How to avoid and prevent scams including phishing, vishing and smishing

If you receive a message requesting personal or financial information, such as personal security details, bank details or passwords, be aware that it could be a scam and therefore fraudulent.

What is phishing, vishing or smishing?

Phishing, vishing and smishing are fraudulent attempts to obtain sensitive information such as usernames, passwords and credit card details via emails, letters, calls or text messages which are made to look and sound like they've come from a trusted company.

Vishing is a type of scam that happens by phone and smishing is done via SMS/text.

These messages can be very convincing and look or sound like genuine messages sent by organisations you already deal with – and may even appear within an existing message string from a known organisation.

Three signs a message might not be genuine:

  1. it asks you to provide sensitive personal or financial information, passwords, or to make transactions by following a link in the message
  2. it asks you to call a certain number that is unknown to you. If in doubt, contact the company via a reputable source like their website or contact number on statements
  3. the sender uses an urgent tone, telling you to "act now"

Need to know

We'll never ask you for your PIN or password by text or email. 

Scam calls

Fraudsters are known to make calls claiming to work for EE or simply saying it’s your service provider when it's actually a scam. They may ask you for personal information, want access to your computer and, in some cases, ask for your bank details. Don't be fooled, this is fraud.

If you have a missed call from a number you don’t recognise, think twice before returning the call, and check whether it is a chargeable number.

What should I do if I think I’ve received a scam message, email or call?

If you've received something that seems a bit suspicious, don't worry.

Receiving a suspicious text, email or voice call will not harm you in any way – harm can only come if you interact with it.


  • don’t click on links unless you’re 100% sure they are genuine
  • take a moment to stop and think and trust your instincts. If it looks too good to be true or looks suspicious, there’s probably a catch
  • don’t give away any of your personal details or give anyone access to your computer – if you think you might have provided your bank account details, contact your bank immediately

You can report suspicious messages in a range of ways:

  • report scam calls directly to us. Your report is sent  to our partner Hiya, who will use the your feedback to improve call protection in the future.
  • forward a text message (including phone number or company name) to 7726, free of charge, so your mobile phone provider can investigate
  • for emails, forward the message to The UK's National Cyber Security Team will then analyse it and, if it is identified as suspicious, attempt to take them down
  • forward any phishing emails referring to EE to
  • delete messages after reporting them
  • make others aware of these types of messages, so they are also in the know

What should I do if I accidentally pressed a URL on my computer or phone?

Pressing a URL will take you to a scam website and your device could potentially be compromised and infected with viruses.

Always make sure:

  • you have up-to-date antivirus software on your computer
  • you have the latest software update on your phone, as this will help prevent viruses – e.g. it will run a free antivirus scan to check if your device is ok. Take your mobile to a local phone shop/EE store if you need help with this
  • you download an antivirus app from the app store on your phone, if needed
  • you reset all passwords and email address passwords, as your device may have been compromised

More information and support on phishing

How can I protect my mobile number when using phone-paid services?

Phone-paid services enable you to pay for content or services by adding the charge to your phone bill. At EE, we call it 'Charge to Bill'.

It’s convenient because you just need your phone number to initiate payment, and secure because the merchant must verify you are the owner of the mobile number to complete the purchase. However, if you share your mobile number with someone you don’t know, maybe someone who contacts you via social media, they could be trying to use your number to make purchases which could end up being charged to your phone bill.

Here are some things to consider before sharing your mobile number with someone who contacts you via social media, claiming to be someone you know:

  • PROTECT – treat your phone number like you would your bank or credit card details. Is the person asking for your number really who they say they are? And, even if they are, would you trust them with your bank card?
  • READ – read any messages that come to your phone carefully. Phone-paid service texts always include the cost, or words like ‘pay’, ‘charge’ or ‘verify’, and will ask you to carry out an action like ‘reply’, ‘click a link’ or ‘enter this PIN’.  If it says you are going to be charged for something by replying, chances are you are
  • THINK – if you don’t want to pay for the service described, don’t reply, click any links or share any PIN codes

Find out more about Charge to Bill

What is the password re-use scam?

It's important to use different passwords for each website and app that you access. This will help reduce your risk of being targeted in a 'password re-use' scam.

Fraudsters collect usernames and passwords that have been leaked from other websites, hoping that the same username and password will be used across a person’s online accounts and apps. If they can get into one, they can get into others.

What is spam?

Spam is unsolicited junk mail or marketing emails which you haven’t agreed to receive.

Marketing material sent by companies that you’ve given your email address or phone number to, and where you've consented to receiving marketing messages is not spam.

Find out more about how to avoid and prevent spam

Keeping your EE account secure

If we detect suspicious activity, we'll secure your account immediately by preventing access to it. We’ll send you a text to let you know we’ve done this.

If you suspect suspicious activity on your account, but we’ve not restricted your access, you should follow the checks below to ensure your account is secure:

  • run an antivirus scan. It’s very important that you do this before changing your password
  • change your password to something strong and long. Use the National Cyber Security Centre's advice for changing your password
  • check none of your personal details have been changed. You can find out how to do this by logging in to EE

What is EE Business Caller ID?

When you receive a call, unless the number is in your contacts you don’t always know who's calling. EE Business Caller ID enhances your call experience by displaying the name of the business calling, providing trust and identity into who’s calling. Only businesses registered with our partner Hiya will be displayed including calls from EE . To learn more about this exciting new feature, see our Business Caller ID FAQs.

Was this article helpful?

Thank you for your feedback!
Sorry about that! Why didn’t this article help you?