Fraud Alert: Don't Dial These Codes from Your Android Mobile
Yogesh Sapkale | 09 December 2022
Last week I received a message claiming that a person was duped when a fraudster asked him to dial some codes from an Android mobile phone. The dialer codes mentioned in the message are related to the call-forwarding option. Many users are not even aware of the dangers of some of the codes that can be dialled from the dial pad. However, do not confuse these codes (known as man-machine interface-MMI schema) with the USSD (unstructured supplementary service data) codes used for menu-based services or mobile banking payment services. To be specific, to use USSD codes on a mobile phone, you need to be connected to a network so that it can reach the servers. However, MMI codes run offline and are limited to that particular handset.  
After hitting banks, the cheaters, masquerading as customer care representatives on social media, are also targeting the income tax (I-T) department. I will also later explain regarding warnings issued by the India Post Payments Bank (IPPB) about fraudsters using accounts opened in villagers' names for cyber crimes.
Beware of Dialer Codes
The basic rule is, if you do not know something, either stay away or make an effort to learn about it. This applies to pressing some digits starting from * on your Android mobile device. When you input a code, which is a combination of *, # and a number, you would receive an automatic response from the mobile device. For example, using *#06# as input will give you the IMEI (International Mobile Equipment Identity), the unique 15-digit code of the mobile phone. 
A code like the one mentioned above is common across handsets to find out IMEI, but device makers have some specific codes that can only be used on their devices. For example, on the OnePlus mobile, pressing *#888# would provide information about the motherboard's version. The same code works on Realme as well. However, it may not produce desired output on other brand mobile devices. 
While some codes are related to hardware and software information of the mobile handsets, there are other codes used by mobile service providers to enable or disable specific functions or value-added services. For example, to enable call forwarding, you can make the changes through setting from your mobile or simply press the specific code from the dial pad. 
I am sharing some codes from mobile operators that are readily available in the public domain. However, request you not to use it unless you are 100% sure about its end result. 
For unconditional forwarding or forwarding all calls, Jio uses *401* followed by the ten-digit mobile number on which you want the calls to be forwarded. To cancel this, you will have to press *402* followed by the mobile number where your calls are being forwarded. 
All mobile providers provide the facility to forward calls to any number specified by the user based on incidents. You can forward calls to the other number if there is no answer from the original number or when it is busy or not reachable. 
No doubt this facility is beneficial. However, it can be misused by fraudsters. In the incident I mentioned earlier, if the recipient had dialled the codes, all calls on his mobile would have been forwarded to the fraudster's number. If the fraudsters also have your login ID, they can easily use the forgot password option and then choose a phone call to receive the one-time passcode (OTP). 
While this would be disastrous, I would again urge you never to dial any codes starting from * from your mobile device or let anyone else do it on the handset. Remember, there are a few codes that can run a factory reset (deleting all apps and data from your mobile) or wipe your device and the firmware installed. 
While codes can be used to forward calls, luckily, there are no codes to automatically forward SMS. For this, you will have to download and use some other app. But here, too, do not go for it unless you know the end results and are 100% sure about it. 
Fake Support/Customer Care of I-T Dept
In a warning, the I-T department has asked taxpayers not to call or respond to any call that asks them to share their personal, financial, or other sensitive information.
For grievance redressal, the I-T department asks taxpayers to send an email on [email protected] along with the permanent account number (PAN) and mobile number. 
The Twitter account that was fraudulently responding to taxpayers' queries has now been suspended. But there may be others pretending to be from the tax department. So, be careful and refrain from sharing any personal information on social media.
Bogus Bank Accounts Used for Cybercrimes
India Post Payments Bank (IPPB) has asked customers not to hand over control of their bank account by sharing their mobile banking credentials with unknown persons to transact on their behalf. IPPB found that fraudsters are opening bank accounts using know-your-customer (KYC) information obtained from some villagers, tribals and not-so-literate people under the pretext of providing monetary benefits of government schemes.  
"These accounts are used for illegal money transactions in various cyber-crimes beyond the knowledge of the actual account holders," IPPB says in a statement.
It asks customers not to provide the mobile number of any third person in their bank account opening form. "Customers are advised not to accept or send any money without knowing the genuineness of the transaction. Customers are advised not to share their IPPB account details with people luring job offers or offering an opportunity to make easy money via social media."
Remember, precautions are always better than cures. Stay Alert, Stay Safe! 
How To Report Cyberfraud?
Do report cyber crimes to the national cybercrime reporting portal or call the toll-free national helpline number, 1930. To follow on social media: Twitter (@Cyberdost), Facebook (CyberDostI4C), Instagram (cyberdostl4C), Telegram (cyberdosti4c).