PREVIOUS UPDATES BELOW

Chris_K · ‎31-03-2020

⚠️ 2024 UPDATE ⚠️

The discount scam is the one we're seeing most, we are still seeing reports of all the same previous scams we highlighted in our other updates - so please review that update to help refamiliarise yourself with them. The newer variants ask the customer to change their password to 'Updatemyo2' so please be extra vigilant.

As a reminder and more information on the discount scam, see the below section from our previous update

More info

If you receive a call from anyone offering you a 40% discount on your O2 mobile, please hang up immediately. It's a scam.

These have again been around for a while, but we're starting to see it in more use by scammers. There seems to be various numbers being used for this scam and they seem to change often, but recent example calls we're aware of have come from these numbers: 01288 449676, 02844 776840, 0333 0119140, 01288 449676.

The caller will offer you a 40% discount and in the current climate, we can see how this may catch some customers out. Please do not be tempted as this is not something we offer. If you continue the call, the caller will likely then attempt one of the following:
1) Make use of social engineering to extract more personal details from you, sometimes including your bank account details. This will be used to commit bank or identity fraud or similar
2) They will send you a one-time authorisation code which they'll ask you to repeat back. With this, they then have access to your account to perform various tasks including a sim swap, or to order new devices in your name.

So you know, we'll never call, text or email you and ask for a one-time code, password, or other security information. Please report these calls by texting CALL to 7726. Please also see our website for more advice.

For absolute clarity, the discounts we currently have available are shown below, but in a nut shell, we have no discount propositions that offer 40%. Any claim otherwise is a scam.
1) O2 Staff Discounts - These are of course reserved for staff only, and nobody will ever contact you to offer you this
2) O2 Friends & Family Discounts - These are again reserved only for friends and family of staff members. This is not something that would be offered to customers
3) O2 Open Discounts - To qualify for O2 Open, you need to work for an eligible company. The discount itself is set at 25%. You can find more info here.
4) Student Discount - As a student you’ll get 20% off your Airtime Plan when you buy a connected phone or tablet. You can find more info here.
5) Multisave Discount - Get 20% off the Airtime Plan of every new eligible Pay Monthly connection you add to your account. You can find more info here.

If you receive a call from anyone offering you a 40% discount on your O2 mobile, please hang up immediately. It's a scam. These have again been around for a while, but we're starting to see it in more use by scammers. There seems to be various numbers being used for this scam and they seem to change often, but recent example calls we're aware of have come from these numbers: 01288 449676, 02844 776840, 0333 0119140, 01288 449676.The caller will offer you a 40% discount and in the current climate, we can see how this may catch some customers out. Please do not be tempted as this is not something we offer. If you continue the call, the caller will likely then attempt one of the following:1) Make use of social engineering to extract more personal details from you, sometimes including your bank account details. This will be used to commit bank or identity fraud or similar2) They will send you a one-time authorisation code which they'll ask you to repeat back. With this, they then have access to your account to perform various tasks including a sim swap, or to order new devices in your name.So you know, we'll never call, text or email you and ask for a one-time code, password, or other security information. Please report these calls by texting CALL to 7726. Please also see our website for more advice.For absolute clarity, the discounts we currently have available are shown below, but in a nut shell, we have no discount propositions that offer 40%. Any claim otherwise is a scam.1) O2 Staff Discounts - These are of course reserved for staff only, and nobody will ever contact you to offer you this2) O2 Friends & Family Discounts - These are again reserved only for friends and family of staff members. This is not something that would be offered to customers3) O2 Open Discounts - To qualify for O2 Open, you need to work for an eligible company. The discount itself is set at 25%. You can find more info here.4) Student Discount - As a student you’ll get 20% off your Airtime Plan when you buy a connected phone or tablet. You can find more info here.5) Multisave Discount - Get 20% off the Airtime Plan of every new eligible Pay Monthly connection you add to your account. You can find more info here.

View our previous scam and fraud updates at the bottom of this post

Received a suspicious SMS or Email? There's no need to contact us. See below hints and tips for spotting these scams, and what to do with them.

We often see reports from customers who believe that they may be at risk from fraudsters trying to dupe them into sharing their personal information. These types of scams are known as phishing or smishing – a form of fraud which impersonates a company in order to steal sensitive information such as login, bank or other personal details. We’ve pulled together some information to help you identify these scams and keep your information safe.

What is it?
Phishing or Smishing is when fraudsters attempt to get hold of sensitive information such as usernames, passwords or bank details by pretending to be a trustworthy source in emails (Phishing) or texts (Smishing). These scams work by sending you an email or text that looks like it’s from your bank, service provider or other company, usually asking you to visit a fake website that looks real. If at this point you try logging in, or provide any info, fraudsters will attempt to use that info to commit fraud in your name.

What are you looking for?
As with many scams, it begins with an email or text. Some of these may be from scammers pretending to be O2, and may alert you to an unpaid or overdue bill, and will include a link to pay or ‘view your bill’. This messaging is designed to panic recipients into clicking the link to view the bill.

Clicking the link will either direct you to a fake website or in some cases, download Malware to your computer. The most common type of phishing email will direct you to a fake website and ask you to enter your login details. Malware can be used for a number of things – for example, it could record your keystrokes, enabling fraudsters to piece together even more personal information and login details.

Signs of a Phishing or Smishing Scam
It’s often easy to spot a scam. Be on the lookout for:

Spelling mistakes
A ‘from’ email address that doesn’t match the company or organisation
A text sent from an unfamiliar sender, such as a normal looking mobile number
Demands that you take action straight away or risk having your account suspended
A generic ‘dear customer’ header
Suspect links with extra letters, numbers or substitutions. For example, a phishing scam trying to imitate O2 might replace the letter ‘O’ with the number zero
Requests for sensitive data like usernames, passwords, D.O.B etc.

Here are some examples of Phishing emails:

More info

surveyscam.jpg.png

Here are some examples of Smishing texts:

More info

termination 2.jpg

What to do
If you’re suspicious about an email you’ve received and it's pretending to be from O2, please send it onto our team to be looked into. DO NOT click on any links. It’s important that we see examples of phishing emails and websites so we can investigate and shut down scammers. To report a suspicious email or website:

Create a new email draft with ‘Phishing’ as the subject
Attach the suspicious email
Send to spam@o2.com

To report a suspicious text pretending to be from O2, forward the original message to 7726. You may get an automated response thanking you for the report and giving you further instructions if needed. You will not be charged for sending texts to 7726.

Alternatively, if your phone supports SPAM reporting (currently available if you have an Android device using the Google Messenger App, but others will be available soon), then press the SPAM button to automatically forward the message to 7726.

For more info about phishing from our support pages, click HERE.
For more info and advice on how to safeguard against fraud, visit the Fraud Advisory Panel.
For more info on spam texts click here.

We'll update this thread regularly, as and when there are new scams you should be aware of, or we want to share any details that will help ensure you don't fall foul to scammers.

PREVIOUS UPDATES BELOW

⚠️ DECEMBER 2022 UPDATE - Christmas Scammers ⚠️

More info

During the festive period so far, we're not seeing an emergence in any new types of scam, but you should be aware that these fraudsters are cunning and a new scam could emerge at any point. The current prevalent scams we're continuing to see is the discount one, where someone contacts you to sell or offer a 40% (sometimes this varies). In most instances we've seen, the caller is insistent (and sometimes rude or pushy!) on you providing them with a code they send to your phone. It's imperative you do not do this - we will NEVER call you and ask you for this one-time code.

During the festive period so far, we're not seeing an emergence in any new types of scam, but you should be aware that these fraudsters are cunning and a new scam could emerge at any point. The current prevalent scams we're continuing to see is the discount one, where someone contacts you to sell or offer a 40% (sometimes this varies). In most instances we've seen, the caller is insistent (and sometimes rude or pushy!) on you providing them with a code they send to your phone. It's imperative you do not do this - we will NEVER call you and ask you for this one-time code.

