Skip to Main Content

Public reminded to ‘mullet over’ when it comes to suspicious messages as phishing attempts soar

The City of London Police is urging the public to remain vigilant when it comes to suspicious messages, after reports of emails, text messages and phone calls designed to harvest your personal and financial details, increased during the coronavirus pandemic.


As of 30 April 2021, over 5.8 million reports of phishing emails were received into the Suspicious Email Reporting Service (SERS). The tool, which was launched by the National Cyber Security Centre (NCSC) and the City of London Police last April, allows the public to forward suspicious emails to an automated system that scans it for malicious links. Since its launch, over 43,000 scams have been identified and 84,000 websites have been removed.

The most commonly faked organisation reported in phishing emails was TV Licensing, with victims reported losses totalling £5.3 million to this scam – an increase of 118 per cent compared to the previous financial year.

The majority of losses occurred after the victim clicked on a link in the email and inputted their details. They then received a call from someone purporting to be from their bank who informed them their bank accounts were compromised and they should transfer all their money to a new ‘safe’ account set up by them. A number of victims also lost £154.50 – the standard TV licence fee charged to the public often paid through a direct debit arrangement. Over half (56 per cent) of victims of TV Licensing phishing emails were aged 30 to 59.

In one instance, a victim lost over £20,000 after receiving a phishing email purporting to be from TV Licensing, claiming that they were eligible for a TV licence refund. Upon receiving the email, the victim clicked on the link which led them to a genuine looking phishing website that prompted them to input their personal and financial details in order to obtain the refund. After providing their details, the victim realised the site was not legitimate and contacted their bank immediately. The victim later received a call from someone purporting to be from their bank about the incident who claimed that their bank account was compromised and they needed to transfer their money to a ‘safe’ account. The victim transferred the money to the ‘safe’ account which in reality was under the control of the criminal.

The next most commonly faked organisations were HMRC and DVLA. More than 40,000 COVID-19 related emails were also reported into the SERS by members of the public.

Action Fraud, the national reporting centre for fraud and cyber crime, also saw an increase in suspicious messages that were delivered by non-email methods, such as phone calls and text messages.

Action Fraud received over 146,000 reports of suspicious messages delivered by non-email methods in the 2020/21 financial year – an increase of 80 per cent when compared to the previous financial year.

The City of London Police’s National Fraud Intelligence Bureau (NFIB), which assess the reports received by Action Fraud, said over half (56.6 per cent) of these reports related to phone calls (vishing) and a third (37.8 per cent) related to text messages (smishing).

Of these reports, almost half (48 per cent) stated the organisation being spoofed was a government department, whilst Amazon and Royal Mail accounted for over a quarter (29 per cent) of reports.

Victims of these scams reported being contacted over the phone by someone purporting to be from Amazon calling about their Amazon Prime subscription, or receiving a text message from Royal Mail about a “missed delivery”.

In response to the growing issue, the Dedicated Card and Payment Crime Unit (DCPCU), a specialist unit made up of officers from the City of London Police and Metropolitan Police Service, funded by the banking and cards industry, made eight arrests last month following a series of early morning operations across the country, targeting individuals suspected of sending out ’smishing’ texts. These messages aim to steal people’s personal and financial details by directing recipients to fake versions of trusted organisations’ websites, such as Royal Mail. 

The publication of these figures comes as the NFIB’s Cyber Protect team launches a national awareness campaign (Tuesday 1 June 2021) to remind the public to think twice before handing over personal and financial information as a result of a suspicious message, which culminates on National Fish and Chip Day (Friday 4 June 2021).

Genuine TV Licensing emails and letters are personalised to include details such as your name, partial postcode or licence number. Many scams simply say ‘Dear Customer’ or use your email address, and may have a made-up postcode or licence number, so check carefully. Scams will often say there is a problem with the licence or that the customer is due a refund, to try coax customers into giving their bank details.

Genuine TV Licensing emails will also always be sent from or On a mobile you may need to select the sender’s name to show the email address. On a computer or laptop you may have to hover the curser over the senders name to show the full email address.

What is phishing?

Phishing emails, text messages or phone calls (often called ‘smishing’ and ‘vishing’) contain an urgent call to action, which usually encourages the recipient to visit a website that is designed to steal your personal and financial information. This information can then be used by criminals to commit offences such as identity theft or fraud.

Criminals have become far better at making suspicious messages look like genuine communication from well-known and trusted organisations. Criminals will use correct spelling and grammar, official logos from a company’s website and sometimes, even personalise the emails with the recipient’s personal information, such as their name.

Protect yourself

Fake emails and text messages can be difficult to spot and criminals put in a lot of effort to make their communication look legitimate. To keep yourself safe, it’s important to take your time and not act too quickly. Criminals will often use threatening language in their scams, giving you a limited time to respond and claiming there will be negative consequences (like a fine, or your account being blocked) if you don’t. If the message contains a hyperlink, or attachment, don’t open it.

Be suspicious if you receive an email or text message that you’re not expecting. Often these kind of scams exploit current news stories, big events or specific times of year (like tax reporting) to appear more believable. Or, the message may be offering something desirable that is in short supply. This is in the hope you will respond quickly so as not to miss out on a good deal or opportunity.

Criminals also use a tactic called ‘spoofing’ to make their call, or text message, appear genuine by cloning the number or sender ID which the organisation uses. It’s important to remember if you’re contacted out the blue by someone purporting to be from a well-known organisation, asking for your personal or financial details, that this could be a scam. Do not respond and hang up the phone.

If you have any concerns, always contact the organisation directly to check if the communication is genuine before taking any action. Visit the official website by typing it directly into your browser, log into your account, or phone their advertised phone number. Don't use the links or contact details in the message you have been sent.

How to report

  • You can report suspicious emails you have received but not acted upon, by forwarding the original message to
  • You can report suspicious texts you have received but not acted upon, by forwarding the original message to 7726, which spells SPAM on your keypad.
  • If you have provided personal or financial details as a result of a suspicious message, or lost money because of a scam, you should report it to Action Fraud at or by calling 0300 123 2040. If you live in Scotland, you should report to Police Scotland directly by calling 101.

For further information on how to protect yourself, visit