Beware if you receive an SMS saying that an eSim has been ordered on your mobile line: it is SIM swapping, a new trendy scam aimed at stealing your number, which is causing havoc at the moment!

Beware if you receive an SMS saying that an eSim has been ordered on your mobile line: it is SIM swapping, a new trendy scam aimed at stealing your number, which is causing havoc at the moment!

While the SIM card is still the norm, French operators have been offering their customers the option of using the eSIM for several years – provided they have a smartphone compatible with this technology. It is a miniaturized version of the traditional SIM card directly soldered to the motherboard which allows manufacturers to dispense with the SIM card tray – and therefore save space for components. It also makes it easier for operators to remotely change the information written on it – for better or for worse. Cybercriminals, who didn’t take long to see this as a great hacking opportunity, set up a new type of scam called SIM swapping – “exchange of SIM” in French. And scams using this method have been multiplying for several weeks, especially with SFR customers, as reported Capital.

SIM swapping: a fake SMS to order an eSIM

It all starts with a very banal phishing attempt. The thieves pretend to be a mobile phone company – in this case SFR – and send their victim an SMS claiming that a request to change their SIM to eSIM has been requested on their line. The person is then invited to click on a link in order to cancel the order. To do this, she goes to the fake website and enters her login and password. She then receives a second SMS informing her of potential malfunctions on her line during the next 72 hours. At that point, the trap closes, and it is already too late.

For their part, once the valuable information has been recovered, the hackers contact SFR’s customer service pretending to be their victim. They claim a theft or loss of their phone to ask for a new SIM card to be sent. They provide all the necessary information – which they have found on the account thanks to the identifiers and the password – to testify to their identity to the operator, who sees nothing but fire. Once the sesame has been received, the door is open to scams.

SIM swapping: the door open to many scams

Once they have received the new SIM card – always in the name of the victim – hackers can use the line to carry out phishing campaigns and thus obtain valuable personal and banking information, which they can resell on the Dark Net. They can also use it to unlock access via double authentication to certain sensitive services – such as the banking application – or for remote purchases. Suffice to say that the financial losses can quickly turn out to be quite significant… Another method: make premium rate calls to numbers they have created, which can lead to a telephone bill of several hundred euros for the victim.

This is why you should be wary of any text message received by an unknown number – especially those beginning with 06 or 07 –, especially if it contains spelling errors. The link URL can also be a good indicator. In any case, you should never click on the link sent! AT Instead, it is better to go manually to the website. It is also recommended not to share sensitive information on social networks – or at least limit access to them as much as possible (restricted circle of friends, etc.) – because they can be used by malicious people to spoof the Internet. identity of the person. Finally, it is necessary to systematically opt for double identification on all of its accounts, the best being to use a dedicated application such as Google Authenticator.