Scams and Phishing | Help & Support (2023)

Remember, if someone calls you claiming to be from O2, we would never ask for one-time passcodes, passwords and PINs, or personal information like your bank details. So, make sure you check who they are by asking where they're calling from. If you have any doubts, just give us a call on202(free from your O2 mobile) or on0344 809 0202(standard UK rates apply) to check. These could be nuisance calls, so see our advice on what to do about them.

Be aware of scammers Remember, we would never ask for your bank details or one-time passcodes. Find out more
(Video) New Scams to Watch Out For in 2022

Phishing is when fraudsters attempt to get hold of sensitive information such as usernames, passwords, and credit card details, by pretending to be a trustworthy source in an email. When this happens through text message, it’s known as smishing. When someone calls you, it’s vishing.

Thesescams work by sending you an email or text, or by someone calling you and pretending to be from your bank, service provider, the Police, or another trusted company. The message or caller might ask for personal or financial information, such as personal security details, bank details, one-time codes, or passwords, or they might ask you to visit a fake website that looks real. The site will have a form asking for personal information like usernames, passwords, bank account details, or pins.

These messages or calls can be very convincing and look or sound like genuine messages sent by organisations you already deal with. They might even appear within an existing text message string from an organisation you know, for example, some of ours are ‘My O2’, ‘O2UK’, ‘O2SwapMySim’.

Remember, we will never email, text, or call you and ask for a one-time code, password, or other security information you've set up on your O2 account.

Signs of a scam

Signs that an email, message or call might not be genuine:

  • it contains spelling mistakes
  • there’s a generic 'dear customer' header
  • it asks you to provide sensitive personal or financial information or passwords, or to make transactions by following a link in the message
  • there are suspect links or there’s a name in the header with extra letters, numbers or substitutions. For example, a phishing scam trying to imitate O2 might replace the letter 'O' with the number zero
  • it asks you to call a certain number you don’t recognise. In this case, call your bank on a number that you trust, like the one on the back of your card, to check the message is authentic
  • the sender uses an urgent tone, telling you to act now.

Receiving a suspicious email, text orcall won’t harm you in any way. It’s only dangerous if you interact with it. Remember:

  • don’t click on links unless you’re 100% sure they’re genuine
  • take a moment to stop and think. Trust your instincts. If it looks suspicious or too good to be true, there’s probably a catch
  • don’t give away any of your personal details.

If you're suspicious about an email, text or call, report it immediately.

More tips to protect yourself

The National Cyber Security Centre (NCSC) offers the following advice to help protect yourself online:

(Video) Phishing Scammers to Help the FEDS

  • ton two-factor authentication for important accounts
  • protect important accounts using a password of three random words
  • create a separate password that you only use for your main email account
  • update the software and apps on your devices regularly (ideally set to ‘automatically update’)
  • save your passwords in your browser
  • to protect yourself from being held to ransom, back up important data.
'FluBot' text scam

FluBot is a text message scam that is part of a large-scale smishing attack. Currently, it only affects Android devices and is downloaded under the guise of a message with a link to a tracking app or to retrieve a voicemail. The messages can appear to be from a delivery service like DHL, or other companies like Argos and Amazon.

If you click the link in the message, the malware may automatically download to your device. If the app is installed, the malware can take over your device, allowing more infected text messages to be sent to your contacts without your knowledge. The fraudster could also gain access to your messages and online banking details.

Learn more

Reporting a scam email, text or call

Somescams might pretend to be from O2, or from an organisation you already deal with. It's important that we see examples of phishing emails, texts and websites so we can investigate and shut down scammers.

To report a suspicious email:

  • for suspicious emails claiming to be from O2, create a new email draft with ‘Phishing’ as the subject. Attach the suspicious email and send it
  • for emails, forward the message to the organisation that it claims to be from. You can look up the email address to send it to on that organisation’s website

To report a suspicious text:

  • forward the text message, including phone number or company name, to 7726. It won’t cost you anything and it means we can investigate the sender
  • if your phone supports SPAM reporting (currently available if you have an Android device using the Google Messenger App, but others will be available soon), then press the SPAM button to automatically forward the message to7726.
    Information shared to 7726 will be available to all mobile operators, the Information Commissioner’s Office and various approved organisations that are involved in criminal investigations, to enable the to identify the senders. These approved organisations include the National Cyber Security Centre (NCSC) and the Serious Fraud Office (SFO). Information may also be shared with the organisations who are being targeted by the smishing attacks, to help them protect their customers from fraud.

