eSIMs (eSIMs) are digital SIM cards stored on mobile device chips that offer the same functionality as physical SIM cards. Users can add an eSIM to their phone by scanning a QR code provided by their service provider. The technology has become popular among smartphone manufacturers as it eliminates the need for a physical SIM card slot and enables cellular connectivity in small wearables, including smartwatches.
eSIM support is present only on iPhones and some Android premium smartphones. However, the Russian cyber security company FACCT has issued a serious warning to users of Esim
Cyber experts warn of SIM swappers exploiting eSIM technology to spoof phone numbers and bypass security protocols. Cybercriminals are reportedly using eSIM profiles to steal users' data and money.
Fraud protection analysts under FACCT have detected more than 100 attempts to access personal accounts of clients on online services of a financial institution. Hackers take advantage of this facility as it is easy to transfer and port the SIM to another phone.
Cybercriminals are reportedly using stolen or leaked data to hack into users' mobile accounts and then transfer victims' numbers to their own phones by generating QR codes through the hijacked accounts. According to the report, bank accounts are accessed and money is collected through it.
Use complex passwords for cellular service provider accounts to protect against such hacking if the number used in SIM connections is linked to any bank account. Cyber experts also recommend enabling two-factor authentication.
For high value accounts such as banking and cryptocurrency wallets, users should consider additional security measures such as physical keys or authenticator apps.