Skip to main content

I put in *#21# in my smartphone's dialer, and it says everything is forwarded?! Should I be alarmed?

Short answer: No. 

Long answer: GSM phones let you put in these dialer codes to change some settings. The codes, collectively, are known as USSD (unstructured supplementary service data) codes, sometimes called "quick codes". These settings are NOT in your phone, but on your mobile carrier's computer as a part of your account. 

Generally speaking, USSD codes are used to add or remove service, or change some settings for the service. Some carriers use it for payment notification and payment status. Actual active codes are dependent on the carrier. As this is often used to just show the status of something it's also called interrogation codes, or feature access codes. 

So what does *#21# actually do (note: it's actually asterisk - hash - two - one - hash)? It shows the status of call forwarding set to the five types of calls you get: voice, SMS, fax, data, and system. (NOTE: some phone vendors only show voice, SMS and data, not fax or system)

And in all cases, it *should* say "all forwarded". Because, remember, these are settings for your account on the carrier's computer, NOT YOUR PHONE! Of course you want all those forwarded TO YOUR MOBILE PHONE! 

Some unscrupulous antivirus providers, to drum up sales of their products, have articles on their website with alarming titles such as "What number to dial to see if your phone is being tapped". I am NOT linking to that crap content. 

This misinformation was passed on by alarmist content creators who had absolutely NO technical background to verify what they are passing on. As a result, such misinformation are passed onto people on Tiktok, Instagram, Facebook, and other social media such as Reddit. 

USAToday did a factcheck on this very issue. Their conclusion is clear: false. This code only shows if a phone has call forwarding enabled. It does NOT tell you anything about a security breach. 

If you are scared, you can enter another code to disable call forwarding. You may lose features like voicemail, but whatever lets you sleep at night. 

In fact, Howtogeek has a list of the common short codes (for iPhones), and most carriers will have their own listed at their own websites (albeit, may be listed under feature codes, short codes, or access codes)

Don't believe everything you read, even on an alleged "reputable" website. 

Labels:

Comments

Post a Comment

Popular posts from this blog

I finished Google Cybersecurity Certificate in 5 Days. What did I learn?

As of May and June 2023, there were a lot of buzz about the Google Cybersecurity professional certificate issued in conjunction with Coursera.  So I took the 8 course certificate program, and I was able to finish it in 5 days (May 31st to June 4th), which is so fast, it was within the 7 day trial period, so I did not pay anything (normally $49.00 USD).  I did go in with a couple unfair advantages: * I already know SQL * I already know Python * I was an IT professional  * I have taken a cybersecurity intro course before * I was also between jobs so I have a LOT of time to dedicate to studying * I have taken many Coursera courses before (back in early 2020) So is the course any good? I think it is a good course for people who have no idea what to expect, and this will give them a taste on what a job in cybersecurity will involve. The video lectures are relatively short, and there were a LOT of emphasis on the non-traditional non-technical background of many of the Google em...
Post a Comment
Read more

6 tips to finish a Coursera Certificate Fast! (from the guy who did it in 5 days)

Hi, I am Captain Chang, an IT professional, and veteran of multiple Coursera certificates, most of them finished in 10 days or less. Recently, I finished the Google Cybersecurity Certificate in 5 days. A link to that video is in the description.  To me, Coursera education is a cheap introduction to a career you are considering, from data science and information technology to cybersecurity and user interface design, and a lot more for less than $50 a month. However, to get the most out of Coursera, there are some strategies you should follow.  While the strategies I talk about after this mainly applies to the the cybersecurity certificate, most of the tips should work in general toward other technical Coursera professional certificate programs as well. 1. Understanding how Coursera payment works Coursera is usually organized around "certificate programs", which has several courses. For example, the cybersecurity certificate course from Google / Coursera has 8 courses. [insert ...
Post a Comment
Read more

I Got Both Google Cybersecurity and and ISC2 Certified in Cybersecurity. Should You?

The Google Cybersecurity Certificate and the ISC2 Certified in Cybersecurity are two of the most popular cybersecurity certifications available. Both certifications cover a wide range of topics, including network security, application security, and security operations. However, there are some key differences between the two certifications. Both Google Cybersecurity Certificate and the ISC2 Certified in Cybersecurity are considered entry-level certifications The Google Cybersecurity Certificate is very friendly for people who did not come from a computer background, but if you already know IT, Linux, SQL, or Python, you will have an advantage here. You will also learn some practical cybersecurity tools, such as SIEM and Splunk log reading, and you will end up trying to write incident report logs, short analysis reports, and so on.   The ISC2 Certified in Cybersecurity is more focused on theoretical and base level knowledge, with a bit more discussion on the differences among in...
Post a Comment
Read more