A Mumbai-based woman was cheated of Rs 11 lakh in a sophisticated e-SIM fraud after cybercriminals posing as telecom company employees convinced her to “upgrade” her SIM card and share a one-time password (OTP). Within minutes of the OTP being disclosed, her mobile network went dead — and the money was gone.
According to the complaint, the fraudsters contacted the victim claiming her existing SIM would soon be deactivated unless she migrated to an e-SIM for improved connectivity. Trusting the caller, she shared the OTP sent to her phone. That single step allowed the criminals to remotely activate her mobile number on their own device using e-SIM technology.
Once the number was transferred, all banking alerts and transaction OTPs started reaching the fraudsters instead of the victim. Using this access, they swiftly transferred Rs 11 lakh from her account before she could realise what had happened.
Cyber experts say the crime is part of a growing trend known as SIM swapping or e-SIM hijacking, where attackers take control of a victim’s phone number to bypass security layers on banking and payment apps.
Certified Cyber Crime Investigator Course Launched by Centre for Police Technology
Network disappears first, money follows
In this case, the woman first noticed that her phone had suddenly lost network connectivity. By the time she attempted to contact her telecom operator, multiple unauthorised transactions had already been completed.
Investigators said the method is designed for speed. Once the SIM is deactivated on the victim’s handset, criminals typically have a narrow but critical window to empty bank accounts before the target raises an alarm.
Officials warn that e-SIM technology — while convenient — has become a new weapon for cybercriminals because it allows number activation without physical SIM cards.
How the scam works
Fraudsters usually impersonate customer care executives from major telecom companies, warning users that their SIM will be blocked due to KYC issues or urging them to switch to e-SIM for better 5G performance. Victims are then asked to click on suspicious links or scan QR codes, or simply share an OTP sent to their phone.
The moment this information is provided, the physical SIM on the victim’s device is disabled and the same number is activated as an e-SIM on the attacker’s phone. From there, all calls, messages and banking OTPs are redirected to the criminals.
Cyber officials describe it as a “clean sweep” operation — once the number is hijacked, attackers gain control over UPI apps, credit cards and net banking accounts in quick succession.
Authorities issue fresh warning
The Ministry of Home Affairs’ cybercrime wing has flagged e-SIM fraud as an emerging threat and urged citizens to stay vigilant. Experts emphasise that telecom companies never ask for OTPs over phone calls and do not send random QR codes for SIM upgrades.
Consumers are advised to activate SIM-change alerts with their banks so any unauthorised number swap triggers an immediate warning.
How to stay safe
Security professionals recommend the following precautions:
- Never share OTPs over phone calls, even if the caller claims to be from a telecom provider.
- Avoid clicking on unknown links or scanning QR codes sent via WhatsApp, SMS or email.
- Activate SIM-change alerts on banking apps and accounts.
- For e-SIM activation, visit only official telecom stores or use verified company apps.
- Treat sudden network loss as a red flag and act immediately.
What to do if you suspect fraud
If your mobile signal abruptly disappears and you suspect SIM hijacking:
- Call your telecom operator from another phone and request an immediate SIM block.
- Contact the national cybercrime helpline at 1930.
- File a complaint on www.cybercrime.gov.in without delay.
Cyber experts stress that rapid reporting can sometimes help freeze transactions before funds are permanently lost.
With digital fraud becoming increasingly technical, officials say public awareness remains the strongest defence. A single OTP shared in haste can now cost victims their entire savings.
About the author – Rehan Khan is a law student and legal journalist with a keen interest in cybercrime, digital fraud, and emerging technology laws. He writes on the intersection of law, cybersecurity, and online safety, focusing on developments that impact individuals and institutions in India.
