20.5k unique visitors in the last 3 days

How eSIMs Can Be Used for SIM Swap Fraud

A story from Slovakia illustrates how scammers will trick people into losing control of their phone by switching to an eSIM.

Slovakia is reportedly experiencing a rise in SIM swap fraud, a type of attack where criminals hijack a victim’s phone service as a step towards gaining access to bank and cryptocurrency accounts. Slovakian tech writer Martin Borko recently explained how he was targeted for a SIM swap using eSIMs. The scam began with Borko receiving a phone call from a person impersonating a mobile operator.

The scammer offered an internet service package, which appealed to Borko as he had experienced issues with his internet connection. This suggests the fraudsters may have been exploiting publicly available information about service interruptions. When Borko declined the initial offer, the scammer called back later with a renewed offer. The new offer emphasized a special deal contingent on switching to an eSIM.

The scammer requested Borko’s name, phone number, email, and date of birth, ostensibly to verify his identity. Borko heard the scammer typing on his keyboard and then the scammer said:

„Všetko sedí,“

“Everything matches”

Borko offered to activate the eSIM for himself, but the scammer insisted on handling the activation, claiming it would only take a few minutes and was necessary to combine the eSIM switch with the special internet offer. This added to Borko’s suspicions. He realized that switching to an eSIM would interrupt his call with the scammer, a fact which would be obvious to any legitimate representative of a mobile operator.

The scammer persevered, attempting to reassure Borko that there would be no interruption to service. Shortly after, an email arrived containing a number transfer authorization code. The scammer then requested this code, stating that it was needed to deactivate Borko’s physical SIM and activate the eSIM.

While the code was indeed related to changing the SIM, the scammer’s true intention was to activate the eSIM on a different device. This would effectively steal Borko’s mobile phone number. Borko insisted he would complete the eSIM transfer himself, prompting the scammer to become abusive.

Having learned all he could about the scammer’s methods, Borko hung up.

SIM swap fraud is typically the preface to scammers intercepting authentication codes sent by SMS. Had Borko lost control of his phone service then his online accounts could have been hijacked and drained long before his phone service could be reinstated.

The law enforcement agencies and cybersecurity authorities of a growing number of countries have warned against the overuse of SMS for sending authentication codes. Too much reliance on SMS has encouraged the rapid evolution of fraud techniques that concentrate on stealing the codes sent this way. The sooner we replace SMS with more secure forms of authentication, the better.

Borko’s eSIM swap article for Vosvete IT can be found here.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email