Phishing Renovated: eSIM fraud

In recent times we have started hearing stories of eSIM fraud in leading newspapers and over social media. These stories have started to come out only after Hyderabad police disclosed the racket linking its ties to social engineering and scam hub Jamtara.

While everyone is being made aware of eSIM fraud scam, let’s take a look into how things are done:

  • An SMS is sent to the victim like a service message claiming that SIM might be closed if the customer doesn’t complete eKYC.
  • Then the phishing agent calls the customer claiming to be from Service provider and collects their details such as ID cards, AADHAR card, Driving License etc. and the phone number is linked with a Phishing email address
  • Once the details are fetched the user is requested to submit an eSIM request.
  • After the request and details are verified by the Service provider a QR code is sent to the email address, thus allowing the fraudster to register using the victim’s phone number.
  • Finally, after getting hold of the phone number, the fraudster can empty your account either via UPI or by online transactions.

While an estimated amount of loss is not calculated and not verified, if we believe the news an estimated Rs 50 lakh has been scammed collectively and still this might be ongoing. Thus we would like to suggest a few precautions to be safe from these fraudsters:

How to remain safe?
  • Ignore any of the service messages you receive from your service providers regarding your service closure.
  • Do not believe any person claiming to be calling from your service provider to initiate eKYC.
  • Please remember your service provider will never contact you for eSIM verification or eKYC unless it is first initiated from your side.
  • Never submit your details on any link from the internet, it can be a potential phishing attempt.
  • Whenever possible do not ignore such calls and report these numbers and contacts to your service provider or your nearest police station.

Leave a Reply