Cyber Experts Warn: How Fake Delivery Calls Can Hijack Your Phone Using USSD Codes

New Delhi | January 10, 2026 Cybercrime authorities have issued a warning about a new scam that allows fraudsters to take control of a mobile phone through a simple fake “delivery” call using USSD codes. In this scheme, scammers pose as delivery or courier agents and ask unsuspecting users to dial short codes — a mix of numbers, asterisks, and hash symbols — claiming it is needed to confirm a package. What seems harmless can quietly change the phone’s network settings, redirecting incoming calls and important alerts to the attacker without the user’s knowledge. The National Cybercrime Threat Analytics Unit has reported several incidents where victims, believing they were helping confirm deliveries, dialed these codes. Soon after, they noticed that incoming calls and verification messages stopped reaching their phones directly. Critical calls like bank OTPs and account alerts were instead diverted to unknown numbers controlled by the attackers. USSD, or Unstructured Supplementary Service Data, is a legitimate telecom feature that allows interaction with a service provider without an internet connection. Commands such as 21#, 61#, or 67# can set up call forwarding — a feature fraudsters exploit to hijack phones silently. Because these changes occur at the network level, victims often remain unaware, as their devices appear normal. Experts say this scam succeeds due to social engineering. Scammers sound official and create urgency, convincing users to act quickly. People who frequently order online or expect deliveries are prime targets. The commands work across major telecom networks, including Jio, Airtel, and Vi, making the threat widespread. Authorities warn that once call forwarding is activated, attackers can intercept OTPs, bank calls, and other sensitive communications, potentially leading to financial loss. Early warning signs include missed calls, sudden drop in incoming calls, or contacts reporting they cannot reach you. Dialing ##002# can cancel call forwarding if it has been activated. To stay safe, users should never dial codes provided by unknown callers or through suspicious messages. Always verify through official customer service numbers or apps. Avoid clicking links in unsolicited messages about deliveries, and use operator-supported features to manage call settings securely. Anyone suspecting a scam should immediately contact their bank and report to cybercrime authorities. This scam highlights how fraudsters exploit simple telecom features to trick users, showing the importance of vigilance. Even routine-sounding calls can carry hidden risks, and verifying information through trusted channels is the best protection against such threats. Cyber Experts Warn: How Fake Delivery Calls Can Hijack Your Phone Using USSD Codes Cybercrime authorities have raised an alert about a new scam where fraudsters can take over your phone through a fake delivery call using USSD codes. In this scam, callers pretend to be delivery agents and ask you to dial a short code, claiming it’s needed to confirm a package. What seems harmless can quietly change your phone’s network settings, redirecting your calls and important alerts to the scammer without your knowledge. Experts say the scam works because of social engineering. Scammers sound official and create urgency, convincing people to act quickly. Online shoppers or those expecting deliveries are prime targets. The fraud uses legitimate telecom commands, such as 21# or 67#, to forward calls at the network level, which makes it hard for users to notice anything wrong. Once activated, attackers can intercept OTPs, bank verification calls, and other sensitive messages, leading to financial loss or account takeover. Victims may notice missed calls, contacts unable to reach them, or missing OTPs. If you suspect this has happened, dialing ##002# cancels call forwarding. To stay safe, never dial codes given by unknown callers or messages. Verify delivery requests through official channels, apps, or customer care numbers. Avoid clicking suspicious links, and use operator-supported tools to manage call forwarding safely. Always report suspected scams to cybercrime authorities and your bank immediately. This scam shows how easily criminals exploit simple telecom features. Even routine-sounding calls can carry hidden risks. Staying alert, verifying information, and following safe practices can protect you from becoming a victim of this growing threat.