Have you switched from regular old physical SIMs to the new-age eSIMs yet? If you have then you might be at risk. According to a report from BleepingComputer, SIM swappers have upgraded their techniques to steal phone numbers by transferring them to a new eSIM card. These eSIMs, which are embedded within the chip of mobile devices, operate in a manner akin to physical SIM cards but offer additional features such as remote reprogramming capabilities.


Cybercriminals Are Exploiting eSIMs


eSIMs, or Embedded Subscriber Identity Modules, operate much like traditional physical SIM cards but are digitally integrated into the chips of mobile devices. This digital format allows for remote reprogramming and enables functionalities such as activation and deactivation through QR code scans provided by service providers.


A recent report from F.A.C.C.T., a Russian cybersecurity firm, sheds light on a global rise in eSIM exploitation by SIM swappers. These cybercriminals exploit the advanced capabilities of eSIMs to bypass security protocols, gaining illicit control over phone numbers. This unauthorised access can lead to compromised accounts and the potential exposure of sensitive information.


What Is The Modus Operandi Of Cybercriminals


Attackers have shifted their tactics from social engineering and insider assistance to exploiting vulnerabilities in mobile accounts through stolen credentials. They accomplish this by generating QR codes within compromised accounts to facilitate number porting to a new device, thereby gaining control over the victim's phone number.


What Can You Do To Protect Yourself?


Moreover, the report underscores that cybercriminals, upon acquiring the victim's number, engage in a range of fraudulent activities, such as unauthorised access to banking services and messaging applications.


To address these potential risks, individuals are encouraged to utilise strong passwords, activate two-factor authentication, and explore supplementary security options such as physical security keys or authenticator applications for securing vital accounts.


In summary, the emergence of eSIM technology has inadvertently opened up new avenues for exploitation by SIM swappers. As cybersecurity threats continue to evolve, it is imperative for users to remain vigilant and adopt stringent security measures to protect their digital assets and personal data.