Fake eSIM & Roaming Scams

Fake eSIM and roaming scams target travellers who are preparing for international travel and want to avoid expensive roaming charges. As eSIM technology has become mainstream — allowing travellers to download a local or international data plan directly to their phone without a physical SIM card — fraudsters have created fake activation sites, counterfeit eSIM QR codes, and bogus roaming packages that collect payment while delivering no working connectivity.

The harm is twofold. The immediate financial loss is the cost of the eSIM plan or roaming package, typically ranging from a modest sum up to the cost of a multi-week international data plan. The practical harm is arriving at your destination — sometimes a remote location — and discovering your phone has no data connectivity. Emergency contact, navigation, translation, and transport apps all become unavailable at the worst possible time.

eSIM fraud is a newer variant of connectivity scam, but it sits within a broader category that also includes counterfeit physical SIM cards sold in tourist areas and fraudulent roaming package upgrades sold by callers impersonating mobile network customer service agents. The connecting factor is the exploitation of travellers' need for data connectivity and their relative unfamiliarity with how eSIM provisioning and roaming activation should actually work.

The most common route is a fake eSIM purchase site discovered through a search ad or social media post. The traveller searches for something like 'cheap eSIM [destination]' or 'travel data plan [destination]' and encounters a sponsored ad for a site that appears to offer competitive rates. The site is professionally designed and presents convincing plan options with clear pricing.

After paying, the traveller receives an email with an eSIM QR code to scan. The code may either fail to activate at all, or may produce what appears to be a successful activation but with a plan that has zero data allowance, is not recognised by carriers at the destination, or simply never connects. The customer service contact on the site goes unanswered.

A related variant involves callers impersonating mobile network representatives who contact the traveller shortly before a known trip — sometimes using information from social media posts — and offer an 'international roaming upgrade'. The caller takes payment by card for a package that never activates. Another variant is counterfeit physical travel SIMs sold at market stalls or shops near airports in tourist destinations, which may activate briefly before failing.

Phishing for eSIM hijacking is a different but related threat: a message claims the victim's eSIM needs to be 're-provisioned' due to a technical issue, leading to a page that captures the information needed to transfer the phone number to an attacker's device — a form of SIM-swap attack.

eSIM technology is still unfamiliar to many users, which means they have less confidence in knowing what a normal activation process looks like and are therefore less able to identify when something is wrong. The process of scanning a QR code and seeing a 'connected' status can feel like confirmation even if the connection is not actually functional.

The timing of the purchase — shortly before travel — means the scam is often not fully exposed until the traveller is abroad and cannot easily resolve the situation. By that point, raising a dispute requires internet access that the victim may not have.

For the caller variant, travellers who receive a roaming upgrade call shortly before a trip are already primed to think about connectivity costs. The offer arrives at a psychologically relevant moment, increasing the chance that a price-sensitive traveller will accept without verifying the caller's identity.

A traveller purchases an eSIM data plan from a site found via a search ad three days before an international trip. Payment is taken and a QR code arrives by email. The code scans and the phone shows 'eSIM added'. On arrival at the destination, the phone cannot connect to any network. The traveller contacts the site's customer service email, which receives no response. With no data, they are unable to use navigation or messaging services and must purchase an emergency local SIM from a physical shop.

Unlimited 4G data in [destination] for just [amount]. Download your eSIM instantly: [fake link]

Avoid roaming charges — grab a [destination] data plan before you fly. 10GB for [amount], instant QR code: [fake link]

This is [network name] customer service. You have an upcoming international trip. We can offer you a special roaming pack for [amount] — would you like to proceed?

Your eSIM plan for [destination] is ready. Scan this QR code and enjoy unlimited data during your stay.

Best value travel eSIM. Works in [list of countries]. Buy now, receive instantly. No expiry: [fake link]

Purchase eSIM plans only from your home network operator's official app or website, or from reputable providers with verifiable physical addresses, established reviews, and official carrier partnerships that are disclosed clearly. Avoid eSIM sites discovered through search ads without independent verification.

Before activating any eSIM QR code, confirm that the plan details match what you purchased. After activation, verify that the plan appears correctly in your phone's settings — check the data allowance, the carrier name, and that the plan is set as active for roaming.

If you receive a call about a roaming upgrade, hang up and call your network provider back using the number on your bill or on the official website. Never provide card details to someone who has called you unsolicited about your mobile account.