⚠️ September 2022 UPDATE - Conversation / O2 / Generic / Gov / Discount Scams ⚠️

More info

Hello everyone. It's been a while since my last update on this thread, but the truth is that scams are still here and they've never gone away or even reduced in numbers. All the same scams you've already seen are still in circulation so it's important to always remain vigilant. That said, we have seem some newer examples and variants of existing scams, as well as some new ones that we wanted to highlight.

Government / Energy Bill Scams

More info

This is a new one we've started to see. The reason we're highlighting this is because we're in the midst of a cost of living crisis that's impacting us all - individuals, families and businesses alike - and with the various energy bill support and initiatives that are available, some may not think twice about clicking the link in this text. Don't!

Here are the tell tale signs that this, and others like it, are a scam:
1) The text was sent from a standard mobile number. A genuine text from the Government would show as coming from the Government - not a mobile number
2) The text was sent at 3am. A genuine text, especially from the Government, would not arrive at such times. Generally speaking if you receive a text like this outside of normal hours, it's likely to be a scam so always be cautious
3) The 'GOV-UK' bit seems suss - though it's been a while since I've seen any official Gov texts, the last genuine one we saw started with 'GOV.UK'. This isn't a hard and fast rule, but definitely one to be cautious about
4) While the website isn't as random as a lot of other scam links we've seen, you should always be cautious about any text claiming to be from the Government that doesn't link out to a Gov.uk website (eg, such as https://www.gov.uk/)

O2 Discount Scams (40% discount phone call scam)

More info

If you receive a call from anyone offering you a 40% discount on your O2 mobile, please hang up immediately. It's a scam.

These have again been around for a while, but we're starting to see it in more use by scammers. There seems to be various numbers being used for this scam and they seem to change often, but recent example calls we're aware of have come from these numbers: 01288 449676, 02844 776840, 0333 0119140, 01288 449676.

The caller will offer you a 40% discount and in the current climate, we can see how this may catch some customers out. Please do not be tempted as this is not something we offer. If you continue the call, the caller will likely then attempt one of the following:
1) Make use of social engineering to extract more personal details from you, sometimes including your bank account details. This will be used to commit bank or identity fraud or similar
2) They will send you a one-time authorisation code which they'll ask you to repeat back. With this, they then have access to your account to perform various tasks including a sim swap, or to order new devices in your name.

So you know, we'll never call, text or email you and ask for a one-time code, password, or other security information. Please report these calls by texting CALL to 7726. Please also see our website for more advice.

For absolute clarity, the discounts we currently have available are shown below, but in a nut shell, we have no discount propositions that offer 40%. Any claim otherwise is a scam.
1) O2 Staff Discounts - These are of course reserved for staff only, and nobody will ever contact you to offer you this
2) O2 Friends & Family Discounts - These are again reserved only for friends and family of staff members. This is not something that would be offered to customers
3) O2 Open Discounts - To qualify for O2 Open, you need to work for an eligible company. The discount itself is set at 25%. You can find more info here.
4) Student Discount - As a student you’ll get 20% off your Airtime Plan when you buy a connected phone or tablet. You can find more info here.
5) Multisave Discount - Get 20% off the Airtime Plan of every new eligible Pay Monthly connection you add to your account. You can find more info here.

Conversational Scams

More info

This is a new one to us, and is FAR more involved and manual so we can't imagine these are being sent in any large quantity compared to the usual dodgy link / multiple typo scams you're used to.

As you can see there's a little social engineering going on, relying on the Mum asking if it was 'xyz' to which the scammer replies yes. They're careful to focus on the 'accident' only. The scammer then goes on to request cash to help them out. Needless to say, the real Leah was involved in no such incident and did not ask (or receive) ant money... But the scammer did.

How did this happen? It's impossible to say for sure, but one possibility is that at some point the real Leah installed a malicious app (or clicked a malicious link) that collected certain details. From those details, a scammer may have built a profile including the name of the phone owner, their contact details, their favourite contacts etc. Another possibility is that it was a shot in the dark from a scammer and when the mother asked 'Is this you Leah?', that was their foot in the door - making the conversation feel genuine so as to not raise suspicion and get them closer to completing their scam - getting money, or getting valuable banking or personal info.

What should you do in this situation? There's always a chance something like this is 100% real, but scammers are cunning and deceptive. In this case, if you were the mother, then ideally you would call Leah on her real number. Chances are you'd likely have got through to her and quickly realised you were being scammed. Don't be afraid to challenge back and ask them to prove they are who they say they are - a phone call to confirm their voice for example, when was the last time you met, or something only the real Leah would know.

O2 Related SMS Scams - Latest bill / Termination / PAC

More info

These have been around for a long time and unfortunately, they will probably be around forever. Scams evolve but at the heart, they're all the same and they're all designed to make you panic. We're all so reliant on our mobile these days that the thought of there being an issue may make some recipients panic and tap links without thinking. Here's some of the latest examples we've seen

termination 2.jpg

At least two things all of the above 'O2 scams' have in common are:

They all came from a standard mobile number. Official texts from us will show as coming from O2 UK. It's important to note however that sometimes, the scammers with better brains or resources are able to spoof these 'alpha codes' to make the text appear to come from a business/org rather than a number.
All these texts have dodgy looking links - they all mention 'O2' somewhere in the URL to try and catch you out, but make no mistake all these links are fake and will either try and install malware on your device, or attempt to ask/steal your details, login or bank account info.

Other / Generic SMS Scams

More info

It's not just scammers targeting customers to make them think their mobile service will be disconnected either - these scammers are also targeting banking related services too such as Apple Pay, Google Pay, or pretending they're the bank themselves and their card has been suspended. Similar to above, these are designed to incite panic and make you react on a whim, without thinking about the legitimacy of the text.

If you receive any texts like the ones shown above in this update, the important things to check are:

Did it come from a mobile number instead of a business/org name? If so, chances are it's a scam
Does it include a link that looks different from what you know to be the business/orgs official website? If so, chances are it's a scam
Are there typos or poor use of grammar and/or punctuation? If so, chances are it's a scam
Did you receive a text claiming to be from O2 (oh two) and somewhere it says 02 (zero two)? If so, chances are it's a scam
Does the text contain something that doesn't seem quite right? If so, there's a chance it's a scam. You should contact the business via their official contact details to confirm
Does the text claim to be from someone you know and they're asking you to click on something, send money, or do something urgently? If it's not from a known number, there's a chance it's a scam. You should try contacting the person via any other means to confirm the legitimacy of the text

What should you do if you believe you've been sent a scam SMS?

If your phone supports SPAM reporting then you may have an option to report the text as spam which will do the above task for you. If your device doesn't have a SPAM reporting functionality, see below for an alternative method to report this to us.

Alternatively, to report a suspicious text pretending to be from O2, forward the original message to 7726. You may get an automated response thanking you for the report and giving you further instructions if needed. You will not be charged for sending texts to 7726.

