I was a phone store monkey in the UK a few years back and a dedicated attacker can absolutely bypass this: https://news.ycombinator.com/item?id=29714400
I can only assume it's not more common because other scams are more profitable and/or not enough targets (banks, etc) use SMS 2FA as their only method of authentication so a SIM swap wouldn't give you much.
I was a phone store monkey in the UK a few years back and a dedicated attacker can absolutely bypass this: https://news.ycombinator.com/item?id=29714400
I can only assume it's not more common because other scams are more profitable and/or not enough targets (banks, etc) use SMS 2FA as their only method of authentication so a SIM swap wouldn't give you much.