To report a suspicious call:

  • If someone calls you saying they're from O2 and they ask for personal information, one-time codes, passwords and PINs,including bank details, make sure you check who they are first. Ask where they're calling from and take a number to call them back.
  • If you have any doubts, call us to check - these could be nuisance calls, so see our advice on what to do about them.
  • Remember, we’ll never email, text or call you and ask for a one-time code or password, or for any other security information you’ve set up on your O2 account.

You should also report your phishing experiences to The information provided lets law enforcement organisations remove fraudulent sites and identify patterns of attack used by scammers to help us all defend against them.

Think a fraudster might have access to your O2 account?See our fraud advice, and report it to us straight away.

Other sources of help

For more information:

  • Take Five to Stop Fraud- straightforward and impartial advice to help you protect yourself against financialfraud
  • FFA UK- information about the various types of payment fraud, plus helpful tips and advice
  • Action Fraud- the UK’s national reporting centre for fraud and cybercrime
  • Get Safe Online– a resource for unbiased, factual and easy-to-understand information on online safety
  • Which– advice on scams
  • You should also report your phishing experiences The information provided lets law enforcement organisations remove fraudulent sites, and identify patterns of attack used by the scammers to help us all defend against them

Was this information helpful? Yes | No

Thank you for sending your feedback.

(Video) Tech Support Scams Explained

Can't find what you're looking for?

Viruses and malware Keep an eye out for fake emails and attachments. And protect your phone. Learn more
(Video) India's Thriving Scam Industry: Before You Call Tech Support | Undercover Asia | CNA Documentary
O2 Community Get help and chat to other customers in the O2 Community. Find out more
Still need help? Find the best way to get in touch. Contact us


Who can I speak to about scams? ›

You can contact the Citizens Advice consumer helpline if you: think you might have found a scam. need advice about scams. want to report a scam.

What are the 3 most common scams made online? ›

Below are some of the most common.
  • Copycat government websites. Some scams involve websites designed to look like official government websites such as HMRC. ...
  • Dating and romance scams. ...
  • Holiday frauds. ...
  • Mandate fraud. ...
  • Pharming. ...
  • Phishing emails.

What are the 4 ways to avoid phishing? ›

Tips to Prevent Phishing Attacks
  • Know what a phishing scam looks like. ...
  • Don't click on that link. ...
  • Get free anti-phishing add-ons. ...
  • Don't give your information to an unsecured site. ...
  • Rotate passwords regularly. ...
  • Don't ignore those updates. ...
  • Install firewalls. ...
  • Don't be tempted by those pop-ups.
14 Sept 2022

What can I do if I've been scammed? ›

If you've been scammed, you need to: protect yourself from further risks. check if you can get your money back. report the scam.
If you've given the scammer access to your computer
  1. reset your passwords.
  2. let your bank know your financial information might have been stolen.
  3. make sure you update your anti-virus software.

What to do if someone is being scammed? ›

You may have to reach out to law enforcement.

Start by reporting the scam to the Federal Trade Commission. A police report may be necessary to prevent culpability if the scammer steals their identity.

What are the 4 most common scams? ›

Common Scams
  • Emergency Scams. ...
  • IRS or Government Imposter Scams. ...
  • Foreign Money Exchange Scams. ...
  • Counterfeit Cashier's Checks. ...
  • Bogus Debts. ...
  • Home Repair Scams. ...
  • Business Opportunities or Employment Scams. ...
  • Shopping Sprees. You get a phone call, offering you a "$500 shopping spree" (or other amount).

What are 10 popular scams? ›

The Top 10 Scams of 2021:

Social Security Number Phishing. Computer Tech Support (Traditional) Legal Authority Imposter. Sweepstakes/Lotteries.

