Maharashtra Cyber State Nodal Agency has issued an urgent advisory on a fast-spreading eSIM hijacking scam where fraudsters pose as telecom or bank officials. Victims are tricked into sharing an OTP via a fake eSIM activation link, allowing criminals to transfer the mobile number and gain access to bank accounts.

The Maharashtra Cyber State Nodal Agency for Cybercrime has issued an urgent warning over a rapidly spreading digital fraud known as eSIM hijacking, warning citizens in Mumbai and across the state that criminals are exploiting mobile technology to silently take control of phone numbers - and then systematically empty victims' bank accounts. The agency shared an official video advisory highlighting the mechanics of the scam and urging immediate public awareness.

How the eSIM hijacking scam works

The fraud begins with a phone call, a text message, or a WhatsApp link. The fraudster poses as an official from a telecom company or a bank, informing the victim that their SIM card needs to be upgraded to eSIM. Sounding professional and authoritative, they walk the victim through what appears to be a legitimate activation process.

The criminal then sends a fake eSIM activation link and asks the victim to click on it. Once clicked, the victim is asked to share a one-time password (OTP) to 'complete' the eSIM transfer. The moment this OTP is handed over, the victim's mobile number is effectively transferred to a device controlled by the fraudster.

With the phone number now under their control, criminals intercept all incoming messages and calls - including every banking OTP sent by financial institutions. Armed with this access, they can reset passwords, authorise transactions, and transfer funds, leaving victims financially devastated while their own phones show no network signal.

"As soon as the fraudster has authorisation, all your messages and OTPs reach him. He can reset your password, approve your financial transactions, and empty your wallet," the Maharashtra Cyber advisory warned.

The warning sign victims often miss

The agency highlight one critical indicator that victims frequently overlook in the chaos - a sudden, unexplained loss of mobile network. When a phone abruptly shows no signal - with no outage reported by the telecom provider - it may signal that the victim's number has already been transferred to a fraudster's device. By the time most people investigate the connectivity issue, significant financial damage may already be done.

Maharashtra Cyber shares steps to stay safe from the eSIM scam

The Maharashtra Cyber Nodal Agency has outlined the following protective measures for citizens:

- Never share an OTP received for SIM upgrade or eSIM activation with any caller, regardless of who they claim to be - no legitimate telecom company or bank will ask for this.

- Do not click on suspicious links related to SIM upgrades or eSIM activation received via SMS, email, or WhatsApp.

- If your mobile network suddenly stops working without a known reason, immediately contact your telecom operator to check whether an unauthorised SIM swap or eSIM transfer has been attempted.

- Alert your bank without delay if you suspect your number has been compromised, so they can temporarily block transactions.

- Dial ##002# to disable all call forwarding on your device - a quick step that can prevent fraudsters from redirecting your calls.

- Report any suspected eSIM fraud immediately on the national cybercrime helpline 1930 or file a complaint at cybercrime.gov.in.

Broader Preventive Measures

Beyond the immediate steps above, we recommend a broader approach to digital safety. Citizens should treat any unsolicited call or message requesting action on their SIM or bank account with extreme caution. Telecom providers do not require customers to click activation links sent over WhatsApp or personal SMS to upgrade to eSIM, therefore any such request should be treated as a red flag.

Users are also advised to regularly review account activity on their banking apps, enable transaction alerts, and set up secondary authentication methods where possible. If in doubt about a communication's authenticity, contact your telecom provider or bank directly using verified numbers from their official websites - never numbers provided by the caller.