Cyber alert: Scammers reroute calls and alerts
By Rajnish Singh, New Delhi, January 7
Be alert, as a routine phone call or an innocent delivery update could quietly hand over control of your most sensitive digital information to a fraudster.
An alarming trend is being registered increasingly as the cybercriminals are exploiting the call forwarding feature on mobile phones to secretly reroute incoming calls and critical alerts, such as bank OTPs and authentication codes, to their own numbers.
The trend has prompted a warning from the Indian Cyber Crime Coordination Centre (I4C) under the Ministry of Home Affairs, which says scammers are turning a legitimate telecom function into a powerful tool for financial fraud and account takeovers.
By the time a victim realises something is wrong, verification calls from banks or security alerts from apps may already be reaching a criminal's phone, leaving the user locked out and vulnerable.
Authorities say the growing sophistication of such scams highlights the urgent need for greater public awareness about how everyday mobile features can be weaponised by cybercriminals.
In an official advisory, the National Cybercrime Threat Analytics Unit of I4C flagged a rising trend of USSD-based call forwarding scams. USSD (Unstructured Supplementary Service Data) codes are special sequences of numbers and symbols, such as "*" and "#", that allow users to access telecom services without an internet connection.
According to the advisory issued last month, fraudsters are impersonating delivery or courier service agents and contacting citizens on the pretext of confirming or rescheduling deliveries. Victims are then asked to dial USSD codes sent via SMS, typically starting with 21, followed by a mobile number controlled by the scammer.
Officials said dialling such codes automatically activates call forwarding on the victim's phone, resulting in incoming calls from banks, payment OTP verifications, and authentication messages from platforms like WhatsApp and Telegram being redirected to the fraudster.
"This can lead to unauthorised financial transactions and takeover of messaging accounts," said the officials.
The I4C has cautioned citizens not to dial or enter any USSD codes beginning with 21, 61, 67, or similar prefixes shared by unknown callers.
In case call forwarding has already been activated, users can immediately deactivate all forwarding services by dialling ##002#.
The advisory also urges people to avoid clicking on suspicious courier or delivery links received via SMS, WhatsApp, or email, and to verify delivery details directly through official courier websites or customer care helplines.
"Victims of such scams have been advised to report incidents immediately by calling the national cybercrime helpline 1930 or by lodging a complaint on www.cybercrime.gov.in," the officials suggest.
— ANI
Reader Comments
The ##002# deactivation code is a lifesaver. I think telecom companies should send this info as a bulk SMS to all users. Public awareness is key. Good that I4C is issuing these warnings.
As someone who works in tech, the sophistication is alarming. They're exploiting basic telecom features. A respectful suggestion: the advisory should also clearly state that no legitimate courier will EVER ask you to dial a USSD code. That point needs to be hammered home.
Bhai, yeh scams har roz naye avtar mein aate hain. First it was fake KYC calls, now this. We need stricter punishment for these cyber thugs. Also, banks should have a secondary layer of authentication that isn't just SMS-based.
Shared this in my housing society WhatsApp group immediately. Many aunties and uncles order things online regularly and could easily fall for the "courier agent" story. Thank you for the clear information and the helpline number.
The fact that this doesn't require internet makes it so dangerous. It can target anyone with a basic phone. A crucial read for all.
We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.