SIM Swap Attacks in Sweden: Protecting Your Telia, Tele2, and Tre Account
Learn how SIM swap fraud targets Swedish mobile customers on Telia, Tele2, and Tre. Understand the attack process and protect your phone number from hijacking.
SIM Swap Attacks in Sweden: Protecting Your Telia, Tele2, and Tre Account
Your phone number is more than a way to make calls. In Sweden, it is the key that unlocks your entire digital life. It receives BankID verification prompts, Swish payments, two-factor authentication codes from your bank, and password reset links for every account you own. When a scammer takes control of your phone number through a SIM swap, they effectively become you.
SIM swap fraud has been rising steadily in Sweden, targeting customers across all three major carriers: Telia, Tele2, and Tre. The attack is deceptively simple but devastatingly effective.
How SIM Swap Attacks Work
A SIM swap does not require any technical hacking. The attacker convinces your mobile carrier to transfer your phone number to a new SIM card that they control. Here is the typical sequence:
Step 1: Information Gathering
The attacker collects your personal information through phishing, data breaches, social media, or Sweden's relatively accessible public records. They need your name, personnummer, address, and ideally your account details with the carrier.
Step 2: Contacting the Carrier
The attacker contacts Telia, Tele2, or Tre customer service — either by phone, online chat, or in person at a store. They impersonate you and request a SIM replacement, claiming the original SIM was lost or damaged.
Step 3: Verification Bypass
The attacker provides your personnummer and personal details to pass identity verification. Some attacks involve social engineering the customer service representative, while others exploit weak verification procedures.
Step 4: Your Phone Goes Dark
Your phone loses signal. You see "No Service" or "Emergency Calls Only." The scammer's new SIM now receives all calls and texts meant for your number.
Step 5: Account Takeover
With your phone number, the attacker can:
- Receive BankID prompts and approve transactions
- Intercept SMS-based two-factor authentication codes
- Reset passwords for your email, bank, and social media accounts
- Make Swish payments
- Access any service that uses your phone number for verification
Why Sweden Is a Target
| Factor | Risk |
|---|---|
| BankID tied to phone number | SIM swap gives access to your digital identity |
| Swish linked to phone number | Instant, irreversible payments become possible |
| Personnummer in public databases | Easier for attackers to gather verification info |
| SMS-based 2FA still common | Phone number controls account access |
| High digital service adoption | More accounts vulnerable per person |
Carrier-Specific Protections
Telia
- Contact Telia to add a SIM lock notification (SIM-spärrnotis) to your account
- Request that SIM changes require in-store ID verification
- Enable Telia's security features in the My Telia app
- Set a PIN code that must be provided for any account changes
Tele2
- Ask Tele2 customer service to add extra verification for SIM changes
- Set up a customer PIN or password on your account
- Monitor your Tele2 account for unauthorized changes through the Mitt Tele2 portal
- Request notification alerts for SIM-related changes
Tre (3)
- Contact Tre to add SIM swap protection to your account
- Set a unique PIN for customer service interactions
- Enable alerts for account modifications
- Request that SIM replacements require physical store visit with ID
SIM Swap Warning Signs
- Your phone suddenly loses signal and shows "No Service" for an extended period
- You receive unexpected texts about SIM changes or port-out requests
- You cannot log in to accounts that use SMS verification
- Your BankID stops working on your device
- Friends or family receive messages from your number that you did not send
- Your carrier sends a welcome message as if you just activated a new SIM
How to Protect Yourself
Account-Level Protection
- Set a unique PIN or password on your carrier account — Make it different from other passwords
- Request SIM change notifications — Ask your carrier to alert you before processing any SIM swap
- Require in-store ID verification for SIM changes when possible
- Monitor your account regularly through your carrier's app or portal
Authentication Improvements
- Switch from SMS-based 2FA to app-based 2FA where possible (Google Authenticator, Microsoft Authenticator)
- Use BankID's device binding — Configure BankID to work only on your specific device
- Enable biometric authentication (fingerprint, face ID) on banking and payment apps
- Use hardware security keys (YubiKey) for critical accounts that support them
Information Hygiene
- Minimize your personnummer exposure — Do not share it unnecessarily
- Be cautious about personal information on social media — Birthdate, address, and phone number are useful to attackers
- Use strong, unique passwords for your carrier account
- Be skeptical of calls asking for personal information — Even if they claim to be from your carrier
What to Do If You Suspect a SIM Swap
- Contact your carrier immediately from another phone — Report the unauthorized SIM swap
- Go to a physical store with your ID to regain control of your number
- Contact your bank and freeze all accounts — Report potential BankID compromise
- Change passwords on all critical accounts (email, bank, Swish)
- File a police report at polisen.se
- Check your credit reports at UC and Bisnode for unauthorized activity
- Monitor all accounts for unauthorized access over the following weeks
Share Sensitive Account Details Securely
When you need to share phone account PINs, carrier credentials, or recovery codes with a trusted family member for emergencies, do not write them in a note app or send them through SMS. Use LOCK.PUB to create a password-protected, expiring link that keeps the information secure and temporary.
The Bottom Line
SIM swap attacks are one of the most dangerous threats to personal security in Sweden because of how deeply phone numbers are integrated into the digital identity system. The best defense is layered: set up carrier-level protections, move away from SMS-based authentication where possible, and minimize the personal information available to potential attackers.
Your phone number is your digital identity in Sweden. Protect it accordingly, and when sharing sensitive credentials or recovery information, use a secure channel like LOCK.PUB instead of plain text. Stay proactive — the time to add SIM swap protection is before an attack happens, not after.
Keywords
You might also like
SIM Swap Attacks Targeting Kyivstar, Vodafone UA, and lifecell Customers
How SIM swap fraud works in Ukraine, targeting customers of Kyivstar, Vodafone Ukraine, and lifecell. Learn how criminals hijack your phone number to access banking and Diia accounts.
Bangladesh Freelancer Payment Security: Protecting Your Earnings on Upwork, Fiverr, and bKash
A guide for Bangladeshi freelancers on securing payments from Upwork, Fiverr, and other platforms. Learn to protect bKash withdrawals, avoid payment scams, and safeguard your income.
Online Banking Security in Bangladesh: Protecting Your DBBL, City Bank, and BRAC Bank Accounts
Learn how to protect your online banking accounts from phishing, app fraud, and credential theft targeting Dutch-Bangla Bank, City Bank, BRAC Bank, and other Bangladeshi banks.
Create your password-protected link now
Create password-protected links, secret memos, and encrypted chats for free.
Get Started Free