If you’re like me, you’ve embraced eSIM technology for its convenience—no physical card, quick switching between carriers, easy setup, and perfect for heading on holiday. However, eSIMs aren’t entirely secure, and there are still a few ways they can be hacked.
QR Code Scams
PeopleImages/Velvector/Shutterstock
When setting up your eSIM, you often scan a QR code provided by your carrier. Attackers exploit this by creating fraudulent QR codes disguised as legitimate setup tools. Scanning a fake QR code can redirect your device to a malicious eSIM profile, hijacking your cellular connection. Once compromised, attackers can intercept your calls, messages, and data, potentially leading to identity theft or financial fraud.
To protect yourself, always verify QR codes by confirming them through official carrier channels, and avoid scanning codes sent from untrusted sources or found in suspicious online advertisements or websites. If you’re ever uncertain, reach out directly to your carrier to confirm the QR code’s authenticity before scanning.
Phishing and Social Engineering
Phishing attacks are designed to trick you into revealing sensitive eSIM details. For example, a phishing or social engineering attack may impersonate your mobile carrier through convincing emails or text messages, urging you to download malicious eSIM profiles or confirm your personal details. These attacks can be highly convincing, mimicking carrier logos, contact information, and official language, while also being sent from a spoofed email address or SMS address to appear legitimate.
Although it seems like you have nothing to worry about from a phishing attack of this nature (because you’re a “regular person” without a super high net worth or otherwise), think again. Phishing attacks are often spray-and-pray, in that attackers send a large number of scam messages and hope that someone will fall victim.
Thankfully, you can deal with attempted eSIM phishing attacks as you would any other phishing attack: by not responding to or interacting with any suspicious messages or phone calls.
Related
4 Ways eSIMs Are Safer Than a Physical SIM Card
It’s much easier to change your network, but also much more secure, too.
Malware and Spyware
Just like a regular SIM card, an eSIM is vulnerable to malware. Malicious apps may access your sensitive eSIM information, communications, and even monitor your device’s activity. Similar to other eSIM attacks, the goal here is to eventually take control of your eSIM communications with the aim of intercepting authentication codes, which can allow access to your secure accounts.
It’s worth noting that malware specifically targeting your eSIM is rare. Back in 2019, the Simjacker exploit was uncovered, but there isn’t really a similar attack currently available for eSIMs (at least, that we know about). A device is more likely to be infected with malware designed to monitor and steal data, with an aim to accessing eSIM information. Also, while malware and spyware can attack and monitor your device, installing actual malware on a SIM or eSIM is also practically unheard of, and certainly not at the level of most attackers. It’s real nation-state, spies-in-the-dark type stuff; you’re far more likely to click a dodgy link than be one of the first recorded victims of actual eSIM malware.
To safeguard your device, only install apps from reputable app stores and always review permissions carefully before granting access. Regularly check your phone for unfamiliar or suspicious apps, remove unused or unnecessary software promptly, and use trusted antivirus or security software to identify and remove potential threats.
iOS and Android Vulnerabilities
This actually ties into malware and spyware, in that attackers will attempt to exploit known issues in the two largest mobile operating systems to find an angle to attack your eSIM. Unfortunately, attackers are continually exploring Android and iOS to find vulnerabilities that can be exploited to gain access to your device.
Most of the time, you can mitigate these issues by keeping your device up to date and avoiding the installation of apps from third-party sources. For Android devices, that means avoiding sideloading apps, as the unofficial app stores may package malware that can infect your device. There have been numerous examples of malware gaining access to devices through sideloading, such as the bank-account-draining ToxicPanda attack in 2024.
Related
Here’s Why Software Updates Help Keep You Safe
Keeping your operating system and apps up-to-date can be annoying, but doing so is essential for your security.
eSIM attacks aren’t as common as attacks on regular, physical SIM cards yet. Although eSIM tech really started gaining traction with the iPhone XR, XS, and XS Max, more smartphones than ever now offer support, which means its attack surface is increasing. In turn, this means that more attackers will begin focusing on how to exploit eSIMs, so it’s worth knowing what to look out for.
