A woman’s routine mobile call turned into a costly deception. What began as a conversation about upgrading her SIM card ended with cybercriminals siphoning more than Rs 18.48 lakhs from her bank accounts.
A Call Disguised as Help
On the afternoon of August 29, Aarti Kaul, a resident of Shipra Sun City in Indirapuram, received a call from an unfamiliar number. The man on the line identified himself as an employee of her mobile service provider. With an air of authority, he explained that the company’s policy required her SIM card to be upgraded from 4G to 5G. Minutes later, Kaul received a text message containing a one-time password (OTP) linked to her e-SIM activation. The caller stayed on the line, instructing her to share the code. Within minutes, another message arrived, confirming that her number had been registered for e-SIM activation. By the next day, her SIM card had gone dark.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
When Silence Meant Theft
Kaul later recalled that by August 30, she could no longer send or receive messages. Concerned, she went to her mobile service office on August 31 at 11 a.m., where staff issued her a new SIM card. But the replacement would not activate. Two days later, she returned again, receiving two additional SIM cards—both of which failed. Employees eventually admitted that someone else appeared to have seized control of her number, effectively blocking her access. As her phone remained inactive, Kaul was unaware that her bank accounts were being drained. When she finally visited the bank, staff informed her that between August 30 and September 2, a staggering Rs 18.48 lakh rupees had been withdrawn.
The Anatomy of the Scam
Investigators say the fraudsters exploited the e-SIM system, which allows a mobile number to be linked digitally without a physical card. The criminals applied for e-SIM activation using Kaul’s number, while simultaneously tricking her into sharing the OTP required for confirmation. Once the process was complete, all messages and banking alerts routed directly to the fraudsters’ devices, leaving Kaul cut off. The Indian Cyber Crime Coordination Center (I4C) has warned that such schemes are on the rise. Officials stress that no legitimate bank or telecom provider will ever ask customers to forward OTPs received on their phones. “Ignore calls from unknown numbers, never click on suspicious links, and do not share authentication codes,” the agency advised in recent guidelines.
Calls for Accountability
Kaul filed a formal complaint at the Cyber Crime police station on September 8, after learning of the massive withdrawals. Superintendent of Police Piyush Singh confirmed that a case had been registered and an investigation launched. Experts caution that while digital tools expand access to services, they also open new frontiers for exploitation. They urge telecom operators and regulators to strengthen safeguards around e-SIM activation—a technology that, in this case, became the perfect tool for deception.