Text Message Scams

O2 Warning: How to Spot Fake 'Important' Texts and What to Do

Scammers are sending fake O2 text messages to trick you into visiting phishing websites and handing over your personal details.

· · 6 min read

O2 scam textO2 SMS fraud UKfake O2 messagesO2 phishing scamhow to spot O2 text scam
Key rule: verify through an official route you opened yourself, not the link, number, app, or payment details supplied by the suspicious message.

The 'important account notice' text — what it looks like

A common pattern in O2 phishing texts is: 'IMPORTANT: Your O2 account requires immediate verification. To avoid suspension, confirm your details here: [link].' Another variant targets your payment: 'Your O2 direct debit of £XX has failed. Update your payment method within 24 hours or your service will be suspended: [link].' A third variant promises something: 'Congratulations — you are eligible for a free handset upgrade. Claim before midnight: [link].'

All three share the same three features: a false sense of urgency, a link you're pressured to click, and a claim that something bad will happen — or something good will be lost — if you don't act immediately. That urgency is the mechanism. The goal in every case is to get you to enter your O2 login credentials, card details, or personal information on a fake website.

What real O2 texts look like — and what they never include

O2 does send genuine texts — data usage alerts, bill-ready notifications, and upgrade reminders — so the presence of a text from 'O2' is not suspicious by itself. What matters is what the message asks you to do.

If a text asks you to log in and verify your details via a link, do not use it — go directly to o2.co.uk yourself instead. Other things a genuine O2 text will never do: threaten account suspension within hours; claim your payment has failed and demand you update card details via a link; or send you a one-time code and immediately ask you to share it by replying or following a link.

Genuine O2 texts tend to come from a named sender rather than a random mobile number, but sender names can be spoofed — a message displaying as 'O2' is not proof on its own that it is genuine. If there is a genuine account issue, it will also be visible when you log in directly at o2.co.uk, independently of any text message.

Before clicking any link in an O2 text, run through these checks:

1. Check the sender field. Genuine O2 texts tend to come from a named sender rather than a mobile number, but sender names can be spoofed — so treat this as one signal, not proof.

2. Preview the link before tapping. On iPhone, press and hold the link to see the destination URL. On Android, long-press to copy and then inspect it. If the domain is not o2.co.uk or o2.com, treat it as suspicious.

3. Log in separately. Open your browser and type o2.co.uk yourself. If there is a genuine account issue, it will be shown on your account dashboard — no link required.

4. Never call a number in the text. Scammers include fake O2 support numbers in some messages. From your O2 phone, dial 202 (free) or use the O2 app to reach genuine support.

5. If in doubt, do nothing. Scammers rely on urgency to override your normal caution. If the message is real, the account issue will still be there in ten minutes when you have checked independently.

Already clicked or entered your details? Do this in order

If you clicked a link in a suspected scam text and entered information, act in this sequence:

1. Change your O2 password immediately — go directly to o2.co.uk on a different device if possible, log in, and change your password. Do this before anything else to close off access to your account.

2. If you entered card or bank details on the fake site, call your bank on the number on the back of your card right away. Tell them you gave your details to a phishing site. They can monitor for fraud and may be able to block the card before it is misused.

3. If the password you entered on the fake O2 site is one you use on other accounts — email, Amazon, banking — change it on every one of those services now. Scammers use harvested credentials to attack other accounts, a technique called credential stuffing.

4. Enable two-factor authentication on your O2 account so that future logins require a code sent to your phone — even if someone has your password, they cannot log in without the code.

5. Monitor your O2 bill for unfamiliar charges over the next few months. Premium-rate services can be added to an account without your knowledge once credentials are compromised.

How to report an O2 scam text

Forward the text to 7726. This is free on all UK networks and sends the message to your network's anti-spam team, who can identify and block the sender. You will receive a confirmation reply asking for the number it came from — reply with that number.

If the text contained a phishing link, report the link to the National Cyber Security Centre: forward phishing emails to report@phishing.gov.uk, or report a suspicious website at ncsc.gov.uk/report-a-suspicious-website.

If you have lost money or given financial details, file a full report with Action Fraud at actionfraud.police.uk or call 0300 123 2040. Keep the original text message as evidence — take a screenshot before you delete it.

Frequently asked questions

Does O2 send texts about account problems, or is any O2 text a scam?

O2 does send genuine texts — bill reminders, data alerts, and upgrade offers — so receiving a text from O2 is not automatically suspicious. What matters is what it asks you to do. A genuine O2 text will never contain a link asking you to log in and verify your details, and will never threaten to suspend your account within hours. If you are unsure about any message, log in directly at o2.co.uk rather than using any link in the text.

The text came from a number labelled 'O2' in my phone — how can it still be fake?

SMS sender names can be spoofed. A scammer can send a message that displays as 'O2' or 'O2 Alerts' just as easily as the real company can. This is called SMS spoofing. The displayed sender name is not proof the text is genuine. The only reliable check is whether the link destination is o2.co.uk or o2.com — everything else can be faked.

I'm getting an O2 text saying I'm due a free handset upgrade — is this real?

It may be genuine, but treat it with caution. Check your upgrade eligibility by logging in directly at o2.co.uk or by dialling 202 from your O2 phone — do not use the link in the text. If you are genuinely eligible for an upgrade, it will show in your account independently of any message.

I forwarded the text to 7726 — what happens next?

Your network operator investigates the sender and, if confirmed as a scammer, blocks it and can alert other UK networks. You will normally receive an auto-reply asking for the sender's number — reply with it. You do not need to do anything further unless you lost money or entered personal details, in which case also report to Action Fraud at actionfraud.police.uk.

I clicked the link but didn't enter anything. Am I at risk?

Usually not — on a modern, updated smartphone, simply clicking a link without entering information rarely causes harm. As a precaution: close the tab, clear your browser cache, and check that your O2 account password has not been changed by logging in directly at o2.co.uk. If your phone has not received any recent security updates, consider running a malware scan with a reputable tool.

Think you’ve spotted a scam? Use the AI scam checker for an instant analysis, or report it to Action Fraud.

Reporting routes in this guide are checked against our verified canon of official UK sources — Action Fraud, the National Cyber Security Centre, and Citizens Advice — by an automated accuracy gate before publication. Published 2026-05-23. Read about how Beat the Scam writes guides.