Hello everyone. It's been a while since my last update on this thread, but the truth is that scams are still here and they've never gone away or even reduced in numbers. All the same scams you've already seen are still in circulation so it's important to always remain vigilant. That said, we have seem some newer examples and variants of existing scams, as well as some new ones that we wanted to highlight. Government / Energy Bill Scams This is a new one we've started to see. The reason we're highlighting this is because we're in the midst of a cost of living crisis that's impacting us all - individuals, families and businesses alike - and with the various energy bill support and initiatives that are available, some may not think twice about clicking the link in this text. Don't!Here are the tell tale signs that this, and others like it, are a scam:1) The text was sent from a standard mobile number. A genuine text from the Government would show as coming from the Government - not a mobile number2) The text was sent at 3am. A genuine text, especially from the Government, would not arrive at such times. Generally speaking if you receive a text like this outside of normal hours, it's likely to be a scam so always be cautious3) The 'GOV-UK' bit seems suss - though it's been a while since I've seen any official Gov texts, the last genuine one we saw started with 'GOV.UK'. This isn't a hard and fast rule, but definitely one to be cautious about4) While the website isn't as random as a lot of other scam links we've seen, you should always be cautious about any text claiming to be from the Government that doesn't link out to a Gov.uk website (eg, such as https://www.gov.uk/) O2 Discount Scams (40% discount phone call scam) If you receive a call from anyone offering you a 40% discount on your O2 mobile, please hang up immediately. It's a scam. These have again been around for a while, but we're starting to see it in more use by scammers. There seems to be various numbers being used for this scam and they seem to change often, but recent example calls we're aware of have come from these numbers: 01288 449676, 02844 776840, 0333 0119140, 01288 449676.The caller will offer you a 40% discount and in the current climate, we can see how this may catch some customers out. Please do not be tempted as this is not something we offer. If you continue the call, the caller will likely then attempt one of the following:1) Make use of social engineering to extract more personal details from you, sometimes including your bank account details. This will be used to commit bank or identity fraud or similar2) They will send you a one-time authorisation code which they'll ask you to repeat back. With this, they then have access to your account to perform various tasks including a sim swap, or to order new devices in your name.So you know, we'll never call, text or email you and ask for a one-time code, password, or other security information. Please report these calls by texting CALL to 7726. Please also see our website for more advice.For absolute clarity, the discounts we currently have available are shown below, but in a nut shell, we have no discount propositions that offer 40%. Any claim otherwise is a scam.1) O2 Staff Discounts - These are of course reserved for staff only, and nobody will ever contact you to offer you this2) O2 Friends & Family Discounts - These are again reserved only for friends and family of staff members. This is not something that would be offered to customers3) O2 Open Discounts - To qualify for O2 Open, you need to work for an eligible company. The discount itself is set at 25%. You can find more info here.4) Student Discount - As a student you’ll get 20% off your Airtime Plan when you buy a connected phone or tablet. You can find more info here.5) Multisave Discount - Get 20% off the Airtime Plan of every new eligible Pay Monthly connection you add to your account. You can find more info here. Conversational Scams This is a new one to us, and is FAR more involved and manual so we can't imagine these are being sent in any large quantity compared to the usual dodgy link / multiple typo scams you're used to. As you can see there's a little social engineering going on, relying on the Mum asking if it was 'xyz' to which the scammer replies yes. They're careful to focus on the 'accident' only. The scammer then goes on to request cash to help them out. Needless to say, the real Leah was involved in no such incident and did not ask (or receive) ant money... But the scammer did. How did this happen? It's impossible to say for sure, but one possibility is that at some point the real Leah installed a malicious app (or clicked a malicious link) that collected certain details. From those details, a scammer may have built a profile including the name of the phone owner, their contact details, their favourite contacts etc. Another possibility is that it was a shot in the dark from a scammer and when the mother asked 'Is this you Leah?', that was their foot in the door - making the conversation feel genuine so as to not raise suspicion and get them closer to completing their scam - getting money, or getting valuable banking or personal info. What should you do in this situation? There's always a chance something like this is 100% real, but scammers are cunning and deceptive. In this case, if you were the mother, then ideally you would call Leah on her real number. Chances are you'd likely have got through to her and quickly realised you were being scammed. Don't be afraid to challenge back and ask them to prove they are who they say they are - a phone call to confirm their voice for example, when was the last time you met, or something only the real Leah would know. O2 Related SMS Scams - Latest bill / Termination / PAC These have been around for a long time and unfortunately, they will probably be around forever. Scams evolve but at the heart, they're all the same and they're all designed to make you panic. We're all so reliant on our mobile these days that the thought of there being an issue may make some recipients panic and tap links without thinking. Here's some of the latest examples we've seen At least two things all of the above 'O2 scams' have in common are: They all came from a standard mobile number. Official texts from us will show as coming from O2 UK. It's important to note however that sometimes, the scammers with better brains or resources are able to spoof these 'alpha codes' to make the text appear to come from a business/org rather than a number. All these texts have dodgy looking links - they all mention 'O2' somewhere in the URL to try and catch you out, but make no mistake all these links are fake and will either try and install malware on your device, or attempt to ask/steal your details, login or bank account info. Other / Generic SMS Scams It's not just scammers targeting customers to make them think their mobile service will be disconnected either - these scammers are also targeting banking related services too such as Apple Pay, Google Pay, or pretending they're the bank themselves and their card has been suspended. Similar to above, these are designed to incite panic and make you react on a whim, without thinking about the legitimacy of the text. If you receive any texts like the ones shown above in this update, the important things to check are: Did it come from a mobile number instead of a business/org name? If so, chances are it's a scam Does it include a link that looks different from what you know to be the business/orgs official website? If so, chances are it's a scam Are there typos or poor use of grammar and/or punctuation? If so, chances are it's a scam Did you receive a text claiming to be from O2 (oh two) and somewhere it says 02 (zero two)? If so, chances are it's a scam Does the text contain something that doesn't seem quite right? If so, there's a chance it's a scam. You should contact the business via their official contact details to confirm Does the text claim to be from someone you know and they're asking you to click on something, send money, or do something urgently? If it's not from a known number, there's a chance it's a scam. You should try contacting the person via any other means to confirm the legitimacy of the text What should you do if you believe you've been sent a scam SMS? If your phone supports SPAM reporting then you may have an option to report the text as spam which will do the above task for you. If your device doesn't have a SPAM reporting functionality, see below for an alternative method to report this to us. Alternatively, to report a suspicious text pretending to be from O2, forward the original message to 7726. You may get an automated response thanking you for the report and giving you further instructions if needed. You will not be charged for sending texts to 7726.

⚠️ MAY 2022 UPDATE - Flubot 1.1 / 2.0 ⚠️

More info

It's been a couple months since our last update, but that doesn't mean these scammers and fraudsters have given up or slowed down - far from it. Scammers are always looking for ways to get unsuspecting users to click on dodgy links, visit fake websites, or dupe you into giving out personal info.

'Flubot' looks like it's on the rise again and this time with a twist.

More info

First, a quick recap on how Flubot 1.0 (SMS) works:

You receive a text message containing a link
If you click the link, you're asked to install an app
At this point your phone is now infected with the Flubot malware
Infected phone numbers are added to a central Flubot network and your phone is used to send more texts and infect other users
Flubot can steal banking, contact amd personal info from infected devices

What's changed with Flubot 1.1 / 2.0? It's important to note that Flubot 1.0 is still in circulation and you could be sent one of those, or potentially one of these new ones from Flubot 1.1 / 2.0:

You receive an SMS as before, but the message has changed from being about a missed delivery, to something like "Voice mail message awaiting to be listen", or a variant of it
An MMS is sent to you about a voicemail and if you click the link and become infected, your phone sending infected MMS could result in you being barred by some of our controls and checks, or losing some or all service due to you potentially hitting any spend caps you may have set up

Please remain vigilant when receiving an SMS or MMS. If it's not from someone you know, or a business/company you're familiar with, then be cautious and think twice before opening any links. And even if it is from somebody you know, be cautious of any dubious looking links - it's possible your friends phone could be infected and it sent you one of the links.

