SIM-swap attacks continue year after year because companies (that know better) leaned into the awful idea of using SMS for password resets and account logins. These companies include Apple, Dropbox, PayPal, Block, Google, and many others. What is a SIM-swap attack? It’s where a bad guy asks a carrier to port your cell-phone number to their phone.