Cybercriminals exploiting eSIM tech to hijack data, access bank accounts, warn researchers | Tech News

Cybercriminals exploiting eSIM tech to hijack data, access bank accounts, warn researchers

Cyberiminals exploit eSIMs to steal phone numbers and access bank accounts, warns cybersecurity firm. Know how to protect yourself.

By: MD IJAJ KHAN
| Updated on: Mar 15 2024, 19:06 IST
Cybercrime in India in 2023: WFH scams and Illegal lending apps top list, reveals I4C report
 eSIM Scam
1/5 According to the Indian Cybercrime Coordination Centre (I4C), in 2023, the highest number of reported cybercrimes were related to Work from Home (WFH) or Part-time job scams. CEO Rajesh Kumar emphasized the prevalence of digital advertising, online messengers, and bulk SMS as common channels used by fraudsters. (unsplash)
image caption
2/5 Illegal lending apps ranked second in contributing to cybercrimes, with a focus on operations in countries like China, Cambodia, and Myanmar. The Indian government has taken measures to block 595 suspicious apps and has whitelisted 395 instant loan apps approved by the RBI. (unsplash)
image caption
3/5 Customer Care Number and Android malware emerged as the third-largest source of cyber fraud. Scamsters often use fake customer care numbers or install Android malware to steal sensitive information, including OTPs. (unsplash)
image caption
4/5 Impersonation and sextortion are two widely employed tactics by cybercriminals. While Work from Home scams dominate reported cases, sextortion, primarily operated from Mewat, remains underreported due to victims' reluctance to complain. (unsplash)
image caption
5/5 CEO Kumar highlighted the challenge of sextortion cases, revealing that approximately 19,000 such incidents were reported in the past year. The prevalence of sextortion, coupled with victims' hesitancy to report, poses a significant concern for authorities combating cybercrimes. (unsplash)
 eSIM Scam
icon View all Images
Cybercriminals are exploiting eSIM technology to steal phone numbers, leading to bank account breaches, warn cybersecurity researchers. (Pexels)

In a stark warning, F.A.C.C.T., a leading Russian cybersecurity firm, has raised alarm about the sinister use of eSIM technology by criminals to pilfer phone numbers, enabling access to sensitive bank accounts. The revelation, reported by Bleeping Computers, sheds light on a disturbing trend where eSIM, initially designed for convenience, are now being exploited as tools for nefarious activities.

What is eSIM Technology?

eSIM, or electronic SIM card, represents a digital evolution of physical SIM, residing within mobile device chips and offering identical functionality with the added benefit of remote reprogramming capabilities. Users can seamlessly integrate an eSIM into their devices by scanning a provided QR code from their service provider. Widely embraced by smartphone manufacturers, this innovation eliminates the need for traditional SIM card slots and facilitates cellular connectivity even in compact wearables.

You may be interested in

MobilesTablets Laptops
5% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
4% OFF
Samsung Galaxy S24 Ultra
  • Titanium Black
  • 12 GB RAM
  • 256 GB Storage
Vivo X100 Pro 5G
  • Asteroid Black
  • 16 GB RAM
  • 512 GB Storage
13% OFF
Xiaomi 14
  • Matte Black
  • 12 GB RAM
  • 512 GB Storage

Also read: Google Gemini could expose sensitive information; researcher warns about the abuse of chatbot

Also read
Looking for a smartphone? To check mobile finder click here.

The Adapting Tactics of Cybercriminals

However, cybercriminals have proven adept at exploiting the vulnerabilities inherent in eSIM technology. Since the autumn of 2023, analysts at F.A.C.C.T.'s Fraud Protection division have observed a surge in attempts to breach personal accounts within a prominent financial institution. These attackers, employing a technique known as SIM swapping, infiltrate users' mobile accounts using various means, including stolen or brute-forced credentials. Subsequently, they initiate the porting of victims' numbers to their own devices by generating QR codes through compromised accounts. This malicious manoeuvre effectively wrests control of the victim's phone number while deactivating their legitimate eSIM or physical SIM card.

Access to Sensitive Data

Once in possession of a victim's mobile phone number, criminals gain unfettered access to a treasure trove of sensitive information according to the report. This includes obtaining access codes and circumventing two-factor authentication measures across a spectrum of services, ranging from banking platforms to messaging applications. With the stolen phone numbers, cybercriminals can even manipulate SIM-linked accounts in messenger apps, assuming the victim's identity to perpetrate fraudulent activities, such as soliciting illicit monetary transfers.

Also read: Nvidia CEO Jensen Huang Faces Sky-High Investor Expectations at Upcoming AI Conference

How to Protect Yourself Against eSIM Scams

As this insidious threat looms large, cybersecurity experts advocate for stringent measures to safeguard against eSIM scams:

1. Employ robust, unique passwords for each application and update them regularly.

2. Enable two-factor authentication across all critical accounts, such as email, banking apps, and social media, and refrain from sharing these codes with anyone.

3. Remain vigilant for SMS messages related to SIM blocking or transfer requests and verify their authenticity.

Additionally, adhere to fundamental security practices, such as refraining from divulging personal information to unknown entities, to mitigate the risk of falling victim to eSIM-related scams.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 15 Mar, 19:06 IST
NEXT ARTICLE BEGINS