It's been a couple months since our last update, but that doesn't mean these scammers and fraudsters have given up or slowed down - far from it. Scammers are always looking for ways to get unsuspecting users to click on dodgy links, visit fake websites, or dupe you into giving out personal info. 'Flubot' looks like it's on the rise again and this time with a twist. First, a quick recap on how Flubot 1.0 (SMS) works: You receive a text message containing a link If you click the link, you're asked to install an app At this point your phone is now infected with the Flubot malware Infected phone numbers are added to a central Flubot network and your phone is used to send more texts and infect other users Flubot can steal banking, contact amd personal info from infected devices What's changed with Flubot 1.1 / 2.0? It's important to note that Flubot 1.0 is still in circulation and you could be sent one of those, or potentially one of these new ones from Flubot 1.1 / 2.0: You receive an SMS as before, but the message has changed from being about a missed delivery, to something like "Voice mail message awaiting to be listen", or a variant of it An MMS is sent to you about a voicemail and if you click the link and become infected, your phone sending infected MMS could result in you being barred by some of our controls and checks, or losing some or all service due to you potentially hitting any spend caps you may have set up Please remain vigilant when receiving an SMS or MMS. If it's not from someone you know, or a business/company you're familiar with, then be cautious and think twice before opening any links. And even if it is from somebody you know, be cautious of any dubious looking links - it's possible your friends phone could be infected and it sent you one of the links.

⚠️ JANUARY 2022 UPDATE - Fonehouse / Carphone Warehouse Scam ⚠️

More info

BBC's Morning Live show today featured a segment about a recent scam that's gaining traction and becoming more prevalent amongst scammers. Please read the full update here but in short, if you or anyone you know receives a device they weren't expecting, or is different to what was ordered, then please do not attempt to contact the person who originally 'sold' you the contract (they may have supplied their details or even done this via WhatsApp/similar). Instead, contact the company directly - whether direct from a network or even from Carphone Warehouse themselves - using the legitimate details on their website so they can check and advise on the next steps as it's very likely you've fallen foul of this scam.

⚠️🎅🎄 DECEMBER 2021 UPDATE - Stay safe this festive season 🎄🎅⚠️

More info

During this time of the year, we tend to see a heightened level of scams going around, and with many of us taking time off work or winding down for a few days over the festive period, it's easy to let your guard down - and that's what these cyber criminals are hoping for. So please, remain vigilant and inspect your texts, calls and emails closely this holiday period. Find out more around how to spot scams and stay safe during the festive period.

During this time of the year, we tend to see a heightened level of scams going around, and with many of us taking time off work or winding down for a few days over the festive period, it's easy to let your guard down - and that's what these cyber criminals are hoping for. So please, remain vigilant and inspect your texts, calls and emails closely this holiday period. Find out more around how to spot scams and stay safe during the festive period.

⚠️ SEPTEMBER 2021 UPDATE - iOS 14.8 (Zero Click Malware) ⚠️

More info

We have seen news and media reports of a zero click malware vulnerability within iOS that has been patched with the latest iOS 14.8 update. Please see more info below and update your devices as soon as possible to stay safe and secure.

This week Apple has released an emergency software update for all iPhone, iPad and Mac users, to prevent the use of a 'zero-click malware'. A zero-click attack is especially devious as it means a user has no chance to catch the attack because it requires no action on the user’s part to trigger it - it’s not like a phishing email or smishing sms where the user has to click on a link or download a piece of malware.

Whilst alarming, we don’t need to panic, as these types of attacks tend to be very targeted, and in the past have been used to access messages on specific and targeted individuals, like a journalist’s or politician’s device.

WHAT DO I NEED TO DO?
Simple – you should update your device to the latest update as soon as possible.

We have seen news and media reports of a zero click malware vulnerability within iOS that has been patched with the latest iOS 14.8 update. Please see more info below and update your devices as soon as possible to stay safe and secure. This week Apple has released an emergency software update for all iPhone, iPad and Mac users, to prevent the use of a 'zero-click malware'. A zero-click attack is especially devious as it means a user has no chance to catch the attack because it requires no action on the user’s part to trigger it - it’s not like a phishing email or smishing sms where the user has to click on a link or download a piece of malware.Whilst alarming, we don’t need to panic, as these types of attacks tend to be very targeted, and in the past have been used to access messages on specific and targeted individuals, like a journalist’s or politician’s device.WHAT DO I NEED TO DO?Simple – you should update your device to the latest update as soon as possible.

⚠️ JULY 2021 UPDATE 2 - Update on Flubot ⚠️

More info

We know Flubot has been in the news more recently due to it becoming a heavily used form of smishing by these scammers, so we want to update you with more information on what Flubot is, how to spot it, and how to stay safe. See full update below for more info.

Flubot scam - What is it?
Flubot is a text message scam. It is part of a large scale smishing attack using a malware named Flubot. Currently it is only impacting Android devices, and is downloaded under the guise of a tracking app or a message with a link to retrieve a voicemail which is installed when you click on the attached link.

If you install the app the malware is then able to take over your device and this allows more infected SMS to be sent to contacts within your device without your knowledge.

Please be aware that if you do install the app, your contacts and your banking apps may have been accessed by the fraudster.

If you have received the message but not clicked on the link and downloaded the app, you can report the message to 7726 and then delete it.

If you have downloaded the app and believe your device has been infected, you will need to remove the malware from your device and you can do this by following the actions recommended by the National Cyber Security Centre, which is to perform a factory reset on your device, which will wipe the device and remove the malware. To carry out a factory reset, please visit the National Cyber Security Centre’s website and search on the text “flubot guidance”. You should NOT perform a back-up to reinstall anything on your device after the factory reset, as that will also reinstall the malware.

Other options that MAY be available are:

Activating Google Play protect and perform a complete device scan. This action MAY allow you to delete the malware.
Activate the safe mode on the Android device. Safe mode places a temporary block on third party apps from running. This may let you identify the Flubot app and then uninstall it.

I believe my device is infected – What should I do ?
Please forward the original text message to 7726

If we have identified that your device may be infected by Flubot as part of the monitoring of our network, we may bar your outgoing SMS in order to protect you, your contacts, and our network. To have this SMS bar removed, please follow the advice below on how to remove the malware. Once you have done this please contact customer services

If you advise us that you have removed the malware but this has not been completed, the outgoing SMS bar is likely to be reinstated.

If you have incurred charges to your bill due to Flubot, this will be reviewed and where applicable these charges will be credited back to your account.

However, if you advise us that you have removed the malware and this has not been completed, and you continue to incur costs due to Flubot you may be liable for these charges.

We know Flubot has been in the news more recently due to it becoming a heavily used form of smishing by these scammers, so we want to update you with more information on what Flubot is, how to spot it, and how to stay safe. See full update below for more info. Flubot scam - What is it?Flubot is a text message scam. It is part of a large scale smishing attack using a malware named Flubot. Currently it is only impacting Android devices, and is downloaded under the guise of a tracking app or a message with a link to retrieve a voicemail which is installed when you click on the attached link.If you install the app the malware is then able to take over your device and this allows more infected SMS to be sent to contacts within your device without your knowledge.Please be aware that if you do install the app, your contacts and your banking apps may have been accessed by the fraudster.If you have received the message but not clicked on the link and downloaded the app, you can report the message to 7726 and then delete it.If you have downloaded the app and believe your device has been infected, you will need to remove the malware from your device and you can do this by following the actions recommended by the National Cyber Security Centre, which is to perform a factory reset on your device, which will wipe the device and remove the malware. To carry out a factory reset, please visit the National Cyber Security Centre’s website and search on the text “flubot guidance”. You should NOT perform a back-up to reinstall anything on your device after the factory reset, as that will also reinstall the malware. Other options that MAY be available are: Activating Google Play protect and perform a complete device scan. This action MAY allow you to delete the malware. Activate the safe mode on the Android device. Safe mode places a temporary block on third party apps from running. This may let you identify the Flubot app and then uninstall it. I believe my device is infected – What should I do ?Please forward the original text message to 7726If we have identified that your device may be infected by Flubot as part of the monitoring of our network, we may bar your outgoing SMS in order to protect you, your contacts, and our network. To have this SMS bar removed, please follow the advice below on how to remove the malware. Once you have done this please contact customer servicesIf you advise us that you have removed the malware but this has not been completed, the outgoing SMS bar is likely to be reinstated.If you have incurred charges to your bill due to Flubot, this will be reviewed and where applicable these charges will be credited back to your account.However, if you advise us that you have removed the malware and this has not been completed, and you continue to incur costs due to Flubot you may be liable for these charges.

