Stop
If someone calls you claiming to be from O2, make sure you check who they are by asking where they’re calling from. Remember, we’d never call you and ask for one-time passcodes, passwords, PINs or personal information like your bank details. If you have any doubts, call us on 202 (free from your O2 mobile) or on 0344 809 0202 (standard UK rates apply).
Send to 7726
Think you might have got a text from a scammer? Don’t just ignore it – take a few seconds to forward it to us on 7726 (which spells SPAM on your phone’s keypad). Reporting messages this way is free, keeps you safe and allows us to block fraudsters’ numbers so we can prevent or shut down similar scams faster in future.
Speak out
Let your friends and family know if you’ve come across a scam. By telling others, you can help make sure they’re never caught off guard.
Be aware of scammers
Help protect your O2 account. Find out what to look out for and how to report fraud.
Fraudsters try to get hold of sensitive information such as usernames, passwords and credit card details by pretending to be from a trustworthy source, like your bank or the police. There are different ways they can attempt to get in touch with you.
The message or caller might ask for personal or financial information, or ask you to add your personal details to a form on a fake website.
Ways to tell if an email, text or call might not be genuine:
It contains spelling mistakes
There’s a generic 'dear customer' header
It asks for sensitive, personal or financial information and passwords
It asks you to follow a link to make a transaction
It asks you to call a number you don’t recognise
The sender uses an urgent tone, telling you to act now
There’s a name in the header with extra letters, numbers or substitutions. For example, a phishing scam trying to imitate O2 might replace the letter 'O' with the number zero
Remember:
Don’t click on links unless you’re 100% sure they’re genuine
Trust your instincts. If it looks suspicious or too good to be true, there’s probably a catch
Don’t give away any of your personal details
If you’re worried about an email, text or call, get in touch straight away.
The National Cyber Security Centre (NCSC) offers the following advice to help protect yourself online:
Turn on two-step verification
Use a password of three random words
Create a separate password that you only use for your main email account
Update the software and apps on your devices regularly
Save your passwords in your browser
Back up important data
Scammers can now clone the phone numbers of organisations they want to impersonate. Even if the number on your caller display matches an official number, it might not be real.
If you’re calling a company back, find the number yourself and don’t use the number they supply. Using the 159 service is the safest way to contact most UK banks after a supposed fraud call.
FluBot is a text message scam that’s part of a large-scale smishing attack. Currently, it affects Android devices and is downloaded under the guise of a text with a link to a tracking app, or to retrieve a voicemail. The texts can appear to be from companies like DHL, Argos and Amazon.
If you click the link in the text, the malicious software may automatically download and take over your device, allowing infected texts to be sent to your contacts without your knowledge. The fraudster could also gain access to your messages and online banking details.
Some scams might pretend to be from O2. It's important that we see examples of phishing emails, texts and websites so we can investigate and shut down scammers.
To report a suspicious email:
Create a new email draft with ‘Phishing’ as the subject. Attach the suspicious email and send it to spam@o2.com.
Forward the message to the organisation that it claims to be from.
To report a suspicious text:
Forward the text, including the phone number or company name, to 7726. It won’t cost you anything and it means we can investigate the sender.
If your phone supports SPAM reporting then press the SPAM button to automatically forward the message to 7726
Information shared to 7726 will be available to all mobile operators, the Information Commissioner’s Office and various approved organisations that are involved in criminal investigations, to enable them to identify the senders.
To report a suspicious call:
Text the word ‘CALL’, followed by the suspicious caller’s number, to 7726.
You should also report your phishing experiences to report@phishing.gov.uk. The information provided lets law enforcement organisations remove fraudulent sites.
Think a fraudster might have access to your O2 account? Find out what to do.
More ways to get help
Take Five to Stop Fraud – information and advice about payment fraud
Action Fraud – the UK’s national reporting centre for fraud and cybercrime
Get Safe Online – factual and easy-to-understand information on online safety
Which – advice on scams
Last updated: 07/04/2025
