Why you got a "new login" email and what to do

If you got a "new login from a different device" email from Eflexsim, it means your account was just signed in to from a device, browser, or location we hadn't seen before. If that was you (new phone, new laptop, signing in from a different country during travel), no action needed. If it wasn't you, change your password immediately, enable two-factor authentication if it isn't already on, and email support@eflexsim.com so we can lock the account against further access while we investigate.

Below: when these alerts are triggered, how to tell if it was you, and exactly what to do if it wasn't.

What triggers a new-login alert

We send the alert when a sign-in matches one or more of these patterns:

• Sign-in from a device or browser we haven't seen before on your account.
• Sign-in from a country or city different from your usual location.
• Sign-in after a long period of inactivity.
• Sign-in from a network or IP range associated with VPN or proxy services.

The alert contains:

• Date and time of the sign-in.
• Approximate location (city, country) based on IP geolocation.
• Device type and browser (e.g., "iPhone Safari" or "Windows Chrome").
• Whether the sign-in succeeded.

We send the alert to the email address on file for the account.

Was it you?

Common cases where the alert is normal:

You're traveling. Signing in from a country different from home triggers the alert. If you're using your Eflexsim account during a trip, this is expected.

You bought a new phone or laptop. First sign-in from new hardware triggers the alert. Once we see the new device for a few sign-ins, it becomes recognized and stops triggering.

You're using a VPN or proxy. Sign-ins through VPN services often look unusual to our location detection. If you regularly use a VPN, expect more of these alerts.

You're signing in via a browser you don't normally use. Trying Firefox after only using Chrome, or signing in on a friend's computer, both trigger the alert.

You switched networks. First sign-in on a new home Wi-Fi or hotel Wi-Fi sometimes registers as a "new location" even though it's still you.

In all these cases, no action is needed. The alert is just informational.

If it wasn't you

If you're sure the sign-in wasn't from you (location doesn't match, time doesn't match, you weren't online at all), assume the account may have been compromised:

Step 1: Change your password immediately.

1. Sign in (if you still can).
2. Go to Account → Security → Change password.
3. Set a new, strong password (not reused from another site).
4. Confirm with the old password.
5. Save.

This locks out anyone who had the old password.

If you can't sign in (the attacker may have changed the password), use the password reset flow. See how to reset my password.

Step 2: Enable two-factor authentication.

If 2FA wasn't already on, turn it on right after the password change:

1. Account → Security → Two-factor authentication → Enable.
2. Scan the QR with an authenticator app.
3. Save the recovery codes.

This means even if someone learns the new password, they still can't sign in without your phone. See how to enable two-factor authentication.

Step 3: Check your account for unauthorized activity.

Look for:

• Orders you didn't make.
• Email or other profile changes.
• Wallet credit balance changes.
• Saved cards you didn't add.

If anything looks wrong, email support@eflexsim.com with details. We can flag the order(s), void any unauthorized eSIM purchases, and refund unauthorized charges.

Step 4: Email support to lock the account temporarily.

If you suspect ongoing unauthorized access:

• Email support@eflexsim.com.
• Subject line: "Possible unauthorized access — please lock account."
• Include the account email and the suspicious activity details.

We can temporarily disable the account while we investigate, then help you regain control with a fresh password and re-verified email.

Step 5: Check related accounts.

If your Eflexsim password was reused on other sites (email, social, banking), those accounts may also be at risk. Change those passwords too. Use a password manager going forward.

Why we send these alerts

The alert serves a few purposes:

• Catches unauthorized access early. Most account takeover damage happens in the first hours; alerts get you involved fast.
• Educates you on what's normal vs not. Over time, you build a sense of which sign-ins are routine and which warrant attention.
• Provides an audit trail. If something does go wrong later, the alert is documentation of when access was first granted.

We can't perfectly distinguish "you on a new device" from "an attacker on their device." So we err on the side of telling you about anything unusual.

How to reduce alert frequency

If you get alerts often and they're all you, a few options:

• Enable "Remember this device for 30 days" at sign-in. Reduces alerts from your regular devices.
• Disable VPN when signing in if you're using one. Or use the same VPN endpoint consistently so the location stabilizes.
• Stay signed in on regular devices rather than signing out and back in repeatedly.

You can't fully disable the alerts (security baseline), but you can reduce their frequency to the point where every alert is meaningful.

What you can't see from the alert

Some information the alert doesn't include (intentionally):

• Exact IP address. We don't expose IPs in alerts to avoid information leakage.
• Browser version or OS version. Device family only.
• Whether 2FA was used at sign-in. The alert tells you a sign-in happened; you'd check account settings to verify whether 2FA was bypassed somehow.

If you need this detail for investigating a suspicious sign-in, email support@eflexsim.com and we can share more from our backend logs.

Frequently asked questions

QI'm in the same country but got an alert anyway.

IP geolocation is approximate. Sometimes the same city shows as a different one (especially for mobile networks). Look at the device and browser fields — if they match yours, it's almost certainly you.

QCan I see all past sign-ins to my account?

Yes. Account → Security → Recent activity shows a list of recent sign-ins with date, location, and device. You can revoke any session you don't recognize.

QWhy didn't I get an alert when I signed in?

Alerts only trigger for unusual sign-ins. Your normal devices and locations don't trigger them. The first sign-in from a device might generate an alert; subsequent ones don't.

QCan I opt out of new-login alerts?

We don't recommend it but you can in your security settings. New-login alerts are part of the baseline security posture; disabling them removes a key signal for catching account takeover.

QCan I get a text or push notification instead of email?

Email is the default channel; push notifications via the Eflexsim mobile app are also supported if you have the app installed.

QWhat if I got an alert but I'm sure my password and device are fine?

It may have been a failed sign-in attempt (the alert sometimes fires for high-risk attempts even if the password didn't match). Email support if you want to confirm the details from our backend.

For password changes, see how to reset my password. For 2FA setup, see how to enable two-factor authentication. For account recovery, see lost access to your email.