⚠️ JULY 2021 UPDATE 1 - New Flubot Variants & 7726 upgrade ⚠️

More info

We have seen a number of new examples of the Flubot scam and are taking actions to protect customers from these. We have also made an upgrade to 7726 to make it easier to report calls.

Flubot

We have had reports of a new variant of the Flubot issue and wanted to highlight what these look like.

You will receive a SMS advising you have a missed voicemail and to click the link provided. Please don’t and if you have see the guidance below on the actions to take.

Please continue to report these to 7726 as it allows us to take the appropriate action to shut these down.

7726 Update

We have now completed a small upgrade to 7726 so that it is easier for you to report a Voice Call rather than just SMS.

To make it easy for you the system will only require a single message

If you receive a call then you should report it as follows:-

Voice (Calling number) e.g. Voice 077305***** or Voice 4477305*****

No words or comments should be included otherwise it will be registered as a text message and not a voice call.

When used you will see the following response:-

Thanks for reporting a nuisance call. The details will be shared with the other operators and law enforcement teams

We have seen a number of new examples of the Flubot scam and are taking actions to protect customers from these. We have also made an upgrade to 7726 to make it easier to report calls. Flubot We have had reports of a new variant of the Flubot issue and wanted to highlight what these look like. You will receive a SMS advising you have a missed voicemail and to click the link provided. Please don’t and if you have see the guidance below on the actions to take. Please continue to report these to 7726 as it allows us to take the appropriate action to shut these down. 7726 Update We have now completed a small upgrade to 7726 so that it is easier for you to report a Voice Call rather than just SMS. To make it easy for you the system will only require a single message If you receive a call then you should report it as follows:- Voice (Calling number) e.g. Voice 077305***** or Voice 4477305***** No words or comments should be included otherwise it will be registered as a text message and not a voice call. When used you will see the following response:- Thanks for reporting a nuisance call. The details will be shared with the other operators and law enforcement teams

⚠️ JUNE 2021 UPDATE - My O2 & O2 More SMS ⚠️

More info

We've started seeing some texts claiming to be from O2 More or My O2 that refer to various gamling offers or websites, though may not be exclusive to just gambling offers - it's just that that's what we've seen so far. More details below.

I wanted to highlight a few texts we've seen originating from a spoofed 'My O2' or 'O2 More', usually related to gambling offers - but this may not be exclusively. See below some recent examples we've had.

Some of the usual 'tells' that this is a scam and not from O2 can be seed in typos, grammar or punctuation mistakes, such as:

In the second example, 'Bet on the England Vs Scotland' - what? The whole sentence just doesn't really make any sense as it seems to be missing words like match and 'an' before exclusive
In the third example they deliberately add spaces to the Gambleaware website to ensure it's not tappable, and the last bit again doesn't flow well

It can be difficult to tell what's a scam and what's real though, so please continue to be vigilant and if you're in doubt, it's best not to open these texts or tap on any of the links. Continue to follow our previous advice to forward suspected scam texts to 7726 for us to investigate.

We've started seeing some texts claiming to be from O2 More or My O2 that refer to various gamling offers or websites, though may not be exclusive to just gambling offers - it's just that that's what we've seen so far. More details below. I wanted to highlight a few texts we've seen originating from a spoofed 'My O2' or 'O2 More', usually related to gambling offers - but this may not be exclusively. See below some recent examples we've had.Some of the usual 'tells' that this is a scam and not from O2 can be seed in typos, grammar or punctuation mistakes, such as: In the second example, 'Bet on the England Vs Scotland' - what? The whole sentence just doesn't really make any sense as it seems to be missing words like match and 'an' before exclusive In the third example they deliberately add spaces to the Gambleaware website to ensure it's not tappable, and the last bit again doesn't flow well It can be difficult to tell what's a scam and what's real though, so please continue to be vigilant and if you're in doubt, it's best not to open these texts or tap on any of the links. Continue to follow our previous advice to forward suspected scam texts to 7726 for us to investigate.

⚠️ APRIL 2021 UPDATE 2 - New Flubot Variants ⚠️

More info

We wanted to alert you that we’re starting to see new variations of the recent Flubot SMS scam you may have read about here, on our Social Media feeds, or via the news. Some variants we have seen so far include messages pretending to be from UPS, ASDA and others. We wanted to clarify a couple of points that we hope will help keep you safe over the bank holiday weekend.

How Flubot works

The way the Flubot scam works is that by tapping on one of the links in the message, it takes you to a website that downloads an ‘APK file’. This file is a fake app that installs to your device, and then downloads other apps that make it look like your online banking app (or other apps) which can steal your logins and more
Because this Flubot scam works by installing an APK file, this is currently specific to Android – but if you’re an iPhone/iOS user, we strongly recommend you follow the same advice below

What to do if you receive one
If you receive a text or email you weren’t expecting and it’s asking you to tap on a link, be suspicious and scrutinise the details. If it’s from a random mobile number, chances are high it’s a scam text. If the link looks odd, chances are high it’s a scam text. If the text has typo’s or poor structuring, chances are high it’s a scam text. In these cases, please forward the text to 7726 for our security team to take further action.

If you get such a text and everything looks absolutely fine, or you were expecting a delivery from the courier mentioned and you think it might be genuine, we urge you to use caution and to contact the company in question to confirm its legitimacy before tapping on any links. If the courier/business cannot confirm the legitimacy of the SMS, please forward the text to 7726 for our security team to take further action.

More Info
For more guidance, please visit the National Cyber Security Centre

We wanted to alert you that we’re starting to see new variations of the recent Flubot SMS scam you may have read about here, on our Social Media feeds, or via the news. Some variants we have seen so far include messages pretending to be from UPS, ASDA and others. We wanted to clarify a couple of points that we hope will help keep you safe over the bank holiday weekend. How Flubot works The way the Flubot scam works is that by tapping on one of the links in the message, it takes you to a website that downloads an ‘APK file’. This file is a fake app that installs to your device, and then downloads other apps that make it look like your online banking app (or other apps) which can steal your logins and more Because this Flubot scam works by installing an APK file, this is currently specific to Android – but if you’re an iPhone/iOS user, we strongly recommend you follow the same advice below What to do if you receive oneIf you receive a text or email you weren’t expecting and it’s asking you to tap on a link, be suspicious and scrutinise the details. If it’s from a random mobile number, chances are high it’s a scam text. If the link looks odd, chances are high it’s a scam text. If the text has typo’s or poor structuring, chances are high it’s a scam text. In these cases, please forward the text to 7726 for our security team to take further action.If you get such a text and everything looks absolutely fine, or you were expecting a delivery from the courier mentioned and you think it might be genuine, we urge you to use caution and to contact the company in question to confirm its legitimacy before tapping on any links. If the courier/business cannot confirm the legitimacy of the SMS, please forward the text to 7726 for our security team to take further action.More InfoFor more guidance, please visit the National Cyber Security Centre

⚠️ APRIL 2021 UPDATE - 'FluBot' SMS Scam ⚠️

More info

Mobile network operators are aware of the Flubot SMS scam and are advising customers to be vigilant and careful about clicking on any links received in an SMS. For the full update, tap here or view it below.

What is the Flubot SMS scam?
The Flubot SMS scam is a piece of malware that impersonates other apps on a victim’s phone to steal their banking credentials and other private information. It spreads through SMS and can eavesdrop on incoming notifications, read and write SMS, make calls, and transmit the victims’ entire contact list back to its control centre.

Actions to take if you believe you have received a Flubot text message
If you believe you have received a Flubot message, customers should forward anything suspicious to 7726 so the links can be tracked.

Be Vigilant and Aware
The best advice if you’re unsure is to ignore, report, and delete.

