What Is The USSD Scam? MHA Warns of New Cyber Scam After Rise In Call Forwarding Fraud

By Oneindia Staff

Updated: Saturday, December 20, 2025, 15:49 [IST]

Add as a preferred source on Google

The Ministry of Home Affairs (MHA) has issued a fresh warning to the public after detecting a new cybercrime pattern involving the misuse of USSD (Unstructured Supplementary Service Data) codes to facilitate financial fraud and account hacking.

The alert was issued based on observations by the National Cybercrime Threat Analytics Unit under the Indian Cyber Crime Coordination Centre (I4C), which has flagged a growing number of complaints linked to call forwarding scams.

According to the MHA, cybercriminals are exploiting USSD codes-special combinations of numbers, asterisks (*) and hash symbols (#) that allow users to interact with telecom service providers without an internet connection-to secretly redirect calls from victims' mobile phones to numbers controlled by fraudsters. Once call forwarding is enabled, critical calls related to banking transactions, one-time passwords (OTPs), and authentication codes for messaging platforms are intercepted, enabling large-scale financial theft and account takeovers.

How the scam works

The modus operandi involves fraudsters impersonating delivery or courier service agents. Victims are contacted over phone calls and told that a parcel delivery needs confirmation or rescheduling. Under this pretext, the caller persuades the individual to dial a specific USSD code sent via SMS.

These codes typically begin with 21 followed by a mobile number that belongs to the scammer. When the victim dials the code, call forwarding is automatically activated on their phone without their clear understanding of the implications. As a result, incoming calls-including those from banks, payment gateways, and digital platforms-are diverted directly to the fraudster.

The ministry warned that this allows criminals to receive OTPs and verification calls meant for the victim, leading to unauthorized financial transactions and the hacking of WhatsApp, Telegram, and other linked accounts. In many cases, victims only realise something is wrong after money has been siphoned off or when they lose access to their messaging accounts.

Rising concern over USSD misuse

USSD codes are commonly used for legitimate purposes such as checking balances, activating telecom services, or accessing basic mobile functions. However, the MHA cautioned that their simplicity and offline functionality make them an attractive tool for cybercriminals, particularly when combined with social engineering tactics.

Officials noted that the scam does not require malware installation or internet access, making it harder for users to detect and for traditional cybersecurity measures to block.

Precautionary measures advised

To protect citizens, the Ministry of Home Affairs has issued a set of clear precautions. Users have been strongly advised not to dial or enter any USSD codes starting with 21, 61, 67, or similar prefixes if they are shared by unknown or suspicious callers.

In case call forwarding has already been activated unknowingly, users can immediately deactivate all forwarding services by dialing ##002#, which cancels call forwarding for busy, unreachable, or no-answer scenarios.

The ministry also urged people not to click on suspicious courier or delivery-related links received through SMS, WhatsApp, or email. Instead, delivery details should be verified directly through the official website or customer care helpline of the courier company.

Download

Download

Reporting cyber fraud

Citizens who encounter such scams or suspect fraudulent activity have been asked to report incidents immediately by calling the national cybercrime helpline number 1930 or by filing a complaint on the official cybercrime portal, www.cybercrime.gov.in

The MHA reiterated that public awareness remains the most effective defence against evolving cyber threats and urged mobile users to stay alert, cautious, and informed while dealing with unsolicited calls and messages.