Ofcom, the UK communications regulator, has introduced strengthened measures to protect consumers from scam calls originating overseas. The updated industry guidance, announced today, requires phone operators to block incoming calls from abroad that fraudulently display UK landline numbers.
This measure addresses a common scam technique known as “number spoofing,” in which fraudsters impersonate trusted organisations, government departments or familiar local numbers to increase the chance that recipients will answer. By presenting a seemingly legitimate caller identity, scammers make their schemes more convincing and increase the risk of financial loss and emotional distress for victims.
Lindsey Fussell, Ofcom’s Group Director for Networks and Communications, commented:
“Criminals who defraud people by exploiting phone networks cause huge distress and financial harm to their victims. While there are encouraging signs that scam calls and texts are declining, they remain widespread and we’re keeping our foot to the throttle to find new and innovative ways to tackle the problem.”
The guidance follows a consultation and is expected to significantly reduce the number of scam calls reaching the public. BT, which began applying similar filtering measures voluntarily, reported preventing as many as one million fraudulent calls per day from entering its network in the first month after deployment.
Ofcom is also seeking technical input on tackling overseas calls that spoof UK mobile numbers. Current rules do not compel operators to block every call from international numbers formatted as +447, because doing so could block legitimate calls from UK customers who are roaming abroad.
“Under our strengthened industry guidance, millions more scam calls from abroad which use spoofed UK landline numbers will be blocked – with similar plans underway for calls which spoof UK mobile numbers,” added Fussell.
Ofcom’s research shows that suspicious calls and texts have declined but remain a substantial problem. In 2024, 48% of UK landline users reported receiving a suspicious call in the previous three months, down from 56% in 2021. Among mobile users, the proportion fell from 45% to 39% over the same period.
To keep pace with evolving threats, Ofcom has published two Calls for Input. The first invites views on options to address scam calls that spoof UK mobile numbers, while the second seeks feedback on measures to reduce mobile messaging scams, including those delivered via SMS and Rich Communication Services (RCS).
Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster University, warned about an emerging phishing technique that combines phone and email tactics:
“Telephone-oriented attack delivery (TOAD) is an emerging phishing technique that combines elements of voice and email phishing to exploit victims. In these attacks, perpetrators call targets while impersonating officials from reputable organisations to establish trust. The goal is to extract sensitive information such as login credentials or financial details. After the call, the attacker often follows up with an email containing a malicious link or attachment intended to further compromise the victim’s security.
The effectiveness of TOAD attacks lies in the attackers’ ability to manipulate social engineering principles and leverage the perceived authority of well-known organisations to bypass conventional security measures. Because these attacks use multiple channels and are often tailored to specific individuals, vigilance is essential. Unsolicited requests for personal data should be treated with suspicion. Avoid clicking links or opening attachments in unexpected emails, and regularly review online accounts for unusual activity to help spot fraud early.”
Ofcom recognises that scammers continually adapt to evade protections, and the regulator says it will keep working with industry and other stakeholders to update rules and technical approaches as new threats emerge. The aim is to reduce the volume of scam calls and texts and to limit the harm caused to consumers.
Providers can access the updated industry guidance from Ofcom here.
(Photo by Utsman Media)
See also: Ofcom hits BT with £17.5M fine over emergency call system failure
Unified Communications is a two-day event held in California, London and Amsterdam that explores the future of workplace collaboration in a digital world. The event runs alongside several industry conferences including Digital Transformation Week, IoT Tech Expo, Edge Computing Expo, Intelligent Automation, AI & Big Data Expo, and Cyber Security & Cloud Expo.
Discover other upcoming enterprise technology events and webinars powered by TechForge.