Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

author photo

How to Tell if Your Phone Has Been Cloned

by on March 30, 2020
in Tips & How-Tos, Phones and Mobile, Privacy :: 138 comments

Techlicious editors independently review products. To help support our mission, we may earn affiliate commissions from links contained on this page.

Our phones are the key to our digital identity, so it’s no wonder that mobiles have become increasingly attractive targets for cybercriminals, who have at their disposal a fair number of ways to hack a smartphone, some of which require more access and technical savvy than others.

Phone cloning – or the copying of the identification credentials a phone uses to connect to cellular networks – is one method that usually requires the perpetrator to have direct access to a device.  That makes it less prevalent than, say, hacking an operating system vulnerability that hasn’t been updated, but the consequences are equal to that of most phone hacks – your personal data is exposed, with potential financial consequences or identity fraud.

What is phone cloning?

It’s worth distinguishing between “cloning” a phone’s data – which spy apps semi-legally offer as a way to spy on the photos, texts and calls of another device – and totally illegal phone cloning, which refers to the copying of a phone’s complete cellular identity and using it in another device.

In cloning a phone’s cellular identity, a criminal would steal the IMEI number (the unique identifier for every mobile device) from the SIM cards, or the ESN or MEID serial numbers. These identifying numbers are then used to reprogram phones or SIM cards with the stolen phone number.          

Then there’s also the emerging threat of SIM hijacking, where hackers who have access to stolen phone numbers call up carriers and impersonate account holders to get a new SIM the hacker controls. This method, which relies on social engineering tactics to find out personal information that carriers use to authenticate customer accounts, differs from the highly technical method for SIM (or phone) cloning, but the end result is the same – to gain control over someone’s phone service.

Once the perpetrator has control of the phone line, they can send messages and make calls that appear to be from that phone number, with the bill footed by the victim. If a cloned phone and the original are near the same broadcast tower, it could even allow the perp to listen in on any calls made by the victim – though that’s probably not the main driver for phone cloning.

The bigger danger is that text messages and calls intended for the rightful owner of the line can also be intercepted – including two-factor authentication codes that allow snoops to get access to critical accounts like email, social media and even banking. (The vulnerability of text messages is one reason why experts recommend other methods of two-factor authentication.)

Phone cloners might also target political figures for surveillance: in February this year, South African state security ministers were reported to have had their cellphones cloned, the crime was detected when several people reported receiving text messages from a minister who hadn’t sent them.

Or, cloned phones might be used to generate revenue, sold to people who aren’t aware they’ve purchased a fraudulent handset with stolen credentials.

How phones get cloned

Most phones have SIM cards whose IMEI numbers are protected by secret codes that prevent over-the-air interception. But if someone is able to remove the SIM card and place it in a SIM reader for a few minutes, they can copy all its identifying credentials to load onto a blank SIM. (This technically includes anyone who might get time alone with your device – but as with phone spying, you’re likely to have an inkling if there’s anyone who might want to do such a thing.)

Researchers have also found a vulnerability in the existing protocol that is used for over-the-air carrier updates. Though rarely used, this flaw could in theory allow hackers to remotely clone a SIM.

Some older phones are more vulnerable to remote attacks. Those running on 2G or 3G CDMA frequencies, which are used only by the Sprint and US Cellular networks (Verizon retired its CDMA network at the end of 2019), broadcast to the operator in a way that would allow special equipment – like a femtocell – to eavesdrop on the connection and intercept handset ESN or MEID serials.

That means older CDMA phones, such as flip phones or 3G-only regular and smartphones, that are locked to either Sprint or US Cellular may be at a slightly elevated risk of remote phone cloning. All that said, however, phone cloning is not as common as it was in the early days of mobile phone use, when the radio frequencies in use were much easier to eavesdrop on.

6 Signs that your phone might have been cloned

If you think your phone might have been cloned, check for these signs which can indicate someone else is using your cellular service, such as:

1. Receiving an unexpected text requesting you to restart your device

This may be the first sign that your phone or SIM has been compromised – restarting your device gives the attacker a window in which your device is off and they can load their phone with your cloned credentials.

2. Calls or texts on your cellphone bill that you don’t recognize

Any outgoing texts and calls made on the cloned device will seem to be coming from your phone number – and land on your bill. Even if you don’t have an itemized bill, international calls will show up here, so keep an eye on your monthly payments and double-check when you pay more than usual.

3. You stop receiving calls and texts

If someone else has control of your phone number, calls and SMSes may be diverted to their cloned device, or your cellular connection stopped entirely. Check this by having a friend or your partner call you to see if the call rings and if it comes through to your phone.

