eSIM Swap Fraud via Phone Calls
How fraudsters use social engineering calls to convince carrier staff to transfer a victim's number to an eSIM they control, then intercept all calls and SMS including two-factor authentication codes.
Part of: eSIM Swap Fraud
Last reviewed: 8 June 2026
SIM swap fraud has evolved with carrier technology: where physical SIM swaps required a fraudster to present at a store, eSIM transfers can be authorised remotely through customer service calls. A fraudster who has obtained enough personal information about a victim — through phishing, data breaches, or social media research — calls the carrier impersonating the account holder and requests an eSIM activation on a new device.
Once the number is ported to the fraudster's eSIM, all calls and SMS messages — including one-time passwords and bank authentication codes — are redirected to the attacker's device. The victim's phone loses signal, often at a time when they are unaware of the attack.
How this scam works on phone calls
The attacker gathers the victim's full name, date of birth, address, and account number from a data breach or through prior phishing. They call the carrier's customer service line, pass the verification questions, and request an eSIM QR code to be issued for their 'new device'. The carrier sends the eSIM activation code to the attacker, who activates it on their own device.
Within minutes, the victim's phone shows no signal. The attacker logs into the victim's bank, requests a forgotten-password SMS, and uses the intercepted code to take over the account. Banking, email, and social media accounts that use SMS for two-factor authentication are all vulnerable.
Common red flags
- Your phone suddenly loses all signal without an obvious technical reason
- Bank or email one-time passwords stop arriving
- You receive unexpected texts or emails about account changes you did not initiate
- Carrier sends a notification about an eSIM activation you did not request
- Your accounts are accessed from unfamiliar devices around the same time your phone loses signal
How to protect yourself
- Set a strong verbal account PIN or passphrase with your carrier that must be provided for any account changes
- Switch to authenticator app-based or FIDO2 MFA wherever possible, reducing SMS dependency
- Ask your carrier to add a note requiring in-store identity verification for any SIM or eSIM changes
- Sign up for account change alerts from your carrier
- If your phone loses signal unexpectedly, immediately call your bank and carrier from another device
How to report it
- Contact your carrier immediately using another device to report the eSIM transfer and reverse it
- Report to Action Fraud (UK) or ic3.gov (US)
- Contact your bank immediately — financial fraud following a SIM swap can be rapid
Frequently asked questions
How quickly does eSIM swap fraud happen?
Very quickly. Once the eSIM transfer is authorised, the attacker can begin intercepting SMS two-factor codes within minutes. Financial accounts can be drained in the same window. Acting immediately upon noticing a loss of signal is critical.