India’s cybercrime authorities have issued a fresh warning about the new fraud tactic that is affecting many individuals in India. The scammers are quietly draining bank accounts and hijacking online profiles by abusing call-forwarding features on mobile phones. The alert, released by the National Cybercrime Threat Analytics Unit under the Indian Cyber Crime Coordination Centre aims to warn people that scams do not require internet access and can be harder to spot.
As per the officials, fraudsters are using social engineering to trick people into activating call forwarding through USSD codes. In many cases, victims get calls or messages from individuals posing as courier or delivery agents, claiming there is an issue with a pending parcel. During the interaction, users are persuaded to dial a short code, which usually starts with “21”. What it does is actually redirect all incoming calls to a number controlled by the attacker.
Once it gets enabled, critical verification calls from banks, payments apps or even messaging platforms like WhatsApp get diverted to the scammer. This allows the scammers to get your one-time passwords, approve transactions, reset login credentials and gain control of accounts without alerting the victim. Many users get to realise something is wrong only after the money is withdrawn or their messaging apps are locked.
Also read: Google Pixel 10a price, launch timeline, camera, battery and all other leaks
The authorities say the scam is particularly dangerous because the USSD commands work instantly and do not rely on data connectivity. And the process uses legitimate telecom functions, the users may not get warnings or notifications, and conventional security tools may fail to detect the misuse.
If you want to be safe, cybercrime officials have advised individuals not to dial USSD codes shared by unknown callers, specifically those starting with prefixes such as 21, 61 or 67.
If you think that call forwarding has been activated, you can disable it immediately by dialing ##002#. We advise you to be cautious of delivery-related messages and verify orders once. If you have already fallen for the scam, you can reach out to 1930 or the official reporting portal.