Here's an example of a Flubot SMS. If you receive anything similar, please don't click any links. Report it as instructed above, then delete it.

Mobile network operators are aware of the Flubot SMS scam and are advising customers to be vigilant and careful about clicking on any links received in an SMS. For the full update, tap here or view it below. What is the Flubot SMS scam?The Flubot SMS scam is a piece of malware that impersonates other apps on a victim’s phone to steal their banking credentials and other private information. It spreads through SMS and can eavesdrop on incoming notifications, read and write SMS, make calls, and transmit the victims’ entire contact list back to its control centre. Actions to take if you believe you have received a Flubot text messageIf you believe you have received a Flubot message, customers should forward anything suspicious to 7726 so the links can be tracked.Be Vigilant and AwareThe best advice if you’re unsure is to ignore, report, and delete.Here's an example of a Flubot SMS. If you receive anything similar, please don't click any links. Report it as instructed above, then delete it.

⚠️ MARCH 2021 UPDATE - Royal Mail SMS Scam ⚠️

More info

Royal Mail email, text and Facebook scams have been around for a long time, but this month we've seen an increase in activity and so we wanted to bring this to your attention to help show you how to spot these, and what to do about them. See more details in the update here.

⚠️ FEBRUARY 2021 UPDATE - We've updated our 'OTAC' SMS ⚠️

More info

In February 2021 we updated the OTAC (one time authorisation code) SMS messages we send you when you request certain account actions such as SIM swaps, upgrades or account recoveries. Never share this code with anyone who calls you. See more details in the update here.

⚠️ JANUARY 2021 UPDATE - NHS Vaccine SMS ⚠️

More info

In January 2021 we started seeing a convincing new text message scam that pretends to be from the NHS offering you a vaccine. Please see full details in the update here.

⚠️ AUGUST 2020 UPDATE - Flyers, Wangiri, and other Scams ⚠️

More info

In August 2020 we added a new section to this thread highlighting other scam activities you should be aware of. These include details on the 'Wangiri Scam', flyer, and other scams. Please see the update here.

iPhone 15 Megathread // Don't fall for scams // How to get Volt benefits
Contact us on Social Media: Facebook // Twitter // Instagram

AYR · ‎06-07-2022

i received my latest bill and found I had been charged for 15+ text messages that I didn’t send. On checking the number I can see it’s a scam number that has been reported many times. 07802000332 The other number that was used doesn’t even look like a number 2389011. How do I even report this to 02 ?

MI5 · ‎06-07-2022

@AYR

https://www.o2.co.uk/help/safety-and-security/phishing-and-smishing-advice

I have no affiliation whatsoever with O2 or any subsidiary companies. Comments posted are entirely of my own opinion. This is not Customer Service so we are unable to help with account specific issues.
Please select the post that helped you best and mark as the solution. This helps other members in resolving their issues faster. Thank you.

Chris_K · ‎15-09-2022

SEPTEMBER 2022 UPDATE

Hello everyone. It's been a while since my last update on this thread, but the truth is that scams are still here and they've never gone away or even reduced in numbers. All the same scams you've already seen are still in circulation so it's important to always remain vigilant. That said, we have seem some newer examples and variants of existing scams, as well as some new ones that we wanted to highlight.

Government / Energy Bill Scams

More info

This is a new one we've started to see. The reason we're highlighting this is because we're in the midst of a cost of living crisis that's impacting us all - individuals, families and businesses alike - and with the various energy bill support and initiatives that are available, some may not think twice about clicking the link in this text. Don't!

Here are the tell tale signs that this, and others like it, are a scam:
1) The text was sent from a standard mobile number. A genuine text from the Government would show as coming from the Government - not a mobile number
2) The text was sent at 3am. A genuine text, especially from the Government, would not arrive at such times. Generally speaking if you receive a text like this outside of normal hours, it's likely to be a scam so always be cautious
3) The 'GOV-UK' bit seems suss - though it's been a while since I've seen any official Gov texts, the last genuine one we saw started with 'GOV.UK'. This isn't a hard and fast rule, but definitely one to be cautious about
4) While the website isn't as random as a lot of other scam links we've seen, you should always be cautious about any text claiming to be from the Government that doesn't link out to a Gov.uk website (eg, such as https://www.gov.uk/)

This is a new one we've started to see. The reason we're highlighting this is because we're in the midst of a cost of living crisis that's impacting us all - individuals, families and businesses alike - and with the various energy bill support and initiatives that are available, some may not think twice about clicking the link in this text. Don't!Here are the tell tale signs that this, and others like it, are a scam:1) The text was sent from a standard mobile number. A genuine text from the Government would show as coming from the Government - not a mobile number2) The text was sent at 3am. A genuine text, especially from the Government, would not arrive at such times. Generally speaking if you receive a text like this outside of normal hours, it's likely to be a scam so always be cautious3) The 'GOV-UK' bit seems suss - though it's been a while since I've seen any official Gov texts, the last genuine one we saw started with 'GOV.UK'. This isn't a hard and fast rule, but definitely one to be cautious about4) While the website isn't as random as a lot of other scam links we've seen, you should always be cautious about any text claiming to be from the Government that doesn't link out to a Gov.uk website (eg, such as https://www.gov.uk/)

O2 Discount Scams (40% discount phone call scam)

More info

If you receive a call from anyone offering you a 40% discount on your O2 mobile, please hang up immediately. It's a scam.

These have again been around for a while, but we're starting to see it in more use by scammers. There seems to be various numbers being used for this scam and they seem to change often, but recent example calls we're aware of have come from these numbers: 01288 449676, 02844 776840, 0333 0119140, 01288 449676.

The caller will offer you a 40% discount and in the current climate, we can see how this may catch some customers out. Please do not be tempted as this is not something we offer. If you continue the call, the caller will likely then attempt one of the following:
1) Make use of social engineering to extract more personal details from you, sometimes including your bank account details. This will be used to commit bank or identity fraud or similar
2) They will send you a one-time authorisation code which they'll ask you to repeat back. With this, they then have access to your account to perform various tasks including a sim swap, or to order new devices in your name.

So you know, we'll never call, text or email you and ask for a one-time code, password, or other security information. Please report these calls by texting CALL to 7726. Please also see our website for more advice.

For absolute clarity, the discounts we currently have available are shown below, but in a nut shell, we have no discount propositions that offer 40%. Any claim otherwise is a scam.
1) O2 Staff Discounts - These are of course reserved for staff only, and nobody will ever contact you to offer you this
2) O2 Friends & Family Discounts - These are again reserved only for friends and family of staff members. This is not something that would be offered to customers
3) O2 Open Discounts - To qualify for O2 Open, you need to work for an eligible company. The discount itself is set at 25%. You can find more info here.
4) Student Discount - As a student you’ll get 20% off your Airtime Plan when you buy a connected phone or tablet. You can find more info here.
5) Multisave Discount - Get 20% off the Airtime Plan of every new eligible Pay Monthly connection you add to your account. You can find more info here.

If you receive a call from anyone offering you a 40% discount on your O2 mobile, please hang up immediately. It's a scam. These have again been around for a while, but we're starting to see it in more use by scammers. There seems to be various numbers being used for this scam and they seem to change often, but recent example calls we're aware of have come from these numbers: 01288 449676, 02844 776840, 0333 0119140, 01288 449676.The caller will offer you a 40% discount and in the current climate, we can see how this may catch some customers out. Please do not be tempted as this is not something we offer. If you continue the call, the caller will likely then attempt one of the following:1) Make use of social engineering to extract more personal details from you, sometimes including your bank account details. This will be used to commit bank or identity fraud or similar2) They will send you a one-time authorisation code which they'll ask you to repeat back. With this, they then have access to your account to perform various tasks including a sim swap, or to order new devices in your name.So you know, we'll never call, text or email you and ask for a one-time code, password, or other security information. Please report these calls by texting CALL to 7726. Please also see our website for more advice.For absolute clarity, the discounts we currently have available are shown below, but in a nut shell, we have no discount propositions that offer 40%. Any claim otherwise is a scam.1) O2 Staff Discounts - These are of course reserved for staff only, and nobody will ever contact you to offer you this2) O2 Friends & Family Discounts - These are again reserved only for friends and family of staff members. This is not something that would be offered to customers3) O2 Open Discounts - To qualify for O2 Open, you need to work for an eligible company. The discount itself is set at 25%. You can find more info here.4) Student Discount - As a student you’ll get 20% off your Airtime Plan when you buy a connected phone or tablet. You can find more info here.5) Multisave Discount - Get 20% off the Airtime Plan of every new eligible Pay Monthly connection you add to your account. You can find more info here.

