UK Phone Scams 2026: The 12 Most Common Patterns and How to Avoid Them

UK phone scams 2026 are bigger, faster and more convincing than at any point since UK call records began. Action…

UK phone scams 2026 are bigger, faster and more convincing than at any point since UK call records began. Action Fraud estimates that phone-enabled fraud has cost UK victims more than £177 million in recent reporting periods, and AI voice cloning now needs as little as three seconds of audio to mimic a real person. This guide walks through the 12 phone-scam patterns dominating UK call traffic in 2026, the five red flags they all share, and a practical five-step defence checklist for households and SMEs.

Why phone scams keep growing in 2026

Three forces have pushed phone fraud into a new gear. The first is generative AI: usable voice clones can now be trained on a 3-second sample, and “deepfake CEO” phone calls have already produced multi-million-pound losses in UK SMEs. The second is cheap VoIP: international call-origination from any country to any UK mobile or landline costs less than a penny a minute, removing the economic friction that once kept low-margin scams offshore. The third is Calling Line Identification (CLI) spoofing, where the criminal presents a UK number that looks like a bank, an HMRC office or a London landline. Ofcom’s CLI-authentication rollout, modelled on the US STIR/SHAKEN standard, is gradually closing the spoofing loophole at the UK network edge, but enforcement is staged through 2026 and into 2027.

Against that backdrop, Action Fraud consistently lists telephone fraud among the highest-volume reported crime categories in the UK. The patterns below are the ones currently producing the most reports across 2025 and into 2026, drawn from Action Fraud, NCSC and bank-industry alerts.

The 12 phone-scam patterns to watch for in 2026

1. HMRC tax-arrest scam

Typical CLI: spoofed 0203, 0207 or 0300 numbers, often with an automated robocall opener. The recorded voice claims a tax-fraud warrant has been issued in your name and instructs you to press 1 immediately. The “officer” then demands payment in iTunes vouchers, Amazon gift cards, cryptocurrency or a “bail” bank transfer. HMRC never threatens arrest by phone and never demands payment in vouchers or crypto. Forward suspect calls to [email protected] and report to Action Fraud. For the London-CLI variant, see our deep-dive on the 020 London number scam.

2. Bank fraud-team APP fraud

Typical CLI: a spoofed switchboard for Lloyds, Barclays, Santander, NatWest, HSBC, Monzo or Starling. The caller claims a fraudulent transaction has been detected and walks you through “moving your money to a safe account” they have just opened in your name. This is Authorised Push Payment (APP) fraud, the single largest category of UK consumer loss. The 2024 Payment Systems Regulator reimbursement rules give eligible victims a refund right, but stopping the transfer in the first place is always preferable.

3. Royal Mail, Evri or DPD missed-parcel callback

Typical CLI: an 020, 0161 or 0117 number, usually triggered by a preceding text message claiming a parcel cannot be delivered until a small fee is paid. The callback is staffed by fluent operators who take card details “to release the parcel” and then enrol your card into Apple Pay or Google Pay on their own device. Legitimate UK couriers never charge customs through a callback line.

4. NHS or GP test-result phishing

Typical CLI: a 0207 or 0203 number close to a real London teaching-hospital range, or a generic 0300. The caller poses as a GP secretary needing to “verify your identity” before sharing results, usually demanding full date of birth, address and the last four digits of your debit card. NHS staff never ask for payment-card details on the phone and rarely use last-four-of-card identifiers.

5. Energy supplier refund scam

Typical CLI: spoofed 0808 or 0345 numbers presented as Octopus, EDF, OVO or British Gas customer-service lines. The caller claims you are owed a refund (often around £85 or £230) and asks for sort code, account number and an online-banking one-time passcode to “process the credit”. The OTP authorises an outbound payment from your account instead. Genuine energy refunds are paid automatically against the existing direct-debit mandate.

