leading to unauthorized purchases or fund transfers.
Alerts from other services Notifications from banks, credit card companies, or other services about account- or service-related changes or login attempts can indicate that your number is being used to gain unauthorized access.


If you miss these warning signs, SIM swap scams can escalate fast. Take the case of the SIM swap Bank of America scam as an example. In 2024, a Bank of America customer from California suddenly lost cell service and soon discovered that $38,000 had been stolen from his account[2]. In another case, a woman reported being locked out of her mobile and banking accounts after receiving a suspicious purchase alert—$17,000 was gone before she could act[3].

Consequences of Falling Victim to a SIM Swap Scam

SIM swap fraud doesn’t just disrupt your phone service—it can compromise your finances, your identity, and your peace of mind. Here’s how it can affect you specifically:

  • If scammers act fast and you don’t notice right away, they can drain accounts, make purchases, or steal stored funds before you can respond.
  • Since your phone number is often a gateway to more sensitive data, it could put you at risk of having your identity stolen and misused elsewhere.
  • If fraudulent charges go unpaid or accounts are compromised, it could lead to missed payments or even defaulted accounts.
  • Recovering from SIM swap fraud by disputing the charge often means countless calls to your bank, mobile carrier, and service providers, and the added stress of restoring your digital life.

What Legal Protections Do You Have?

A high-angle shot capturing a person typing on a white keyboard with one hand while holding a payment card in the other
Source: cottonbro studio

Under the Fair Credit Billing Act (FCBA), your liability for unauthorized credit card transactions is limited to $50[4]. However, most major issuers offer zero-liability policies, meaning you likely won’t pay anything out of pocket.

For debit card transactions and electronic transfers, protections under the Electronic Fund Transfer Act (EFTA) vary based on when you report the fraud[5]:

Reporting Timeline Liability
Report before any loss $0
Report loss within two business days Up to $50
Wait more than 60 days Liability could exceed $500


Banks may also have zero-liability policies for debit cards, offering broader protection in cases of unauthorized charges.

How To Prevent SIM Swap Scams

An image showing a woman appearing stressed or overwhelmed as she works on a laptop, hand resting on her forehead
Source: energepic.com

With the right precautions, you can significantly reduce the risk of becoming a victim of SIM swap scams. Here’s how to strengthen your defenses and safeguard your accounts:

  1. Secure your mobile account with a strong password—Contact your mobile carrier to set up an account PIN or passcode, which helps prevent unauthorized SIM swaps (many carriers, such as AT&T[6], offer this feature). See if they offer additional protections like port-out verification or account freeze features. 
  2. Use a password manager for better security—You can also use a password manager like LastPass, 1Password, or Bitwarden to generate and store passwords.
  3. Use an app-based authenticator—Avoid SMS-based two-factor authentication where possible. Instead, use authentication apps like Google Authenticator or Authy, which generate secure codes on your device that aren’t tied to your phone number.
  4. Limit personal information online—Review your social media profiles and remove personal details that scammers could use to impersonate you. Even seemingly harmless facts like your high school or your pet’s name can be useful in answering security questions.
  5. Monitor your mobile service and accounts—Watch out for suspicious activity on your mobile service and banking accounts. If anything seems out of place, contact your carrier and financial institutions to report it.

Using Virtual Cards for Securing Your Real Account Info

To strengthen your SIM swap scam protection, consider using virtual cards for online transactions. These cards generate random card numbers, expiration dates, and CVVs that act as a secure substitute for your real payment information. If your account with a merchant is compromised after a SIM swap scam, only the virtual card details are exposed—keeping your actual account safe.

While some banks like Citi and Capital One offer virtual cards, they’re typically limited to existing bank account holders. A dedicated provider like Privacy offers greater flexibility, allowing you to generate and manage virtual cards without having to open accounts with any specific bank.

Add a Layer of Security to Your Payments With Privacy Virtual Cards

Privacy is a BBB-accredited virtual card provider trusted by over 250,000 Americans. Once you securely link your bank account or debit card to it, Privacy lets you generate multiple virtual cards for one-off or recurring payments, which gives you greater control, flexibility, and security every time you pay online. 

