AT&T’s latest move to curb one of the craftiest—and most damaging—hacks you might never see coming is simple, free … and literally at your fingertips.

Imagine you wake up, check your bank balance, and find it drained. Your email’s been reset. Your crypto wallet? Gone. You didn’t click a malicious link. You didn’t download some sketchy app. Instead, an attacker quietly talked their way into your wireless carrier’s systems, performed a “SIM swap” and hijacked your phone number. From there, they intercepted two‑factor codes, reset passwords, and slipped into your digital life as if they were you.

SIM‑swapping attacks—sometimes called “port‑out” or “SIM hijacking”—have ballooned into a billion‑dollar problem. In 2023 alone, the FBI investigated over 1,075 SIM‑swap cases that led to nearly $50 million in losses.

And it’s not just the unlucky few: the FBI’s Internet Crime Report counted more than 2,000 SIM‑swap victims in 2022, up from barely 320 in the two years prior. Scammers use social engineering—impersonating you, claiming your phone is lost or damaged—to trick carriers into moving your number to a device they control. Once they have it, they can reset bank passwords, divert text‑based two‑factor codes, and lock you out of everything from social accounts to retirement savings.

Major U.S. carriers have recognized the risk and rolled out defensive toggles in recent years:

• T‑Mobile offers “Port Out Protection,” a free layer that halts any unauthorized number transfers unless you expressly disable it in your account settings.
• Verizon has “SIM Protection,” which locks your line against SIM changes and even device upgrades until you turn it off—and then enforces a 15‑minute cool‑down before any change can take place.
• Google Fi likewise provides a “Number Lock” feature that prevents port‑outs without your PIN.

Starting July 1, 2025, AT&T brings its own countermeasure: Wireless Account Lock, a free toggle in the myAT&T app that locks down critical account changes—SIM swaps, number transfers, billing updates, device upgrades, and even modifications to authorized users—until you flip the switch back off.

How to turn on Wireless Account Lock (it takes seconds)

1. Open the myAT&T app on your phone.
2. Tap Services > Mobile Security > Wireless Account Lock.
3. Use the toggle to lock or unlock any postpaid wireless account on your plan.
4. AT&T will email the primary account holder and text every active number on the account to confirm the change.

Only primary and secondary account holders can control this feature—but once enabled, no one can port your number or swap your SIM without explicitly turning it off first, at which point AT&T enforces a short verification step to confirm it’s really you.

Locking your account doesn’t replace good security hygiene—you should still:

• Use unique, strong passwords for all online services.
• Avoid reusing phone numbers as account recovery options when possible.
• Consider hardware‑based two‑factor keys (like YubiKey) for your most critical accounts.

But a carrier‑level lock thwarts one of the most efficient “offline” hacks: once a SIM swap is attempted, you’ll know right away. Most carriers send an alert via text, email, or push notification when port‑out or SIM‑change is requested—and with Account Lock on, those requests are flat‑out declined.

The Federal Communications Commission (FCC) has required carriers to implement fraud‑prevention measures for port‑outs since July 8, 2024, but features vary in name and execution. AT&T’s launch puts it on par with its peers—no more excuses for leaving this toggle off by default.

SIM‑swapping attacks are low‑effort, high‑reward scams for fraudsters. They prey on gaps in carrier security and human trust. By flipping on Wireless Account Lock in your AT&T app today, you shut down one of the easiest paths into your digital life. It’s free, it’s fast, and in a world where our phones guard virtually everything we own, it’s a change worth making—right now.