Experts told the I-Team it can all start with someone calling your cell phone carrier, pretending to be you.
"I had no signal," said Mike Malloy, who thought there was a glitch on his cell phone.
After rebooting failed, Malloy noticed emails from his bank and E-Trade about money withdraws.
"I was panicking, almost about $20,000 dollars," said Malloy. He quickly learned he was a victim of what's known as "SIM swapping."
"'SIM swapping' is where they will call your mobile carrier and convince the help desk that you need to get a new SIM card because you lost your phone or your SIM card broke," explained Andrew Hoog of Chicago's NowSecure.
Hoog told the I-Team that scammers have enough information about you through social engineering or other data breaches to convince your mobile carrier to use the cloud and move your phone number to a new smartphone SIM card.
"Your service gets transferred to the attackers' SIM card and then they are impersonating you from there on out," he said.
Your SIM card is in the side of your phone. It stores your contacts, text history and more.
"They have access to your email, bank account, social media, contacts, to all of the transactions you have done in the past. Basically, they own your identity," said Hoog.
And while you are restarting your phone and trying to figure out what is happening, criminals are resetting passwords to your bank accounts and social media accounts.
"As a consumer you will never know it happens until your phone goes dead," Hoog explained.
"My heart was in my throat as I was seeing this guy make these transactions, and it would show up as it turned out," said Malloy. "Both of us were logged into the account at the same time."
Eventually Malloy was able to get his number back and stopped the SIM swap hacker from draining accounts by accessing accounts through his laptop. It also helped that he used emails as his main way of account verification. You can also use another phone number like a work cell or home number as a backup verification number with your accounts.
"When you are doing verification you're setting up bank card, credit cards, make sure you are using more than one method to validate who you are," said Malloy.
But how can you stop a SIM swapper from tricking your carrier?
"You should be very careful about how much personal information you post online, as that can easily be harvested and put into a database, and as they collect more and more information eventually they have enough of a profile to convince someone else they are you," said Hoog.
So think about your next social media post. Are you checking in to your own address, are you revealing your mother's maiden name, or posting a dog's name? All of these details can help a scammer target you and pretend to be you.
To further protect yourself from SIM swapping, you can also call your cell phone provider and add a unique PIN number that you must give to access your account.