Fraud to watch out for
Most common types of fraud
If you're still not sure, get in touch with the organisation that seems to have sent you the message to see if it's from them.
Just make sure you don't use any of the contact details from the text – go to their website to find more info.
Three will never ask you for personal details. Our URL links on our SMS comms will always be ‘3.UK’ or ‘Three.co.uk’. If you receive a message with a variation of these links, please report it.
For more information on smishing, please visit our article what is Smishing?
More types of fraud
If you suspect you've received one of these calls, please Contact Us. When you do, please ensure you include the full number of the call received, country code and date/time of the call received.
A phishing attack is a scam where people try to get your personal information and use it to commit fraud. Phishing is typically carried out by email, SMS or through websites that are designed to look like well-known banks or retailers but are built with the purpose of getting your personal information, such as login details and passwords.
A standard phishing email might warn you that there's a problem with your account and include a link to where you can ‘fix’ the problem. Clicking on links within these emails will take you to websites designed to trick you into entering personal details, such as your password or credit card number. If you give out your personal information to these websites, fraudsters may be able to access your account and set up fraudulent accounts in your name.
Phishing attacks can also happen over the phone where fraudsters pretend to be calling from an organisation such as a bank or retailer. They may ask you to confirm your personal details to continue the call. By asking these questions, they may get enough information to pretend to be you and get through the security checks of your real account with that organisation.
The best way to avoid being the victim of a phishing attack is to be aware of the tricks that scammers use and stay vigilant.
These messages can be really convincing, and they might look like they’re from organisations you’ve used before.
Avoiding a phishing attack
Most phones let you see the number of the person calling before you answer, but there've been more and more instances when callers and criminals deliberately change their caller ID. This is what we call spoofing.
Sometimes there's a good reason for a caller to modify the Caller ID, like leaving an 0800 number for the customer to call back, but spoofing callers do this to hide their identity or make you think it's a legitimate call.
For example, identity thieves looking to steal sensitive information such as your bank account or login details might use spoofing to make it look like your bank or credit card company is calling.
Ofcom is working with the international regulators and the telecoms industry to put a stop to spoofing, so don't worry – we're fighting it!
What you can do
Identity thieves and other fraudsters often pose as representatives of banks, credit card companies, creditors, or government departments to get people to reveal their account numbers and other sensitive information.
Never give out personal information on an incoming call, and don't rely on caller ID to identify a caller, especially if they claim to be from someone like your bank.
Hang up the call and call the company back using their official details – maybe check your account statement or the company's website – to find out if the call was genuine. Try to wait at least 5 minutes before you do this to make sure the line clears and you're not contacting fraudsters.
If you think you've been a victim of call spoofing
1. Contact Action Fraud
You can call Action Fraud on 0300 123 2040 (standard call rates apply) Monday to Friday between the hours of 8am to 8pm or visit www.actionfraud.police.uk. Action Fraud is the UK's national reporting centre for fraud and internet crime. Remember, if debit cards, online banking or cheques are involved in the scam your first step should be to contact your bank or credit card company.
2. Tell Trading Standards
If you think something may be a scam, you can call 03454 04 05 06 (standard call rates apply) Monday to Friday between the hours of 9am to 5pm and tell the Citizens Advice Consumer Service, who can pass details of the case on to Trading Standards.
The Trading Standards service is responsible for protecting consumers and the community against rogue traders and traders acting unfairly.
3. The Telephone Preference Services (TPS)
Register your mobile number with The Telephone Preference Service (TPS), it's a free service and is the official central opt out register where you can choose not to receive unsolicited sales or marketing calls from all companies you have given consent to - https://www.tpsonline.org.uk/tps/number_type.html
This is where a fraudster will take out an account in another person’s name. Usually the fraudster will have access to a person's personal information and/or bank details.
If you suspect new account fraud, please contact us or visit our Report a problem Page for more information and support.
This is where a fraudster will gain access to a person’s personal information in order to commit upgrade fraud or take control of an account.
If you suspect account takeover fraud, please contact us or visit our Report a problem Page for more information and support.
This is where a fraudster will gain access to a customer’s phone number by swapping the account to a different SIM card. They will then be able to intercept calls and messages intended for you.
If your SIM card suddenly stops working and your phone says it's not registered, please contact us or visit our Report a problem Page for more information and support.
This is where a fraudster will use your personal information to place a call divert on your phone so that any inbound calls are diverted to them instead.
If you suspect a divert has been placed on your phone without your permission, please contact us or visit our Report a problem Page for more information and support.
Porting fraud is where a fraudster will attempt to transfer your number from Three to another network in order to gain control of your phone number.
We recommend that you set passwords on your Three account. This is a strong verification method that fraudsters will find difficult to exploit. You can set memorable name of place as a password via My3 of the Three app.
If you receive a text about your number being ported without your knowledge, you should please contact us or visit our Report a problem Page for more information and support.
Protecting yourself from card fraud
Fake dealer fraud – or mobile phone contract fraud – is when a scammer calls claiming to be from a mobile phone network. They’ll offer a deal on a popular phone, and if the customer agrees, they’ll think they’ve placed an order. In fact, the scammer will have placed an order with a genuine mobile phone provider, like Three, using the customer’s details.
The customer will receive communications confirming the order’s been placed. But when it arrives, it won’t be the phone the customer ordered. The fraudster will then call and ask the customer to return the phone to an address they provide. They’ll say that they’ll send the correct phone and that the postage will be credited back on their first bill.
However, the return address is fake and the new phone will never arrive. If the customer tries to get in touch with the scam seller, they won’t get through. And when they call the real mobile phone provider, they’ll have no record of the order. They’ll only have the original order that the fraudster made. It’s only then the customer will realise they’ve been scammed.
For more info about fake dealer fraud and tips on protecting yourself, check out our handy article.