Conversational Scams

More info

This is a new one to us, and is FAR more involved and manual so we can't imagine these are being sent in any large quantity compared to the usual dodgy link / multiple typo scams you're used to.

As you can see there's a little social engineering going on, relying on the Mum asking if it was 'xyz' to which the scammer replies yes. They're careful to focus on the 'accident' only. The scammer then goes on to request cash to help them out. Needless to say, the real Leah was involved in no such incident and did not ask (or receive) ant money... But the scammer did.

How did this happen? It's impossible to say for sure, but one possibility is that at some point the real Leah installed a malicious app (or clicked a malicious link) that collected certain details. From those details, a scammer may have built a profile including the name of the phone owner, their contact details, their favourite contacts etc. Another possibility is that it was a shot in the dark from a scammer and when the mother asked 'Is this you Leah?', that was their foot in the door - making the conversation feel genuine so as to not raise suspicion and get them closer to completing their scam - getting money, or getting valuable banking or personal info.

What should you do in this situation? There's always a chance something like this is 100% real, but scammers are cunning and deceptive. In this case, if you were the mother, then ideally you would call Leah on her real number. Chances are you'd likely have got through to her and quickly realised you were being scammed. Don't be afraid to challenge back and ask them to prove they are who they say they are - a phone call to confirm their voice for example, when was the last time you met, or something only the real Leah would know.

This is a new one to us, and is FAR more involved and manual so we can't imagine these are being sent in any large quantity compared to the usual dodgy link / multiple typo scams you're used to. As you can see there's a little social engineering going on, relying on the Mum asking if it was 'xyz' to which the scammer replies yes. They're careful to focus on the 'accident' only. The scammer then goes on to request cash to help them out. Needless to say, the real Leah was involved in no such incident and did not ask (or receive) ant money... But the scammer did. How did this happen? It's impossible to say for sure, but one possibility is that at some point the real Leah installed a malicious app (or clicked a malicious link) that collected certain details. From those details, a scammer may have built a profile including the name of the phone owner, their contact details, their favourite contacts etc. Another possibility is that it was a shot in the dark from a scammer and when the mother asked 'Is this you Leah?', that was their foot in the door - making the conversation feel genuine so as to not raise suspicion and get them closer to completing their scam - getting money, or getting valuable banking or personal info. What should you do in this situation? There's always a chance something like this is 100% real, but scammers are cunning and deceptive. In this case, if you were the mother, then ideally you would call Leah on her real number. Chances are you'd likely have got through to her and quickly realised you were being scammed. Don't be afraid to challenge back and ask them to prove they are who they say they are - a phone call to confirm their voice for example, when was the last time you met, or something only the real Leah would know.

O2 Related SMS Scams - Latest bill / Termination / PAC

More info

These have been around for a long time and unfortunately, they will probably be around forever. Scams evolve but at the heart, they're all the same and they're all designed to make you panic. We're all so reliant on our mobile these days that the thought of there being an issue may make some recipients panic and tap links without thinking. Here's some of the latest examples we've seen

termination 2.jpg

At least two things all of the above ' O2 scams' have in common are:

They all came from a standard mobile number. Official texts from us will show as coming from O2 UK. It's important to note however that sometimes, the scammers with better brains or resources are able to spoof these 'alpha codes' to make the text appear to come from a business/org rather than a number.
All these texts have dodgy looking links - they all mention 'O2' somewhere in the URL to try and catch you out, but make no mistake all these links are fake and will either try and install malware on your device, or attempt to ask/steal your details, login or bank account info.

These have been around for a long time and unfortunately, they will probably be around forever. Scams evolve but at the heart, they're all the same and they're all designed to make you panic. We're all so reliant on our mobile these days that the thought of there being an issue may make some recipients panic and tap links without thinking. Here's some of the latest examples we've seen At least two things all of the above ' O2 scams' have in common are: They all came from a standard mobile number. Official texts from us will show as coming from O2 UK. It's important to note however that sometimes, the scammers with better brains or resources are able to spoof these 'alpha codes' to make the text appear to come from a business/org rather than a number. All these texts have dodgy looking links - they all mention 'O2' somewhere in the URL to try and catch you out, but make no mistake all these links are fake and will either try and install malware on your device, or attempt to ask/steal your details, login or bank account info.

Other / Generic SMS Scams

More info

It's not just scammers targeting customers to make them think their mobile service will be disconnected either - these scammers are also targeting banking related services too such as Apple Pay, Google Pay, or pretending they're the bank themselves and their card has been suspended. Similar to above, these are designed to incite panic and make you react on a whim, without thinking about the legitimacy of the text.

If you receive any texts like the ones shown above in this update, the important things to check are:

Did it come from a mobile number instead of a business/org name? If so, chances are it's a scam
Does it include a link that looks different from what you know to be the business/orgs official website? If so, chances are it's a scam
Are there typos or poor use of grammar and/or punctuation? If so, chances are it's a scam
Did you receive a text claiming to be from O2 (oh two) and somewhere it says 02 (zero two)? If so, chances are it's a scam
Does the text contain something that doesn't seem quite right? If so, there's a chance it's a scam. You should contact the business via their official contact details to confirm
Does the text claim to be from someone you know and they're asking you to click on something, send money, or do something urgently? If it's not from a known number, there's a chance it's a scam. You should try contacting the person via any other means to confirm the legitimacy of the text

What should you do if you believe you've been sent a scam SMS?

If your phone supports SPAM reporting then you may have an option to report the text as spam which will do the above task for you. If your device doesn't have a SPAM reporting functionality, see below for an alternative method to report this to us.

Alternatively, to report a suspicious text pretending to be from O2, forward the original message to 7726. You may get an automated response thanking you for the report and giving you further instructions if needed. You will not be charged for sending texts to 7726.

iPhone 15 Megathread // Don't fall for scams // How to get Volt benefits
Contact us on Social Media: Facebook // Twitter // Instagram

gmarkj · ‎16-09-2022

Some of those aren't limited to just SMS messages - I get quite a few spam emails about my o2 account, or needing to pay postage on a parcel I've ordered...

Please note, this is not customer services and we cannot access your account. Do not publish personal details (email, phone number, bank account).

Link to our guide on how to contact them can be found here

Chris_K · ‎21-09-2022

Hey all - I've updated the September update to include some details around a new Gov energy bill support/discount scam, as well as details around a 40% O2 Discount phone call scam that's been around for a while, but seems to be picking up more in recent days.

iPhone 15 Megathread // Don't fall for scams // How to get Volt benefits
Contact us on Social Media: Facebook // Twitter // Instagram

J9el · ‎22-09-2022

Thanks @Chris_K. Interesting reading, I have been send the Apple pay SMS over the past week.

Chris_K · ‎26-09-2022

@Chris_K wrote:

Government / Energy Bill Scams

More info

This is a new one we've started to see. The reason we're highlighting this is because we're in the midst of a cost of living crisis that's impacting us all - individuals, families and businesses alike - and with the various energy bill support and initiatives that are available, some may not think twice about clicking the link in this text. Don't!

