SIM Swap Attacks Targeting Orange, Vodafone, and Digi Romania Customers

SIM swap fraud is one of the most dangerous cyberattacks targeting Romanian mobile users. By transferring your phone number from your SIM card to one they control, attackers can intercept SMS verification codes, access your bank accounts, hijack your social media, and steal your cryptocurrency — all without ever touching your phone.

Romania's three major carriers — Orange, Vodafone, and Digi Mobil — have all seen customers fall victim to this attack. The combination of SMS-based two-factor authentication still widely used by Romanian banks and the relatively straightforward SIM replacement process makes Romania a particularly fertile ground for SIM swap fraud.

How SIM Swap Attacks Work

1. The attacker gathers your personal information — your name, CNP, phone number, and address. This data comes from data breaches, phishing attacks, social media, or purchased databases on the dark web.

2. They contact your mobile carrier — either in person at a store or through customer service — posing as you. They claim their phone was lost or stolen and request a SIM replacement.

3. The carrier issues a new SIM card linked to your phone number. Your original SIM immediately stops working.

4. The attacker now receives all your SMS messages and calls, including one-time passwords (OTPs) from your bank, email provider, and social media accounts.

5. They log into your accounts using your credentials (obtained through phishing or data breaches) and the intercepted OTP codes.

Why Romania Is Vulnerable

Warning Signs of a SIM Swap Attack

• Your phone suddenly loses signal and shows "No Service" or "Emergency Calls Only" for an extended period
• You cannot make calls or send texts even though your phone worked fine minutes ago
• You receive notifications about password resets or logins you did not initiate
• Your banking app logs you out and you cannot log back in
• Friends receive messages from your social media that you did not send

Carrier-Specific Protections

Orange Romania

• Set a security PIN on your Orange account through the My Orange app
• Enable eSIM if your phone supports it — eSIMs are harder to swap
• Visit an Orange store to request a SIM lock flag on your account
• Register for Orange Alert notifications for account changes

Vodafone Romania

• Set up a security code through the My Vodafone app
• Request that SIM replacements require in-person verification with original buletin
• Enable account change notifications via email
• Ask about Vodafone's SIM swap protection options

Digi Mobil

• Contact Digi customer service to add extra verification steps for SIM replacement requests
• Request that any SIM changes require in-person verification at a Digi store
• Monitor your account through the Digi Online portal for unauthorized changes

General Protection Steps

1. Move away from SMS-based 2FA. Switch to authenticator apps (Google Authenticator, Authy) or hardware security keys wherever possible.
2. Set a carrier PIN. Contact Orange, Vodafone, or Digi to add a PIN that must be provided before any SIM changes are made.
3. Minimize your CNP exposure. Your CNP is often used to verify identity during SIM swaps. Share it only when absolutely necessary, and when you must, use LOCK.PUB to send it through a password-protected, self-destructing memo.
4. Monitor your phone signal. If you lose service unexpectedly, contact your carrier immediately.
5. Use strong, unique passwords for every account so a SIM swap alone is not enough for account takeover.
6. Enable email notifications for banking transactions so you have a backup alert channel.
7. Limit personal information on social media. Attackers use your public profile to gather verification details.

What to Do If You Suspect a SIM Swap

1. Contact your carrier immediately from another phone:
   • Orange: 0800 894 456 or 0374 456 000
   • Vodafone: *222 or 0372 022 222
   • Digi: 0372 004 000
2. Request an immediate SIM block and number recovery.
3. Log into your bank accounts from a secure device and change all passwords.
4. Contact your bank's emergency line to temporarily freeze your accounts.
5. Check your email accounts for unauthorized access and change passwords.
6. File a report with Poliția Română (cybercrime division).
7. Document everything — exact time you lost signal, any notifications received, and all actions taken.

Sharing Sensitive Account Information Safely

When you need to share your phone PIN, banking credentials, or carrier account details with a trusted family member for emergencies, do not write them in a Messenger or WhatsApp message. Use LOCK.PUB to create an encrypted memo that self-destructs after reading. This way, your sensitive information does not sit permanently in anyone's chat history waiting to be leaked.

The Bottom Line

SIM swap attacks exploit the weakest link in your digital security — your phone number. In Romania, where SMS-based verification is still dominant and CNPs are frequently exposed, the risk is particularly high. Protect yourself by adding carrier PINs, switching to authenticator apps, and minimizing your personal data exposure. When you must share sensitive credentials, use LOCK.PUB to ensure they remain temporary and encrypted.