The Indian government has issued a warning about a dangerous cyber fraud called the USSD-based call forwarding scam.
The alert comes from the National Cybercrime Threat Analytics Unit under the Ministry of Home Affairs.
Cybercriminals are using this scam to access victims’ bank accounts and messaging apps.
What Is USSD and How Is It Misused?
USSD (Unstructured Supplementary Service Data) is a mobile code system that uses symbols like * and # to access network services without the internet.
Fraudsters are exploiting this technology to activate call forwarding on victims’ phones.
This means calls meant for the user, including bank OTPs and verification calls from apps like WhatsApp and Telegram, are redirected to the criminals, giving them access to sensitive information.
How the Scam Works
According to the advisory, the scam works in a very clever and misleading way:
Criminals call victims pretending to be delivery or courier agents.
They claim to confirm a parcel or reschedule a delivery.
They ask the victim to dial a specific USSD code (usually starting with 21) followed by another number.
Once dialed, call forwarding is activated, and all important calls reach the fraudster.
This allows them to steal money from bank accounts or hack social media apps.
How to Protect Yourself
To stay safe from this scam:
Never dial USSD codes like 21, 61, 67, or any code given by an unknown caller.
If call forwarding is activated accidentally, dial ##002# immediately to disable all forwarding.
Avoid clicking on suspicious SMS, WhatsApp, or email links.
For parcel or courier queries, always use the official website or customer care of the company.
Where to Report Cyber Fraud
If you encounter this or any other cyber scam:
Call the 1930 helpline immediately.
File a complaint at www.cybercrime.gov.in.
Timely reporting can prevent or minimize losses and help authorities track cybercriminals.
This format makes it easy for readers to understand the scam quickly, know the risks, and learn exact steps to protect themselves.
