eSIM is still a premium feature but scammers are already eyeing victims who give access to their phone and bank accounts.

The Indian government is warning mobile users about the threat and risks linked to using eSIM connections on your smartphones. The cybercrime unit called I4C has raised the alarm, citing a recent episode where scammers were able to steal money from a person's account who either used an ATM card or activated UPI for the account.

All they needed was the victim's phone number to execute their attack and steal money from the account. So, how is this instance linked to eSIM risks, you ask?

eSIM Attacks Are Real And You Should Be Worried

The I4C warning gives the details of how the attack was used to steal money. The scammers start the process by making a phone call to the victim. They send an eSIM activation, which is where the hijacking takes place. Once the victim accepts the request to convert their SIM to an eSIM, the scammers can now access all the calls, messages but that also means the regular SIM on the phone loses network access while the OTPs are now redirected to the eSIM profile.

And you know what happens next. They use the confidential access to get bank OTPs to withdraw money and not even raise any concerns for the authorities.

eSIM Bank Loot: What You Should Do

The cybercrime agency has issued a word of caution for anyone using a phone with an eSIM or planning to switch to one soon. There are three safety tips:

eSIM penetration in India is thankfully still in the low figures and you only get them working on iPhones, and Google Pixel phones. So it is important that people using these devices should be aware of how eSIM works and its risks to avoid falling for hijacks like these.