A 54-year-old resident of Shipra Suncity, Indirapuram, Ghaziabad, fell victim to a sophisticated eSIM fraud that resulted in the loss of ₹18.48 lakh from her bank accounts. Arti Kaul was targeted by cybercriminals who posed as Airtel customer service representatives to execute an elaborate SIM swap scam.
Fraudulent call
On August 29, 2025, at approximately 1:00 PM, Kaul received a phone call from fraudsters claiming to be Airtel representatives. The callers convinced her that she needed to upgrade her SIM card from 4G to 5G as per company policy, presenting the upgrade as mandatory. Unaware of the deceptive nature of the call, Kaul stayed on the line with the fraudsters throughout the process.
Technical manipulation
At 1:10 PM, Kaul received an SMS from Airtel containing an OTP for eSIM card activation. Following this, she received a long numerical message on WhatsApp, along with subsequent SIM card update-related messages and additional calls from both the fraudsters and legitimate Airtel representatives. The victim shared the OTP with the callers, inadvertently giving them access to activate an eSIM on their own device, effectively hijacking her phone number.
Once the fraudsters gained control of Kaul's phone number through the eSIM activation, they systematically drained her bank accounts. The theft occurred through more than 50 separate transactions between August 31 and September 1, 2025, targeting both her Axis Bank and HDFC Bank accounts. The total amount stolen reached ₹18.48 lakh.
Discovery and legal action
Kaul discovered the fraud when her SIM card became inactive and she stopped receiving messages. Upon visiting her banks, employees informed her about the unauthorized transactions that had occurred over the previous days. She subsequently filed a complaint with the cyber crime police station, and an investigation has been launched.
This incident highlights the growing threat of eSIM-based fraud in India, where criminals exploit the convenience of digital SIM technology to rapidly hijack mobile numbers and access victims' financial accounts through intercepted OTPs.
Safety tips
Never share OTPs or activation codes:
Avoid sharing one-time passwords (OTPs), eSIM activation codes, or QR codes with anyone, even if they claim to be from your telecom provider. No legitimate company will request these details over phone or SMS.
Use only official channels:
Always request eSIM conversions or upgrades directly through official carrier apps, websites, or physical stores. Do not click on unknown links, and never proceed with eSIM activation from unsolicited messages or calls .
Act fast on signal loss:
If your phone unexpectedly loses network signal or displays “No Service,” immediately report the issue to your mobile operator and notify your bank. This could indicate that your number has been hijacked.
Stay alert for phishing attempts:
Be wary of calls, emails, or texts asking for personal, banking, or SIM-related information. Always verify the identity of the sender by reaching out through the provider’s verified customer care number.
Monitor account activity:
Regularly review bank and mobile account activity for unauthorized transactions or account changes. Set up alerts where available for any transaction or SIM change activity.
Following these safety steps drastically reduces the risk of eSIM-based fraud and helps in swift detection of account compromise.