.png){kind=logo}
A sinle missed call and all your hard-earned money is wiped out! Cybercrime officials are warning that fraudsters are exploiting a hidden phone feature to hijack bank accounts and online profiles silently.
The fraudulent activities are being carried out without any internet access, malware, or suspicious links, making it far harder to detect.
The National Cybercrime Threat Analytics Unit has issued an advisory in this regard under the Indian Cyber Crime Coordination Centre. According to the officials, scammers are misusing call forwarding to intercept verification calls intended for the victims.
Unlike regular online fraud, this method via USSD codes doesn’t require mobile data or Wi-Fi; hence, it's difficult for users to detect.
According to officials, scammers rely heavily on social engineering. Victims typically receive calls or messages from people posing as courier or delivery agents, claiming there is a problem with a pending parcel.
In the process, users are convinced to dial a short USSD code; most of them start with ‘21’. The extent to which a call is forwarded secretly to the scammer through a code that the victim did not comprehend remains unnoticed by the victim.
As soon as call forwarding is activated, the attacker is already receiving the calls that are so important to banks, payment services, and communication platforms like WhatsApp.
This allows fraudsters to receive one-time passwords, approve transactions, reset account credentials, and even lock users out of their own messaging apps. In many cases, victims realize something is wrong only after money has been withdrawn or accounts have been compromised.
Authorities warn that users are often not notified as USSD commands take immediate action and use legitimate telecom functionalities. Traditional security solutions may not detect this abuse.
Also Read: Fake e-Challan Scam Spreads Nationwide, Motorists’ Card Details at Risk
Cybercrime officials have also cautioned people not to dial any USSD code sent to their mobiles by unknown callers, especially those starting with prefixes like 21, 61, or 67.
In case users suspect call forwarding to have been activated without consent, they can immediately disable all forwarding by dialling ‘##002#’ from their phone.
Users are also advised to beware of delivery-related calls or messages and verify orders issued directly. If anyone thinks they may be the target of this scam, they should immediately contact the cybercrime helpline at 1930 or report the incident on the official cybercrime reporting portal.
Authorities stress that awareness remains the best defense against ever-evolving fraud tactics that exploit trust rather than technology.