What can someone do with my name and address? ›

With your personal information, scammers can:
  • access and drain your bank account.
  • open new bank accounts in your name and take out loans or lines of credit.
  • take out phone plans and other contracts.
  • purchase expensive goods in your name.
  • steal your superannuation.
  • gain access to your government online services.

Where do most scams come from? ›

Scams may come through phone calls from real people, robocalls, or text messages. Callers often make false promises, such as opportunities to buy products, invest your money, or receive free product trials. They may also offer you money through free grants and lotteries.

Can someone hack my bank account with my email address? ›

It's also possible hackers could use your email account to gain access to your bank account or credit card information, draining funds from an account, or racking up charges. They might even use your email and password to sign up for online sites and services, sticking you with monthly fees in the process.

What are 2 types of phishing? ›

The 5 most common types of phishing attack
  • Email phishing. Most phishing attacks are sent by email. ...
  • Spear phishing. There are two other, more sophisticated, types of phishing involving email. ...
  • Whaling. Whaling attacks are even more targeted, taking aim at senior executives. ...
  • Smishing and vishing. ...
  • Angler phishing.
24 Mar 2022

What are the 2 most common types of phishing attacks? ›

Towards that end, let's discuss six of the most common types of phishing attacks and highlight some tips that organizations can use to defend themselves.
  1. Deceptive Phishing. Image. Deceptive phishing is the most common type of phishing scam. ...
  2. Spear Phishing. Image. ...
  3. Whaling. Image. ...
  4. Vishing. Image. ...
  5. Smishing. Image. ...
  6. Pharming. Image.
13 Oct 2021

Will I get my money back if I got scammed? ›

Contact your bank immediately to let them know what's happened and ask if you can get a refund. Most banks should reimburse you if you've transferred money to someone because of a scam.

Can I get money back if I've been scammed? ›

Contact the company or bank that issued the credit card or debit card. Tell them it was a fraudulent charge. Ask them to reverse the transaction and give you your money back.

Can scammed money be recovered? ›

Money lost to online scams can be intercepted and recovered, provided the victims react in time and alert the banks involved in the transactions, according to the Interpol.

What if a scammer has my phone number? ›

Your phone number is an easy access point for scammers and identity thieves. Once they know your number, they can use it to send you phishing texts, trick you into installing malware and spyware, or use social engineering attacks to get you to hand over your personal identifying information (PII).

What are 3 examples of scams? ›

Together, let's fight scams.
  • Fraudulent transaction scam. ...
  • Catch the hackers scam. ...
  • Computer technical support scam. ...
  • Email or text message phishing scams. ...
  • Fake invoice scam. ...
  • Investment scam. ...
  • Romance scam. ...
  • Government grant scam.

What are the dangers of scams? ›

Scammers have various techniques to access personal information, which they can then use to execute account takeovers. These include phishing, malware downloads, man-in-the-middle attacks, and others. Being aware and avoiding these techniques and methods is the best identity theft protection plan you could have.

Where do most scams take place? ›

Most of us assume that the majority of scams today are online. But, wallet theft, stealing bank statements, and other personal documents are still popular scams. You are also at risk of being scammed by someone that you know who has access to your personal information.

What are the six signs of phishing? ›

With that in mind, here are six tell-tale signs that an email is a phishing attempt.
  • Grammar and spelling errors. ...
  • Inconsistencies in email addresses, URLs & domain names. ...
  • Suspicious attachments and links. ...
  • Urgent action required or threats. ...
  • Request for sensitive information. ...
  • Impersonal greetings.

What is phishing example? ›

An email from PayPal arrives telling the victim that their account has been compromised and will be deactivated unless they confirm their credit card details. The link in the phishing email takes the victim to a fake PayPal website and the stolen credit card information is used to commit further crimes.

Can phishing be done by phone? ›

SMiShing is phishing done through SMS. Android expert and Senior Analyst Nathan Collier has written about a smishing message a colleague received on their Android device that purportedly originating from a human resources company, promoting an open albeit fake position of Prime Agent for Amazon.

What are 4 things to look for in phishing messages? ›

7 Ways to Spot Phishing Email
  • Emails with Bad Grammar and Spelling Mistakes.
  • Emails with an Unfamiliar Greeting or Salutation.
  • Inconsistencies in Email Addresses, Links & Domain Names.
  • Suspicious Attachments.
  • Emails Requesting Login Credentials, Payment Information or Sensitive Data.
  • Too Good to Be True Emails.

