Indian authorities have raised concerns over a deceptive fraud that misuses a common mobile phone feature called call forwarding. According to an advisory issued by the Indian Cyber Crime Coordination Centre, scammers are posing as courier or delivery agents and contacting people under the excuse of confirming or rescheduling a package.
The call is made to sound routine and harmless. Victims are told there is a small issue with a delivery and are asked to dial a short code, often shared through an SMS, to confirm details. These codes usually begin with prefixes such as 21, 61, or 67. While they appear normal, officials warn that dialing them can trigger serious consequences.
Once entered, these codes silently activate call forwarding on the victim’s phone. This action redirects all incoming calls to a number controlled by the scammer.
Authorities explained that the scam relies on USSD or Unstructured Supplementary Service Data. This is a telecom protocol that allows users to manage network services without internet access. USSD codes, which use number combinations along with symbols like * and #, are commonly used for checking balances or managing call settings.
In this scam, fraudsters misuse these functions to reroute incoming calls without needing physical access to the phone. As a result, important calls such as bank verification calls, one time password confirmations, and authentication calls from apps like WhatsApp and Telegram are diverted to the scammer.
Officials said this shift often goes unnoticed until damage has already begun. Bank alerts and security checks may reach the criminal instead of the user, enabling account takeovers and unauthorised transactions.
“This can lead to unauthorised financial transactions and takeover of messaging accounts,” officials said.
The advisory stressed that the scam does not involve malware or hacking tools. Instead, it exploits trust and a lack of awareness about how everyday phone features work.
To stay safe, authorities have advised citizens not to dial USSD codes starting with 21, 61, 67, or similar prefixes shared by unknown callers. Anyone who suspects call forwarding has been activated should immediately dial ##002# to cancel all forwarding settings.
Users are also urged to avoid clicking on suspicious delivery links and to verify parcel details only through official courier websites or helplines. Victims have been asked to report incidents by calling the national cybercrime helpline 1930 or by filing a complaint on the government cybercrime portal.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