4. You see your device in a different location on Find My Phone

Logging into Find My iPhone or Google’s Find My Device can be a way to check on the integrity of your SIM. If your phone’s on your desk, but on the map appears to be somewhere else, someone else may be using your cell service. (Chances are, phone hackers would disable this setting, however.)

5. You get a message from your carrier saying your SIM has been updated

If your credentials have been activated on a new device, your network provider will probably send a message confirming your details have been updated – a major red flag if you haven’t done anything. This can also be the point at which you find your device no longer has cellular service. 

6. You’re mysteriously locked out of your accounts

You might even find someone has commandeered your email accounts and social media handles – as in a spat of Instagram hacks based on stolen phone numbers (in these cases, however, the SIMs were hijacked by attackers who had gleaned enough personal information online to fool carriers into switching over the SIM cards). Either way, someone having control over your phone service means they can do things like trigger a forgotten password, receive a two-factor authentication code to the phone number they now have access to, then change the password and access any account they know your login name for.

If the worst has happened and your phone has been cloned, you need to call your cellular provider. They should be able to detect and block the cloned device, because each handset has a unique radio fingerprint independent of that serial number that originally belonged to you.

Can you prevent phone cloning?

You can help protect your phone from this type of cloning by observing the same cybersecurity practices that keeps your online life safe:

  • Check that carrier texts are coming from legitimate numbers – for example, do they show up in the same message thread as previous carrier texts?
  • Train a skeptical eye on any text that requests you do something – are they worded in the way you would expect? What do Google search results have to say about the sender’s number?
  • Finally, treat your phone’s IMEI, ESN or MEID number like any other password - never send it to anyone or give it to any website you don’t trust.

Cloning isn’t the only way your phone can be compromised. If you have concerns about the security of your device, read our story on how to tell if your phone has been hacked.

[Image credit: phone hacking concept via BigStockPhoto]

Natasha Stokes has been a technology writer for more than 7 years covering consumer tech issues, digital privacy and cybersecurity. As the features editor at TOP10VPN, she covered online censorship and surveillance that impact the lives of people around the world. Her work has also appeared on BBC Worldwide, CNN, Time and Travel+Leisure.



Discussion loading

Cloned

From Sun Whitworth on December 15, 2021 :: 12:01 am

I have been getting calls and texts saying I called people at times when I have been asleep or not around my phone. Today I have made 0 calls and have gotten messages I had called someone 10 times. Another message threatening to hunt me down and f,,,,me up if I’m not a lending company

Reply

Spoofing, not cloning

From Josh Kirschner on December 23, 2021 :: 10:46 am

It sounds like someone is spoofing your phone number to make illegal telemarketing calls/scams. This, unfortunately, is pretty common (it’s happened to me, too) and there’s nothing you can do about it. You’ll just have to inform the irate callers that you didn’t call them and your number was spoofed. Fortunately, these issues should be reduced this year as STIR/SHAKEN is implemented across phone carriers.

Reply

Free service

From Me on January 26, 2022 :: 9:42 am

Service ended January 19, yet I still have service. I’m sure there’s a logical explanation?

Reply

I'm pretty sure my phone is either hacked or data has been hacked

From Moonlight on February 13, 2022 :: 9:24 pm

Since my phone has been in for repair. I have had non stop problems of getting locked out of my accounts. Amazon being one of them I have been blocked out from Amazon due to suspicious activity. I have also had emails from Amazon stating; “We believe that an unauthorized person has accessed your Amazon account and attempted to place an order. For your protection, we have canceled the order.”
I have also received text messages from my binance which is a cryto account asking me to verify my I.D one day and I ignored it and the next day I received another message stating that the I.D was not accepted.

Reply

Hmm...that's not good

From Josh Kirschner on February 14, 2022 :: 9:22 am

That doesn’t sound good. I suspect that this isn’t cloning but that whoever fixed your phone accessed your stored account passwords on the device. I don’t know what kind of repair they did, but did you unlock your device for them or give them your lockcode/pin?

I would immediately change all of your passwords and set up two-factor authentication for the critical ones (which you should have anyhow). And if there is a way to report these issues to whoever runs the repair place, I would consider it.

Reply

Is it cloning or hacking? Please help.

From Tembs on February 24, 2022 :: 6:03 am

Hi.

My friend just messaged me on WhatsApp asking, why am I selling him cryptocurrency, when I didn’t.

Long story short, I asked him to send the said accounts number and it is mine. The profile has my DP on it, my name and my number, but it’s not me.

Mindboggled.