What are the five types of scams? ›

Types of scam
  • Cyber crime scams. E-crime is criminal activity carried out using computers or the internet. ...
  • Telephone scams. ...
  • Email scams. ...
  • Online shopping and finance scams. ...
  • Protecting your personal information online. ...
  • Postal scams. ...
  • Online dating or relationship scams. ...
  • Doorstep criminal scams.

Who are the most common victims of scams? ›

Most Common Scams by Age

Americans ages 18-24 fell victim to fake check and money order scams, most whereas Americans 65 and older were most commonly victims of tech support scams.

What are the newest scams? ›

Scammers may incorporate a recent event or cryptocurrencies into their messages, and some are using new technology.
However, watch out for a few new types of attacks.
  • Student Loan Forgiveness Scams. ...
  • Phone Scams. ...
  • Zelle Scams. ...
  • Cryptocurrency Scams. ...
  • Romance Scams. ...
  • Online Purchase Scams. ...
  • Employment Scams.
14 Nov 2022

How do I know if someone is stealing my identity? ›

10 Ways to Recognize Identity Theft
  1. Your credit report doesn't seem accurate. ...
  2. Suspicious activity on your credit card and bank statements. ...
  3. Unexpected physical mail. ...
  4. Missing physical mail. ...
  5. Identification documents are lost (or stolen) ...
  6. Suspicious phone calls and voicemails.
26 Sept 2022

What happens if a scammer has your email address? ›

One of the major risks of scammers having your email address is that they'll use it to hack into your other online accounts. With your email address, they can request password resets, try entering your other passwords that have been leaked online, and even break into your email account.

What happens if a scammer gets your address? ›

If a scammer knows your address, they could begin sending you mail to get more information out of you. This could be anything from a fake competition to a phony bank letter. Though this isn't a cybercrime, it's still worth being aware of.

Why do people get scams? ›

Scams succeed because they look like the real thing and catch you off guard when you're not expecting it. Scammers are getting smarter and taking advantage of new technology, new products or services and major events to create believable stories that will convince you to give them your money or personal details.

What are the most common scams online? ›

Common Scams and Crimes
  • Health Care Fraud. ...
  • Holiday Scams. ...
  • Money Mules. ...
  • Ransomware. ...
  • Romance Scams. ...
  • Sextortion: What Kids and Caregivers Need to Know. ...
  • Skimming. ...
  • Spoofing and Phishing. Spoofing and phishing are schemes aimed at tricking you into providing sensitive information—like your password or bank PIN—to scammers.

Why do scams call me everyday? ›

If an incoming call is labeled Scam Likely, it's probably a call from a spammer, scammer, or telemarketer. Your carrier maintains a database of likely telemarketing phone numbers and flags these calls automatically. You can choose to ignore calls marked Scam Likely, or you can block them and prevent them from ringing.

What is the first thing you do when you get hacked? ›

Step 1: Change your passwords

This is important because hackers are looking for any point of entry into a larger network, and may gain access through a weak password. On accounts or devices that contain sensitive information, make sure your password is strong, unique—and not easily guessable.

Can I tell if my email has been hacked? ›

How Do I Know if My Email Has Been Hacked? You can't sign into your email account. Hackers will often lock you out of your account as soon as they get access. If your normal email password isn't working, there's a good chance you've been hacked. There are strange messages in your “Sent” folder.

What can someone do with an email without password? ›

If a hacker wanted to try breaking into one of your online accounts, knowing your email address is a solid first step. Obviously, they can't log in without your password, but by knowing your email address, they could target you with phishing emails – malicious attachments that install malware on your machine.

Which phishing tool is best? ›

Top nine phishing simulators
  • Infosec IQ.
  • Gophish.
  • LUCY.
  • Simple Phishing Toolkit (sptoolkit)
  • Phishing Frenzy.
  • King Phisher.
  • SpeedPhish Framework (SPF)
  • Social-Engineer Toolkit (SET)

How is phishing done? ›

Phishing works by sending messages that look like they are from a legitimate company or website. The message will usually contain a link that takes the user to a fake website that looks like the real thing. The user is then asked to enter personal information, such as their credit card number.