The table below outlines the three types of Privacy cards you can choose from:

Privacy Card Type Description
Single-Use The card automatically closes shortly after its first successful transaction. If the card details are exposed, they can’t be reused, making this card ideal for purchases on unfamiliar websites.
Merchant-Locked This card “locks” to the first merchant you use it with, making it ideal for subscriptions or recurring payments. Transactions with other vendors will be declined.
Category-Locked This card “ties” to a specific merchant category, such as groceries, retail, or education. This helps you manage your spending and maintain better control over your budget. Charges from outside the selected category are automatically declined.

Privacy also lets you set customizable controls on your cards to help you stay in charge of your spending:

  • Spending limits—Set a maximum charge amount for each card to help reduce the risk of billing errors like overcharges, duplicate charges, or hidden fees. Any transaction that exceeds the limit is automatically declined.

Standout Features of Privacy Virtual Cards

Whether you’re shopping on your laptop or managing your finances on the go, Privacy helps you save time and stay organized with these convenient features:

  • Privacy Browser Extension—Available for Firefox, Edge, Chrome, Safari, and Safari for iOS, the extension autofills your Privacy Card details at checkout for a faster, smoother payment experience.
  • Mobile app—The Privacy App (available for Android or iOS) lets you generate and manage virtual cards from your phone. It also sends real-time notifications for every charge or decline, so you can act quickly if something looks off.
  • 1Password integration—Securely store and manage your Privacy Cards alongside your passwords within the 1Password browser extension.
  • Card Notes—Add custom notes to each card, like the merchant name or next billing date, for easier tracking and organization.
  • Shared Cards—Share virtual card details with trusted friends or family members without ever exposing your real payment information.

Getting Your First Privacy Card

To sign up for Privacy, you must be a U.S. resident, 18 years old or above, and have a valid checking account at a U.S. bank or credit union. If you meet these requirements, getting started is quick and simple. Just follow these four steps:

  1. Create your Privacy account
  2. Complete identity verification by submitting the required KYC information
  3. Connect a funding source, such as a debit card or bank account
  4. Generate your first Privacy Virtual Card

Privacy offers four monthly plans, detailed in the table below:

Plan Cost per Month Number of New Virtual Cards per Month
Personal Free for domestic transactions 12
Plus $5 24
Pro $10 36
Premium $25 60


With the Personal plan, you can generate both Single-Use and Merchant-Locked Cards, set spending limits, pause and close cards, and manage everything easily through the mobile app and browser extension.

If you need more cards and additional features, you can upgrade to the Plus, Pro, or Premium plans and get access to:

  • Category-Locked Cards
  • Fee-free international transactions
  • Shared Cards
  • Card Notes 
  • Priority support and Live Chat, available Monday to Friday, 9 a.m. to 5 p.m. ET
  • 1% cashback on eligible purchases (up to $4,500 in spending per month)

References

[1] Internet Crime Complaint Center. https://www.ic3.gov/AnnualReport/Reports/2023_IC3Report.pdf, sourced April 3, 2025
[2] Yahoo Finance. https://finance.yahoo.com/news/california-man-says-lost-38-184500361.html, sourced April 16, 2025
[3] WJLA. https://wjla.com/features/i-team/scams-verizon-bank-of-america-two-factor-step-authentication-cell-phone-sim-card-swap-criminals-crime-hackers-money-iphone-5g-service, sourced April 3, 2025
[4] Federal Trade Commission. https://consumer.ftc.gov/articles/using-credit-cards-and-disputing-charges, sourced April 3, 2025
[5]Federal Trade Commission. https://consumer.ftc.gov/articles/lost-or-stolen-credit-atm-and-debit-cards, sourced April 3, 2025
[6] AT&T. https://about.att.com/pages/cyberaware/ae/account-protection, sourced April 16, 2025

Privacy — Seamless & Secure Online Card Payments
Sign Up