Mobile fraud alert in Australia: How scammers take over your phone number

A new scam alert from Australia’s communications regulator and Scamwatch warns about a growing risk: mobile fraud that can take over your phone number.

As more services rely on phone numbers for security, scammers are targeting this single point of access. It’s faster than hacking individual accounts, and often harder to detect until it’s too late.

Anyone with a mobile phone can be targeted, especially if their data has been exposed in a breach, passwords are reused, or email security is weak.

Key takeaways:

• Mobile fraud lets scammers take control of your phone number
• Once inside, they can reset passwords and access your accounts
• Banks, myGov, and email accounts are common targets
• Sudden loss of signal or unexpected codes are major warning signs
• Acting fast can prevent serious financial and identity damage

What is mobile phone fraud?

Mobile phone fraud happens when a scammer gains control of your phone number or makes unauthorized changes to your mobile account. This is often done through tactics like SIM swapping or account takeovers. Once they succeed, they can receive your verification codes, reset passwords, and lock you out of your own accounts.

In simple terms, they turn your phone number into their access key to all your accounts.

Why scammers target your phone number

Most online services use your phone number as a second layer of security. That includes banking apps, government services like myGov, email accounts, subscription platforms, and even loyalty programs. With control of your number, scammers can bypass these protections in minutes. What starts as a single breach can quickly turn into a chain reaction, giving access to multiple accounts.

A compromised email account, a phishing message, or leaked data from a breach can give scammers just enough information to impersonate you. From there, they contact your mobile provider and request changes, such as transferring your number to a new SIM or modifying your account details. Because they already have pieces of your personal information, these requests can look convincing.

Related: What to Do If Scammers Have Your Phone Number

 Warning signs you shouldn’t ignore

Mobile fraud often shows subtle warning signs before serious damage happens.

Watch for:

• Unexpected alerts about changes to your mobile account
• Verification codes you didn’t request
• Password reset emails you didn’t initiate
• Login attempts from unknown devices
• Your phone suddenly losing signal or switching to “SOS only”

That last one is especially important. If your phone stops working without explanation, it could mean your number has been transferred.

Related: How to check if a phone number is a scam

What to do if you’ve been targeted

If you notice any of the warning signs, acting quickly can limit the damage.

• Start by contacting your bank immediately. This helps stop any unauthorized transactions as early as possible.
• Then call your mobile provider using an official number—not one from a message or email—and explain what’s happening.
• Ask them to secure your number by placing a lock or port freeze on your SIM. This can prevent further changes or transfers.

After that, focus on securing your accounts:

• Change passwords on all your accounts, starting with email and banking
• Enable or review multi-factor authentication
• Check your accounts for unusual activity
• Monitor transactions closely in the following days

If your personal details may have been exposed, services like IDCARE can guide you through the next steps and help you recover safely.

Related: 8 most common scams targeting senior Australians in 2025

How to protect yourself against mobile fraud

Start with how you handle messages. Be cautious with anything unexpected—don’t click links, download attachments, or install apps you weren’t expecting, even if the message looks familiar.

Take a moment to verify who you’re dealing with. If someone claims to be your telecom provider, don’t rely on the contact details in the message. Call them back using the number on their official website or your bill.

Strengthen your accounts wherever you can. Use strong, unique passwords for each service and update them regularly. Adding multi-factor authentication gives you an extra layer of protection, especially when it doesn’t rely only on SMS.

Be mindful of your personal data. Avoid sharing ID documents unless absolutely necessary. Delete emails that contain sensitive information so they can’t be accessed later if your account is compromised.

Related: 5 Scams Australians Are Likely to Face in 2026 — and How to Prepare

Protect your phone from phishing attempts and scams. Bitdefender Mobile Security can block phishing links, malicious websites, and scam attempts before they reach you—including those sent through messages or social media.  It’s available for both iOS and Android devices.

If you’re unsure about a link, you can check it with Bitdefender Link Checker or get a second opinion from Bitdefender Scamio for free.

FAQs

Can someone really access my bank account through my phone number?

Yes. If they control your number, they can receive verification codes and reset passwords for accounts linked to it.

Can mobile fraud happen without me clicking anything?

Yes. In many cases, scammers use data from breaches or impersonation tactics to convince your mobile provider to transfer your number without your direct action.

What is SIM swapping?

It’s when a scammer transfers your phone number to a SIM card they control, usually by tricking your mobile provider.

Is multi-factor authentication still safe?

Yes, but app-based authentication (instead of SMS) is generally more secure.

What should I do if my phone suddenly has no signal?

Contact your mobile provider immediately. This could be a sign your number has been taken over.