What are the main methods of phishing? ›

What Are the Different Types of Phishing?
  • Spear Phishing.
  • Whaling.
  • Vishing.
  • Email Phishing.

Who is the main target of phishing? ›

Online payment services, Internet-based financial services businesses, and retail sites are among the most targeted sectors, according to Statista, a statistics companies on the Internet, which provides “Phishing Activity Trends” highlighting the number of global phishing incidents by industry sectors and type of ...

What are some red flags of phishing? ›

Here are the 7 biggest red flags you should check for when you receive an email or text.
  • 1 Urgent or threatening language. ...
  • 2 Requests for sensitive information. ...
  • 3 Anything too good to be true. ...
  • 4 Unexpected emails. ...
  • 5 Information mismatches. ...
  • 6 Suspicious attachments. ...
  • 7 Unprofessional design.
31 Mar 2022

Why is it called phishing? ›

The word is a variant of fishing, influenced by phreaking, and alludes to the use of increasingly sophisticated lures to "fish" for users' sensitive information. Attempts to prevent or mitigate the impact of phishing incidents include legislation, user training, public awareness, and technical security measures.

Who do you report scams to UK? ›

If you think you may have been a victim of fraud or cyber crime, and live in England, Wales or Northern Ireland, you should report this to Action Fraud at or by calling 0300 123 2040. If you live in Scotland, you should report to Police Scotland by calling 101.

Can I call the police if I've been scammed? ›

When to call the police. Contact the police immediately by calling 101 if: the scammer is in your area. you've transferred money to the scammer in the last 24 hours.

What can a scammer do with my name and address uk? ›

Your name, address and date of birth provide enough information to create another 'you'. An identity thief can use a number of methods to find out your personal information and will then use it to open bank accounts, take out credit cards and apply for state benefits in your name.

Where do I send phishing emails? ›

Forward phishing emails to (an address used by the Anti-Phishing Working Group, which includes ISPs, security vendors, financial institutions, and law enforcement agencies). Let the company or person that was impersonated know about the phishing scheme.

What happens when you text 7726? ›

When you forward a text to 7726, it alerts your cell phone carrier of a spam problem. After cell phone carriers receive spam reports at 7726, they ask you for more information and then launch an investigation into the spam sender.

Will I get my money back if I get scammed? ›

Contact your bank immediately to let them know what's happened and ask if you can get a refund. Most banks should reimburse you if you've transferred money to someone because of a scam.

How can I recover money from a scammer? ›

Contact your bank and report the fraudulent transfer. Ask them to reverse the wire transfer and give you your money back. Did you send money through a money transfer app? Report the fraudulent transaction to the company behind the money transfer app and ask them to reverse the payment.


1. Consumer Alert: Phishing scams claim to be from Apple tech support
(LOCAL 12)
2. PayPal Phishing Scams are Getting Worse
(Mental Outlaw)
3. Experts warn of rise in phishing scams ahead of holiday shopping
(WXYZ-TV Detroit | Channel 7)
4. Dasher Phishing Scams
(Doordash Tips)
5. Geek Squad Email Invoice Scam, Explained (Geeks Support LLC)
(Jordan Liles)
6. Computer scam locks user's computer, instructs you to call Microsoft technical support
(WMAR-2 News)
Top Articles
Latest Posts
Article information

Author: Lakeisha Bayer VM

Last Updated: 01/15/2023

Views: 6572

Rating: 4.9 / 5 (69 voted)

Reviews: 84% of readers found this page helpful

Author information

Name: Lakeisha Bayer VM

Birthday: 1997-10-17

Address: Suite 835 34136 Adrian Mountains, Floydton, UT 81036

Phone: +3571527672278

Job: Manufacturing Agent

Hobby: Skimboarding, Photography, Roller skating, Knife making, Paintball, Embroidery, Gunsmithing

Introduction: My name is Lakeisha Bayer VM, I am a brainy, kind, enchanting, healthy, lovely, clean, witty person who loves writing and wants to share my knowledge and understanding with you.