If someone calls you claiming to be from O2, make sure you check who they are by asking where they’re calling from. Remember, we’d never call you and ask for one-time passcodes, passwords, PINs or personal information like your bank details. If you have any doubts, call us on 202 (free from your O2 mobile) or on 0344 809 0202 (standard UK rates apply).

If you've been a victim of fraud report it straight away.

Fraudsters try to get hold of sensitive information such as usernames, passwords and credit card details by pretending to be from a trustworthy source, like your bank or the police. There are different ways they can attempt to get in touch with you.

The message or caller might ask for personal or financial information, or ask you to add your personal details to a form on a fake website.

Signs of a scam

Ways to tell if an email, text or call might not be genuine:

  • It contains spelling mistakes
  • There’s a generic 'dear customer' header
  • It asks for sensitive, personal or financial information and passwords
  • It asks you to follow a link to make a transaction
  • It asks you to call a number you don’t recognise
  • The sender uses an urgent tone, telling you to act now
  • There’s a name in the header with extra letters, numbers or substitutions. For example, a phishing scam trying to imitate O2 might replace the letter 'O' with the number zero


  • Don’t click on links unless you’re 100% sure they’re genuine
  • Trust your instincts. If it looks suspicious or too good to be true, there’s probably a catch
  • Don’t give away any of your personal details

If you’re worried about an email, text or call, get in touch straight away.

More tips to protect yourself

The National Cyber Security Centre (NCSC) offers the following advice to help protect yourself online:

  • Turn on two-step verification
  • Use a password of three random words
  • Create a separate password that you only use for your main email account
  • Update the software and apps on your devices regularly
  • Save your passwords in your browser
  • Back up important data

Scammers can now clone the phone numbers of organisations they want to impersonate. Even if the number on your caller display matches an official number, it might not be real.

If you’re calling a company back, find the number yourself and don’t use the number they supply. Using the 159 service is the safest way to contact most UK banks after a supposed fraud call.

FluBot text scam

FluBot is a text message scam that’s part of a large-scale smishing attack. Currently, it affects Android devices and is downloaded under the guise of a text with a link to a tracking app, or to retrieve a voicemail. The texts can appear to be from companies like DHL, Argos and Amazon.

If you click the link in the text, the malicious software may automatically download and take over your device, allowing infected texts to be sent to your contacts without your knowledge. The fraudster could also gain access to your messages and online banking details.

Learn more

Reporting a scam email, text or call

Some scams might pretend to be from O2. It's important that we see examples of phishing emails, texts and websites so we can investigate and shut down scammers.

To report a suspicious email:

  • Create a new email draft with ‘Phishing’ as the subject. Attach the suspicious email and send it to spam@o2.com.
  • Forward the message to the organisation that it claims to be from.

To report a suspicious text:

  • Forward the text, including the phone number or company name, to 7726. It won’t cost you anything and it means we can investigate the sender
  • If your phone supports SPAM reporting then press the SPAM button to automatically forward the message to 7726

Information shared to 7726 will be available to all mobile operators, the Information Commissioner’s Office and various approved organisations that are involved in criminal investigations, to enable them to identify the senders.


To report a suspicious call:

  • Call us on 202 (free from your O2 mobile) or 0344 809 0202 (standard UK rates apply)

You should also report your phishing experiences to report@phishing.gov.uk. The information provided lets law enforcement organisations remove fraudulent sites.

Think a fraudster might have access to your O2 account? Find out what to do.

More ways to get help

Was this information helpful? Yes | No

Thank you for sending your feedback.

Can't find what you're looking for?