Pune, India, September 29, 2025: Quick Heal Technologies Limited, a leading global cybersecurity solutions provider, has raised an urgent alert following a surge in eSIM-based phone number hijacking scams that have led to substantial financial losses across Indian cities.
Researchers at Seqrite Labs, Quick Heal’s advanced malware research facility, have identified a growing trend where cybercriminals exploit the convenience of eSIM technology to gain control over victims’ mobile numbers. Once hijacked, attackers intercept one-time passwords (OTPs) and execute unauthorized transactions from bank and payment accounts.
How the Scam Works:
-
Victims receive calls from fraudsters posing as telecom or bank representatives, urging them to “upgrade” to an eSIM.
-
A fraudulent activation link or QR code is sent.
-
Once clicked, the victim’s physical SIM is deactivated.
-
All calls and SMS, including OTPs, are routed to the attacker’s device.
In one reported case from Noida, a woman lost INR 27 lakh after unknowingly clicking such a link. Similar incidents have surfaced in Mumbai and other metro cities, following the same attack pattern.
Global Rise in eSIM Fraud
Seqrite Labs warns this is part of a global surge in SIM-swap crime:
-
Over 1,000 SIM-swap cases reported by the FBI in the US last year (~$50M in losses).
-
UK’s Cifas saw a 1,000% spike, and Australia’s IDCARE reported a 240% increase in related complaints.
-
The remote nature of eSIM activation makes it easier for attackers to scale without visiting carrier stores.
Quick Heal’s Advice to Users:
-
Never click on eSIM links from unknown sources.
-
Only request eSIM changes via official telecom apps, websites, or stores.
-
If your phone loses service unexpectedly, act fast:
-
Call your carrier from another phone.
-
Freeze online banking activity.
-
Change passwords for key accounts.
-
Security Enhancements from Quick Heal:
-
Quick Heal AntiFraud.AI, now available under a freemium model, proactively detects phishing SMS imitating carrier messages.
-
Mobile security solutions updated to flag suspicious eSIM-related URLs using heuristic rules.
-
The Quick Heal Knowledge Centre now offers comprehensive guides, red flag examples, and recovery protocols for eSIM-related fraud.
“This new form of digital fraud is highly sophisticated and rapidly evolving,” said a spokesperson from Quick Heal. “We urge consumers, telecom operators, and banks to strengthen verification processes and rely on secure channels only.”
Quick Heal continues to collaborate with telecom operators, regulators, and law enforcement to dismantle malicious infrastructure and protect Indian consumers from emerging cyber threats.
