SIM swap fraud is far from being a rarity in Latin America. In fact, it has become a threat within a constantly evolving digital fraud ecosystem. It has ceased to be an isolated technique used against specific targets and has become a link in broader attack chains. Nevertheless, it continues to be underestimated.
SIM swapping is an attack in which criminals impersonate victims and deceive mobile network operators by transferring that person's phone number to a SIM card under their control.
Among other risks, mobile identity theft enables access to financial accounts and digital services. In other words, SIM swap is usually not the final objective, but rather the step that precedes an account takeover (ATO): the unauthorized control of bank accounts, digital wallets, social media accounts, or corporate services.
Obsolete security architectures, which still treat a phone number as definitive proof of identity, are a major factor behind the persistence of this threat. For years, a mobile number has been considered a trusted element for identity verification, even though it technically only confirms temporary control of a phone line.
When that identity can be transferred through a SIM swap, OTP codes and other authentication mechanisms become exposed. Attackers can directly receive access codes sent via SMS, reset passwords, and move forward with account takeover attacks.
Social engineering fraud attempts targeting banks in Latin America increased by 155% in 2025, in an environment where impersonation techniques and vulnerabilities associated with mobile channels facilitate the execution of account takeover attacks.
In the United Kingdom, CIFAS reported a 1,055% increase in SIM swap cases in 2024.
Meanwhile, the FBI recorded SIM swap losses totaling US$25,983,946 in 2024, stemming from 982 complaints. This represented a decrease compared to US$48.8 million in 2023 and US$72.7 million in 2022. Among the factors that may have contributed to this decline is the FCC's SIM swap regulation.
%20foto1.jpg)
As mobile identity becomes a primary authentication method, SIM swap fraud may create increasing challenges. Today, this threat no longer depends exclusively on highly specialized groups, as the availability of automated tools and more convincing social engineering techniques facilitates the execution of attacks.
SIM swap fraud not only causes financial losses for users. It also results in loss of trust, support costs, and compliance challenges, as regulations are becoming increasingly stringent regarding authentication, fraud prevention, digital identity protection, and data protection.
How can organizations protect themselves against this threat?
By integrating standardized APIs, banking and fintech applications can connect to mobile operator networks and incorporate real-time verification capabilities. These capabilities significantly strengthen security without harming the user experience.
In this way, the evolution consists of moving from blindly trusting a phone number to verifying in real time whether a phone line has undergone a recent SIM change before authorizing a critical transaction.
At Plusmo, we work to strengthen organizations' business operations through digital identity protection solutions such as the SIM Swap API. This tool makes it possible to identify risks associated with SIM swaps and add an additional layer of security against one of the most difficult fraud techniques to detect.