Reply

Phone abuse

From Debbie on April 03, 2022 :: 2:08 pm

Someone has been using my number for several years. I don’t get most texts. He is in all my social media accounts. Makes illegal tech products. He is insane. His name is Blake. I can’t get rid of him. He has a pitiful wife. Any suggestions?

Reply

cloned IPhone

From Pat on April 22, 2022 :: 2:24 pm

Experian sent me a message that my phone number was located on the dark web. I receive text msgs on my phone regarding porn, etc. I do not open these messages, just delete them. I’m wondering if the cloned phone can see my text messages, emails, contacts, etc. on my phone, and how can I protect my phone? Do I need to change my phone number?

Reply

Something weird

From Marco on May 08, 2022 :: 4:54 am

My wife iş receiving calls from her own number, which iş a common fraud trick here in Brazil. The weird thing iş that her number calling appears to her with the name İ gave it and under which I registered it in my contact list,a very peculiar öne with emoticons in it, no one could imagine. One would only know by accessing the contact list of my phone or my account in apps exhibiting those names (eg whatsappweb, maybe signal…)

Reply

Just read one comment

From Andrea morris on May 29, 2022 :: 12:22 pm

For the last 7 years I’ve been followed and watched by security camera and my face is all over Britain. My life is being followed and waiting for my next move in life. These people have push me to losing my kids and taking my own life 7 times. I’ve been to hospitals police stations and no one tells me I wonder y when they are paid off by the dark side, I don’t sell drugs I don’t sell I’m not a grasser murderer pedo but these people make me out to be the lowest of the low. Where they have taken of me all my life from money to dignty pi eve the are using a phone that has been cloned my life hacked and the people that have done the rapes and pushed me to drink more have been recording me in my home and outside. I can’t just up and g

Reply

Taken over

From A friend of a friend on May 30, 2022 :: 5:26 pm

Ok….my friend has her phone cloaned….pretty positive!  He has taken over her phone, Google acct, recording her thru her apps, he has been stealing from her, her elderly father, and now I need to know what to do to help her take control of the situation!  You can’t call her phone or send any sort of notifications b/c he gets it also!  She is a strait talk subscriber!!!!!  So, this is NOT her info, it’s her friends!!!

Reply

What's happening here

From Tonya on June 14, 2022 :: 2:16 pm

My phone number is the only number on my ex boyfriends call logs but he never calls me. What is going on here and what do I do about it? Is someone else using my number like his new girlfriend?

Reply

Need info

From Mark overpeck on June 17, 2022 :: 3:56 pm

Need to know who is cloning because need to put to stop. Keep getting away with it ! How to figure out. Tryin to scam me

Reply

iPhone disabled and cloned

From GabrielaS on July 13, 2022 :: 6:10 am

I am pretty sure my iPhone was cloned, too. My iPhone was disabled one year ago with no reason, I had to download the software from the apple website again. I have had many signs that this happened. My assumption is that apple (the guy there) knew about it. Besides, I got the message below several times, as if I left and got into the country: “Die Bundesregierung: Willkommen/Welcome! Bitte beachten Sie die Test-/Quarantäneregeln; please follow the rules on tests/quarantine”

Reply

That's a normal message to receive in Germany

From Josh Kirschner on July 19, 2022 :: 10:26 am

I’m assuming you’re getting that text message when you enter Germany. That is a standard alert from the German government about Coronavirus restrictions that all (most/many) travelers receive. It is not a sign of cloning or any type of hacking.

Reply

“as if”

From GabrielaS on August 04, 2022 :: 8:09 am

I got that message several times, AS IF I had left and got into the country.”

Except I did not leave and enter the country.

Reply

PLUS

From GabrielaS on August 04, 2022 :: 8:16 am

Some times, I tried dialling a number saved in my agenda, but it wouldn’t call, no reaction from my phone, tough I had coverage.

Other times, I would call someone several times, but they had only one missed call. Or I would call just once but they got several calls.

I would also hear echoes and other sounds like the beep one, as if some device was trying to intercept my calls.

Several times, I got calls back from people saying I had called them, which was not the case. They either was making it up or someone else did it with my number.
Lots of weird stuff…

Reply

Phone spoofing, not cloning is behind the callbacks

From Josh Kirschner on August 04, 2022 :: 5:03 pm

Spam callers will often spoof real phone numbers to make their calls seem less suspicious. So if someone calls you back saying they received a call from your number, that is likely the cause. It happens occasionally to me and other Techlicious folks, too. There’s no way to stop it, we just need the phone carriers to fully implement STIR/SHAKEN to stop this type of spoofing.