6. Investment and crypto cold call

Typical CLI: prestige-sounding 0207 numbers from Mayfair, Canary Wharf or City of London ranges. The script offers pre-IPO shares, “green energy bonds”, carbon credits, crypto funds or unregulated peer-to-peer lending. Unsolicited investment cold calls are themselves an offence under the Financial Services and Markets Act. Always check any firm on the FCA’s Financial Services Register before sharing details.

7. Microsoft, Apple or Norton tech support

Typical CLI: any UK mobile or geographic number; some operations now use 0800 freephone CLIs to look more official. The caller claims your Microsoft 365, Apple ID or Norton subscription has been compromised and walks you through installing AnyDesk, TeamViewer or Quick Assist. Once you grant access, the criminal logs into your online banking. For SMEs the same pattern can escalate into ransomware, which is why a managed-security baseline matters; see our IT managed services overview for the SME context.

8. “Wangiri” missed-call callback

Typical CLI: 070 personal-number ranges, 09 premium-rate ranges, or rare international codes such as +252, +355 or +247 designed to look domestic on a hurried glance. The phone rings once and cuts off, prompting you to ring back to a number that bills you a high per-minute charge. Our companion piece on the 070 personal-number scam covers the UK variant in detail; look up suspicious prefixes at /who-called-me/070/ and /who-called-me/09/.

9. “Hi Mum, it’s me on a new number” family-emergency

Typical channel: WhatsApp message followed by a voice call from a UK mobile. The opening line is “Hi Mum/Dad, my phone broke and I’m on a new number, can you do me a huge favour…”. The “favour” is always a same-day bank transfer for a bill the supposed child cannot pay themselves. The 2024 wave used SMS only; the 2026 variant now follows up with an AI-cloned voice call to make the impersonation harder to refuse.

10. Energy or boiler-grant gov.uk impersonation

Typical CLI: 0800 freephone or 0300 numbers presented as a “government efficiency scheme”. The caller offers free insulation, a free boiler, or a Warm Home Discount uplift and “just needs to verify your details and energy supplier”. The harvested information is used either for identity theft or to enrol you onto an unsolicited finance agreement. Genuine government schemes never cold-call homeowners. Look up the inbound CLI on our 0800 directory.

11. AI-cloned-voice CEO fraud

This is the SME-specific 2026 escalation of vishing. The criminal trains a voice clone on a public LinkedIn or conference recording of a director, then calls the finance team during a known absence (often using calendar data from a compromised assistant) instructing them to push through an urgent supplier payment. Losses of £25k to £200k per incident are now routine in mid-market UK firms. Read our detailed analysis at vishing attacks on UK SMEs.

12. PPI and car-accident-claim cold calls

Typical CLI: mobile (07) or 0203 numbers. The script claims you are owed compensation for mis-sold PPI (“the deadline has been extended”), a holiday-sickness claim, or an accident “even if it wasn’t your fault”. The aim is to capture enough personal data to file fraudulent claims in your name. The PPI claims window closed in 2019; any caller still claiming to extract a PPI payout is by definition fraudulent.

5 red flags common across all phone scams

Regardless of which of the 12 patterns above you encounter, the underlying social-engineering toolkit is small. The same five red flags appear in almost every UK phone scams 2026 report Action Fraud receives:

  • Urgency. “You must act in the next 30 minutes” or “the warrant is being executed today”. Legitimate organisations give you time.
  • Authority. Claimed identity as HMRC, NHS, police, your bank or a regulator. Real authorities rarely cold-call.
  • Secrecy. “Don’t discuss this with anyone, including bank staff in branch.” Real fraud teams want you to verify with branch staff.
  • Unusual payment rails. Gift cards, cryptocurrency, MoneyGram or Western Union transfers, or “moving” funds to a new account.
  • Requests for OTPs, PINs or remote access. No legitimate organisation will ever ask for these on an inbound call.

