A SIM Swap Scam or SIM Cloning Scam exploits a vulnerability in a two-factor authentication (2FA) system that relies on SMS messages for verification codes, where attackers aim to gain control of the victim’s mobile phone number by convincing the victim’s mobile carrier to transfer the number to a new SIM card under the attacker’s control. The attacker typically initiates the scam by acquiring the victim’s personal information, including their phone number, which can be obtained through various means, such as data breaches, social engineering attacks (e.g., phishing emails or smishing attacks), or by purchasing the information on the dark web.
Source: GBHackers