Conversation

From James on July 23, 2022 :: 9:46 am

My coworkers have tried to call me and at times they would get someone else. I restarted my phone every time it haven’t. I have an unlimited plan so I never felt the need to check my records. Side question I was trying to switch carriers and they us my IMEI number as my account number, but the number wasn’t the one for my phone. What’s going on there?

Reply

I'm surprised that your carrier

From Josh Kirschner on July 25, 2022 :: 8:40 am

I’m surprised that your carrier would be using an IMEI as your account number. The IMEI is unique to each device, so every time you get a new phone it will have a new IMEI. So if this isn’t the same phone you had when you started the service, that would explain why they are different.

As far as your coworkers getting someone else, my first thought is always that they simply have the wrong number listed. But if it really is happening, perhaps (just speculating here) you turned your old device back into your carrier and they re-issued it to someone else. And if it is one of those really cheap carriers that tries to save money by forcing calls onto Wi-Fi when available, perhaps their operating system uses the IMEI to route calls to the device when on Wi-Fi and their records still have your number associated with your old IMEI.

I would be curious what the answer is here if you find out.

Reply

6th time today

From Andy m on September 22, 2022 :: 2:24 pm

Over the past few months, my huawei honor 10 has been playing up, freezing on various apps and either restarting itself, or me having to hold down the power button. On 6 different occasions over this timeframe, there have been numerous apps appearing, for instance phone clone, age of assassins, spiderman, various games, Facebook and insta, (none of which which i use). Also an unfamiliar light blue browser app. I uninstall them, run various security checks, I have changed my phone number, all my passwords several times. I have been running find my device, and on one occasion I sawa PC in China connected which I immediately kicked out. It appears that someone has acquired my imei number or something. Time for a new phone and sim!

Reply

My email will be good for however long it's allowed to be it'll be my I don't know I'm on like my 11

From Talitha Meyers on October 15, 2022 :: 4:37 pm

I know exactly who did mine and I’m just now finding out since July of doing all this by myself I’m not an engineer but I have righteously lost everything because I no longer have a 501c3 rescue it’s been Depot along with grants I no longer have because of b******* thrown out statements that I supposedly said or whatever because I said that my phone was hacked and the officers here didn’t want to believe me so they stick me in the psych ward I’ve got all the evidence in the world as Google tells me the two step verification process is is so secure in this and that and there’s nothing they can do to get around and I said if you tell your developers that it is flawed and then somebody who is really a nobody has righteously jacked their s*** up then maybe I could get somewhere I have lost everything in the first account 13 years of my life I’ve spent two weeks out of the past month in a psych ward while they try to feel these delusions that I’m just crazy and not tell me that I’m diabetic and law enforcement refuses to do anything because we don’t have a Cyber attack department in our parish and I’m looking at them going it’s not for y’all anyways it’s freaking Federal and now I find this I have been saying for a couple of months I thought that my SIM card was cloned but nobody wanted to leave me somebody better believe me now because I righteously got a lot of people and have paid me back for a lot of s*** that I have lost my life like my car my home my animals my sanity my demeanor my functioning skills all shot because of f****** PTSD.. narcissist needs tech world yeah I’m that blood bag and I’m righteously depleted.. thank you for this page right here because it’s going to come in handy when I go to the law enforcement on Monday.  Hopefully nothing happens and somebody steal the car the rental car because last week what had happened was somebody borrowed my car and told her that so I never got a chance to take the restraining order in at the same time I didn’t have a car nor did I have a device because my device was shut down remotely Google find my device app and I was unable to call for a ride since my car was told and I missed the eviction hearing go figure it’s kind of funny how the guy that wrecked my car was all friendly at first until after the eviction hearing that I’m asked to remove to be removed from the property as he blocked me after saying that my steering went out on my car and it didn’t the tow company said it was fine my life has been in danger I’ve lost a baby and everything it freaking Google Verizon Motorola Microsoft and Facebook have failed while they confirmed that I have been compromised they failed to figure out how I think that’s a lot of lawsuits coming I’m so pissed right now I’d be surprised if this even goes through. If it doesn’t or if it does and I can’t be reached after the fact I live in living Livingston parish Louisiana.. they don’t know who I am here I’ve caused righteous scenes over this s***

Reply

Definitely Cloned

From Dave on October 26, 2022 :: 6:39 pm

I recently learned that my phone(s) have been cloned over a number of years.  Some guy named Travis who worked in either an ATT store or call center had been using my phones identity through each phone upgrade.  ATT help desk finally helped me and are pursuing this guy.  My weird text and odd phone call numbers have dropped significantly and I’ve already seen a pretty dramatic drop in my used data.

Reply

Read More Comments: 1 2 3

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.