5-step defence checklist

Apply this routine to every unsolicited inbound call, whether to your personal mobile or your SME’s main line:

  1. Hang up. Always. No legitimate caller will object.
  2. Verify via the published number. Ring the organisation on a number from their website or the back of your bank card, ideally from a different handset.
  3. Never read OTPs aloud. A one-time passcode exists precisely so it cannot be verbally elicited.
  4. Use call-blocking on every device. Our guide on blocking unknown callers on iPhone, Android and business systems walks through the settings.
  5. Register with TPS. The free Telephone Preference Service stops legitimate cold-callers, which makes the remaining traffic statistically more likely to be a scam and therefore easier to triage.

Reporting phone scams in 2026

Use more than one reporting channel. Each disrupts a different part of the scammer’s infrastructure.

  • Action Fraud on 0300 123 2040 or actionfraud.police.uk for England, Wales and Northern Ireland. Police Scotland on 101 in Scotland.
  • 7726 (SPAM): forward scam SMS to 7726 free of charge across EE, O2, Three and Vodafone.
  • Your bank: report immediately under the Contingent Reimbursement Model (CRM) Code if money has moved.
  • Ofcom for spoofed CLI and silent-call patterns at ofcom.org.uk/nuisance-calls.
  • ICO for breaches of TPS or unconsented marketing calls.

How The Business Hub’s Who Called Me tool flags suspicious numbers

Our free Who Called Me lookup is a clean copy of Ofcom’s National Telephone Numbering Plan, refreshed every Wednesday. For each inbound CLI you can see the Ofcom-allocated block (1,000-number granularity), the original Communications Provider (BT, Gamma, Vonage, Voxbone and others) and an anonymous count of how many UK users have looked the number up in the last 90 days. For the patterns most associated with scams in 2026, these drill-down pages are useful starting points:

Frequently asked questions

What is the most common UK phone scam in 2026?

Authorised Push Payment (APP) bank-impersonation fraud is the single largest category by financial loss, while the HMRC tax-arrest robocall is the most common by call volume. Both rely on spoofed UK Calling Line Identification, urgency and an impersonated authority figure. Together they account for the majority of phone-related fraud reports filed with Action Fraud in 2025 and the first half of 2026.

Can scammers really fake a UK landline number?

Yes. Calling Line Identification (CLI) is set by the originating carrier and is trivial to override on most international VoIP gateways. Ofcom’s CLI-authentication rollout, modelled on the US STIR/SHAKEN standard, is gradually requiring UK networks to verify and block obviously invalid CLIs at the edge, but enforcement is staged through 2026 and 2027 and many spoofed numbers still get through.

Is it safe to answer an unknown number?

Answering itself is harmless. The risk comes from acting on information shared by an inbound caller. If you do answer, say nothing first, let the caller open the conversation, and never confirm personal details, OTPs, account numbers or remote-access codes. Hanging up and ringing back on a published number is always safer.

Does TPS stop scam calls?

No. The Telephone Preference Service stops UK-based legitimate marketing calls only. Criminals already operate outside the law and ignore TPS. Registering is still worthwhile because the remaining nuisance traffic is statistically more likely to be a scam, making it easier to spot.

Will my bank refund me if I’m scammed by phone?

Under the 2024 Payment Systems Regulator rules and the earlier Contingent Reimbursement Model (CRM) Code, eligible APP-fraud victims have a right to reimbursement from their bank, with limited exceptions for gross negligence. Report immediately and in writing; the speed of your report directly affects both the chance of recall and the strength of any subsequent dispute.

How do I check if a number is a scam before answering?

Use a free UK lookup such as our Who Called Me tool. Paste the full number to see the Ofcom-allocated block, the original carrier and the recent-search count. If the number sits in a reserved or unallocated range, or is on a VoIP wholesale block being used to impersonate a high-street bank, that is a strong fraud indicator.

Resources & Articles

You Might Also Like

Read one of our other resources to help you get the best telecoms and IT solutions for your business