Here are the tell tale signs that this, and others like it, are a scam:
1) The text was sent from a standard mobile number. A genuine text from the Government would show as coming from the Government - not a mobile number
2) The text was sent at 3am. A genuine text, especially from the Government, would not arrive at such times. Generally speaking if you receive a text like this outside of normal hours, it's likely to be a scam so always be cautious
3) The 'GOV-UK' bit seems suss - though it's been a while since I've seen any official Gov texts, the last genuine one we saw started with 'GOV.UK'. This isn't a hard and fast rule, but definitely one to be cautious about
4) While the website isn't as random as a lot of other scam links we've seen, you should always be cautious about any text claiming to be from the Government that doesn't link out to a Gov.uk website (eg, such as https://www.gov.uk/)

I received this very text, from a different number, over the weekend. It was an exact copy/paste and it had the same link in it. I checked around with friends and family and several of them received the exact same thing, all from different numbers and at various points across the weekend.

That may give a bit of insight into how large, organised and/or determined these scammers can be. With how many of these reports I've seen, I think it's likely this will be a group rather than an individual. It also seems likely that many thousands, if not hundreds of thousands, of these texts are being sent likely from several hundred different numbers - either by burner phones, dedicated and sophisticated hardware, or from the spread of malware that's infecting or zombifying an unsuspecting person that then sends the scam text from their phone to all their contacts.

Always be cautious!

iPhone 15 Megathread // Don't fall for scams // How to get Volt benefits
Contact us on Social Media: Facebook // Twitter // Instagram

Chris_K · ‎01-10-2022

Virgin Media O2 is committed to fighting fraud and helping customers to stay safe. From investing in new fraud prevention tools that stop criminals in their tracks, to helping customers know what they can do to swerve the scammers, we’re working round the clock to tackle the scourge of fraud.

With recent research finding that more than half of adults think they’ll never fall victim to a scam, despite 43 per cent of them knowing someone who has, it’s important to stay vigilant.

Follow our top tips to protect yourself from some of the most common scams.

1. Think before you click that link

Have you received a message about an unexpected parcel? Or received a text about a ‘£400 energy rebate payment’ that can be in your bank account today if you click on a link and add some quick details? Chances are, it’s a scam.

There are loads of ways scammers try to convince you to fall for their scams – and increasingly they’re tapping into concerns about rising prices to harvest your data.

If you receive a message from an unknown number, think before you click that link: it could be a scam.

Receiving the message won’t harm you in any way, it’s only dangerous if you interact with it.

If you do click on something and are sent to an external URL to enter your details, it could be a phishing attempt, or it could download malware onto your device.

So if you’re at all suspicious about an email, text or call, get in touch with your mobile provider and report any phishing attempts by forwarding to 7726, for free.

2. Too good to be true offers are scammers’ bread and butter

While many of us feel confident spotting a scam, fraudsters are very persuasive and often lure us in with cheap yet realistic deals. A common fraud involves calling customers, claiming to be from their mobile operator, and offering them an exciting deal to reward their loyalty.

The ‘limited time offer’ they’re making is too good to say no to – but not implausibly cheap – and the caller tells you they just need to verify some of your details. They’ll ask you to confirm your personal information, including potentially a text message which they’ll have sent to you, to verify who you are.

Sadly, in reality, they’re gathering all your details and will use these to try and place orders in your name.

The bottom line is, if it feels too good to be true, it probably is. That’s why if something just doesn’t feel right, we advise customers to:

CLAM UP: Stop talking – don’t confirm any of your details or share any one-time passcodes. Fraudsters need information from you to complete their scam so the less you say the better.
HANG UP: Put the phone down – fraudsters often try to get you to do something urgently without having time to think about it.
CALL BACK: Call your bank, mobile operator or service provider directly to verify the call, and help keep your accounts safe.

3. Keep bank details under wraps

Virgin Media O2 will never call customers, message them via social media or send an SMS to ask for bank details. If you’re asked for this information out of the blue, don’t give any details. Instead, disconnect the call or end the chat and report the incident to Action Fraud and call your provider straight away using the phone number on their website.

If you take a call claiming to be from your bank, telling you that you’ve been a victim of fraud or pressurising you to move money to a safe account, again hang up and get in touch with your bank on your own terms.

A genuine advisor will be happy to let you end the call and phone back – and Virgin Media O2 is part of the Call 159 initiative that puts you directly in touch with your bank. Simply dial 159 from an O2 or Virgin Mobile number to get through to your banking provider.

Remember, even if the caller display on your phone tells you it’s your bank calling, be careful: Sometimes fraudsters can fake their number and make it look like someone else is calling.

4. Keep your codes clandestine

As part of the security measures we have in place, sometimes we’ll ask customers to input a one-time authentication code which we send via text message. We use this when customers are upgrading their phone, for example, and it’s there to keep you safe.

But we will never call you and ask you to read it out over the phone. And we’ll never ask for sensitive stuff such as passwords, bank details or other personal security info over the phone.

So, if you receive a call and the person on the phone asks you to share the one-time authentication code (OTAC) that’s been sent to their device, please hang up immediately.

5. Secure your SIM

New scams are emerging all the time, with fraudsters increasingly looking for ways to gain control of your phone and the information stored on it.

A sophisticated new fraud has targeted people who keep their phone and bank cards together, and seen fraudsters stealing the devices before cleaning-out their victims’ bank accounts, seemingly without ever needing their mobile or bank card PIN.

Protect yourself by setting up a SIM lock and hiding notifications on your home screen that could display sensitive information. That way, scammers won’t be able to take over your online accounts if they get hold of your phone.

Default SIM PINs are set at 0000 and we encourage customers to change this – you’ll find a step by step guide on the O2 community pages here.

6. Don’t reuse passwords

If you’re reusing the same passwords in lots of places, you’re making a fraudsters job easy. If they get one working password, they’ll try reusing it in many other places, looking to take over your accounts and steal your personal information. The more information they have about you, the easier to defraud you it becomes.

Use unique passwords with a mix of letters, numbers, capital letters and special characters. Strong passwords are long passwords, and if it’s hard to remember them all, get a password manager (there are lots of free ones available) that do the hard work for you.

7. Worried you’ve fallen victim? Act fast to avoid heartache

If you think you’ve been the victim of fraud – whether that’s because you’ve given details to someone over the phone, or clicked on a link in a suspicious text or email – there are things you can do:

Contact your bank if you think you may have given out financial information. They can help protect your account and stop transactions
Change your account and online account passwords
Forward fraudulent texts to us for free on 7726 and we’ll look into them
Contact Action Fraud on 0300 123 2040
Call your Virgin Media or O2 customer services number if you think somebody’s taken out a contract with us using their details

Virgin Media customers can phone 150 from their landline or 0345 454 1111 from any other phone.

O2 customers can call 202 from their O2 phone or 0344 809 0202 from any other phone.

iPhone 15 Megathread // Don't fall for scams // How to get Volt benefits
Contact us on Social Media: Facebook // Twitter // Instagram

Cleoriff · ‎01-10-2022

@Chris_K

Is it worth saying, check the number the 'scam' text comes from?

As far as I know, nothing official uses a mobile number?

Veritas Numquam Perit

gmarkj · ‎05-10-2022

Quite shocked that this doesn't have a # code that we can use to link to it.

Can we get one set up @Martin-O2 @RafaC @Breanna please?

Please note, this is not customer services and we cannot access your account. Do not publish personal details (email, phone number, bank account).

Link to our guide on how to contact them can be found here

O2

Phishing, Smishing & Scams. Latest info & advice.

PREVIOUS UPDATES BELOW

1. Think before you click that link

2. Too good to be true offers are scammers’ bread and butter

3. Keep bank details under wraps

4. Keep your codes clandestine

5. Secure your SIM

6. Don’t reuse passwords

7. Worried you’ve fallen victim? Act fast to avoid heartache