Published on: Sept 01, 2025 06:17 pm IST
eSIM scams in India are on the rise, with fraudsters hijacking numbers to steal money using fake activation links. Learn how these scams work and safety tips.
Cybercriminals in India are now exploiting eSIMs, digital SIMs stored on your phone, to hijack phone numbers and drain bank accounts within minutes. A recent case saw a victim lose ₹4 lakh after scammers took control of their number and intercepted OTPs.
How the scam unfolds
- It begins with a convincing call or SMS claiming to be from your mobile provider. Scammers then send a fake eSIM activation link, usually via SMS or email.
- Once clicked, your physical SIM deactivates, your phone loses signal, and your number switches to the scammer’s device. Every call, message, and OTP now goes straight to them.
- With OTPs in hand, they can approve transactions, reset your passwords, and move money, without needing physical cards or passwords.
Why this works; and why it’s dangerous
eSIM technology was designed for convenience, but that same flexibility provides attackers a fast path into your digital identity and finances. Even users who have disabled UPI or ATM services aren’t safe once the number is compromised.
Quick protection tips
What you can do | Why it matters |
| Ignore unknown links | Only use your provider’s app or site when managing your eSIM. |
| Never share OTPs or personal info | Banks or telcos will never ask for sensitive info over calls or SMS. |
| Monitor sudden signal loss | If calls or data drop unexpectedly, act immediately. |
| Freeze your number if needed | Contact your provider and bank right away if hijacking is suspected. |
Is physical SIM better than eSIM?
Not necessarily. A physical SIM isn’t immune to fraud, either. SIM swap scams have existed for years. The difference is that eSIM fraud can happen faster because it doesn’t require visiting a store or physically replacing a chip. That said, some users feel safer sticking to physical SIMs since telcos usually demand in-person verification for swaps. Ultimately, the weak link is social engineering, not the SIM itself
The Indian Cybercrime Coordination Centre (I4C) and other authorities are sounding the alarm. These scams move fast, victims can lose substantial sums in less than five minutes, highlighting how critical vigilance has become in the digital age.
