It was an ordinary afternoon when Rakesh’s phone rang. The caller claimed to be from a courier company, apologising for a missed delivery and asking him to dial a short code to “confirm” his number. It sounded routine. Rakesh followed the instruction, the call disconnected. Nothing seemed amiss.
Moments later, his phone went eerily silent. Calls stopped coming in. Unknown to him, that single code had quietly activated call forwarding on his device. Every incoming call, including bank verification calls and OTPs, was now being redirected to a fraudster. By the time Rakesh realised something was wrong, money had already vanished from his account.
Across India, thousands are falling prey to this deceptively simple scam, where a few digits are all it takes to hand over control of your phone.
What is the Scam?
The National Cybercrime Threat Analytics Unit of the Indian Cyber Crime Coordination Centre (I4C) under the Ministry of Home Affairs has observed a new trend in cyber crimes. Scammers use Unstructured Supplementary Service Data (USSD) to enable call forwarding by impersonating delivery agents. USSD is a basic mobile network feature that allows users to interact directly with their telecom operator. It works without internet access or mobile apps and is commonly used for services like checking balances or activating call-related features. Because USSD actions happen instantly and often without visible confirmation, scammers misuse them to take control of phone services without the user realizing it. I4C issued an advisory on this scam on December 4, 2025.
Image credits: Cyber Dost on Facebook
How Does the Scam Work?
- Fraudsters contact victims pretending to be delivery or courier service agents.
- Victims are instructed to dial a short USSD code (that begins with a combination of special characters like * or # and numbers) on the pretext of confirming or rescheduling a delivery, resolving an issue, or completing verification.
- Dialling the code activates unconditional call forwarding on the victim’s phone without alerting them.
- All incoming calls, including bank verification calls and OTP-related voice calls, are diverted to the fraudster’s number.
- Using intercepted calls and authentication prompts, the fraudster takes over accounts and carries out unauthorised transactions.
After this scam happens, your phone may suddenly stop ringing for incoming calls, or callers may find it unreachable. At the same time, you may miss or receive delayed alerts from banks, payment apps, or messaging services without any apparent reason. These warning signs come into light quite late.
Image credits: Department of Telecommunications on X (@DoT_India)
How to Stay Safe?
- Do not trust unsolicited calls or messages asking you to act urgently. Always verify delivery or service issues through official apps or customer care numbers.
- Never dial USSD codes suggested by unknown callers, especially those starting with *21*,* 61*,*67* or similar prefixes claiming to verify deliveries or accounts.
- If you suspect call forwarding has been activated without your consent, immediately dial ##002# to cancel all call forwarding settings.
- Regularly check your phone’s call forwarding settings and be alert if incoming calls suddenly stop reaching you.
Image credits: Cyber Crime Wing – Tamil Nadu on Instagram (@tncybercrimeoff)
You can report any cybercrime incidents to the National Cybercrime Helpline by dialling 1930. You can also visit the National Cybercrime Reporting Portal at cybercrime.gov.in to register your complaint online.