Fake AT&T eSIM Transfer and Roaming-Plan Scam
Criminals impersonate AT&T to trick customers into approving an eSIM swap or signing up for a fake roaming plan, hijacking phone numbers for account takeovers or charging for nonexistent services.
Part of: Fake eSIM & Roaming Scams
Last reviewed: 7 June 2026
AT&T supports eSIM on most modern smartphones, allowing customers to activate or transfer their SIM profile digitally without a physical card. Scammers exploit this feature by sending fake AT&T messages claiming a customer must urgently migrate to eSIM or verify their eSIM profile, tricking them into approving a number transfer to the attacker's device.
A successful SIM or eSIM swap gives the attacker full control of the victim's phone number, which is then used to intercept two-factor authentication codes and take over bank accounts, email, and other services tied to that number. The impact extends well beyond the phone bill.
A separate but related fraud involves fake AT&T international roaming plans. Travellers receive a message claiming they must activate a special roaming bundle before departure to avoid large per-use charges. The link leads to a fake billing page that captures card details for a plan that does not exist.
How this scam works on the AT&T brand
AT&T communicates genuine eSIM migration options through the myAT&T app and through @att.com emails to verified account holders. A real eSIM transfer requires the account holder to initiate the process inside the myAT&T app or at att.com — AT&T does not send unsolicited texts or calls asking customers to 'confirm' a pending eSIM swap.
The scam often begins with a spoofed text message appearing to come from AT&T's short code, warning that the customer's account has a pending eSIM request that will complete unless they call a number to dispute it. The panic of potentially losing phone service motivates the victim to call, at which point a fake AT&T agent convinces them to approve the transfer under the guise of 'blocking' it.
The fake roaming plan variant is most active in the weeks before major international travel seasons. The message uses AT&T's blue-and-white branding, references the customer's destination country, and offers a 'limited-time roaming bundle' at an attractive price that must be purchased via an external payment link.
Common red flags
- An unsolicited text or call claiming you have a pending eSIM swap you did not initiate
- The AT&T message contains a link that leads to a domain other than att.com
- A roaming plan is offered via an unsolicited message with an external payment link rather than through the myAT&T app
- A caller asks you to provide a one-time PIN or account passcode to 'cancel' a transfer — this is actually authorising it
- Urgency: 'Your number will be transferred in 30 minutes unless you call now'
- The supposed AT&T agent cannot locate your account in their system or asks for your full SSN to 'verify' it
How to protect yourself
- Add a free AT&T wireless passcode (also called a port freeze or number lock) at att.com to make unauthorised SIM swaps harder to complete
- Manage roaming plans only through the myAT&T app or at att.com/international — never via links in unsolicited texts
- Never share a one-time passcode with anyone who contacts you, even if they claim to be AT&T
- If you suspect an eSIM swap has occurred, call AT&T at 611 from your AT&T phone or 1-800-331-0500 immediately
- Enable two-factor authentication on your key accounts so that a number hijack does not automatically give access to those services
How to report it
- Report smishing texts by forwarding them to 7726 (SPAM) — AT&T uses this number to investigate fraud
- Report to AT&T's fraud team via the myAT&T app or at att.com/help
- File a complaint with the FTC at reportfraud.ftc.gov and with the FCC at consumercomplaints.fcc.gov
- If accounts were compromised following a SIM swap, contact each relevant institution (bank, email provider) immediately
Frequently asked questions
How does an eSIM swap give attackers access to my bank account?
Once they control your phone number, attackers use it to receive two-factor authentication codes sent by SMS, allowing them to reset passwords on your email, banking, and other accounts. That is why protecting your phone number is critical.
Can I prevent an unauthorised SIM swap on my AT&T account?
Yes. AT&T offers a feature called Number Lock or wireless passcode that makes porting or swapping your number without your physical consent much harder. Enable it in the myAT&T app under Account Security.
I received a text about a pending eSIM transfer I did not request. Is AT&T sending it?
Treat it as suspicious. Do not click any link or call any number in the text. Instead, open the myAT&T app or call AT&T at 611 directly to verify whether any such request exists on your account.