Cybercriminals are constantly finding new ways to exploit technology, and eSIM is no exception. Unlike traditional physical SIM cards, eSIM is a chip embedded in the device that allows users to activate the service digitally by logging into an app or scanning a QR code. While this modern technique offers convenience, it also opens up new opportunities for cybercriminals to target users and steal their information.
According to cybersecurity company ESET, cybercriminals can access users’ mobile accounts by using stolen, forced, or leaked credentials. These criminals often use social engineering, phishing, and other deceptive strategies to break into user accounts and obtain the QR code needed to activate the eSIM on their own device. By stealing the victim’s phone number, they can gain access to various services such as banking and messaging, leading to potential scams.
In 2023, Russian cybersecurity company FACCT reported an increase in SIM swapping as cybercriminals took advantage of the transition to eSIM technology. They targeted financial institutions after cloning eSIMs with over a hundred attempts recorded in a single institution to access customers’ personal accounts. The consequences of being a victim of eSIM swapping can be serious for both security and privacy. Some threats include unauthorized access to personal accounts and potential financial losses.
To protect against phone number theft, ESET specialists recommend caution when clicking on suspicious emails and messages that contain links or attachments related to SIM swapping or phishing attempts. Additionally, they advise users to be cautious when sharing personal information online and use strong passwords that are difficult for hackers to guess. By staying vigilant against these threats and following best practices for online security, users can minimize their risk of falling victim