Previously, SIM swappers relied on social engineering or worked with insiders at mobile carrier services to help them port a target’s number. However, as companies implemented more protections to thwart these takeovers, cybercriminals turned their attention to emerging opportunities in new technologies.
Now, attackers breach a user’s mobile account with stolen, brute-forced, or leaked credentials and initiate porting the victim’s number to another device on their own.
They can do this by generating a QR code through the hijacked mobile account that can be used to activate a new eSIM. They then scan it with their device, essentially hijacking the number.
To defend against eSIM-swapping attacks, researchers recommend using complex and unique passwords for the cellular service provider account and enabling two-factor authentication if available.
But it also does show that banks should not be relying solely on SMS or authentication by SIM.
See https://www.bleepingcomputer.com/news/security/sim-swappers-hijacking-phone-numbers-in-esim-attacks/