Britain’s telecom watchdog has announced plans to force mobile networks into taking stronger action against text message fraud after research showed half of all phone users received dodgy messages in just four months.
Ofcom dropped its consultation plans this week, outlining what it’s calling a “comprehensive package” of measures that mobile operators will need to follow if they want to keep customers safe from increasingly sophisticated scammers. The regulator reckons the changes could block hundreds of millions more fraudulent texts each year – on top of the 600 million already being stopped.
The timing couldn’t be more pressing. Between November 2024 and February 2025, roughly 50% of mobile users in the UK said they’d been on the receiving end of at least one suspicious message. That’s an eye-watering figure, especially when you consider that around 100 million dodgy texts were reported through the 7726 service (that’s the number you forward spam texts to) in the year leading up to April 2025.
Why Current Protections Aren’t Cutting It
Most major mobile networks have already got some defences in place. They’re blocking texts, filtering out rubbish, and generally trying to keep the scammers at bay. But here’s the problem – it’s a bit of a postcode lottery. Some networks are brilliant at it, others not so much. There’s no real consistency across the industry, which means the crooks can sometimes find the weak spots and exploit them.
Scammers have basically worked out that text messages are a goldmine. They can blast out thousands of texts in minutes, pretending to be your bank, Royal Mail, HMRC, or even your mum texting from a “new number” because they’ve supposedly dropped their phone down the loo. The tactics vary, but the endgame’s always the same – getting you to hand over cash or personal details.
The fake parcel delivery texts are probably the ones most people recognise. You know the type: “Your parcel couldn’t be delivered, click here to reschedule.” Except there’s no parcel, and that link leads somewhere very dodgy indeed. Then there are the really nasty ones where scammers pretend to be a family member in trouble, urgently needing money. These “friend in need” scams can be particularly effective because they play on people’s emotions when they think a loved one needs help.
What Mobile Networks Will Need to Do
Ofcom’s split its proposed rules into two main categories: person-to-person messaging (that’s regular texts between individuals) and business messaging (when companies send you texts about appointments, deliveries, or whatever else).
Tackling Everyday Text Scams
For regular texts between people, mobile providers will have to introduce some pretty significant changes. First up, they’ll need to put limits on how many messages can be sent from pay-as-you-go SIM cards. Now, before you panic about not being able to text your mates, these limits are designed to catch the scammers who’re sending out thousands of messages, not someone having a chatty day on WhatsApp.
The thing is, most networks already have some kind of limit – it might be 100 texts per hour or tens of thousands per month, depending on who you’re with. But the rules aren’t uniform, and enforcement varies wildly. Some networks will just block your texts if you hit the limit, whilst others might flag your account for a manual review. Ofcom wants to standardise this whole system so there’s a consistent approach that actually separates genuine users from fraudsters running automated scams.
Networks will also have to block phone numbers that have been reported for scam activity. This isn’t just about customer reports either – they’ll need to work with police and other organisations to maintain up-to-date blocklists. If a number’s been fingered as dodgy, it shouldn’t be able to send messages anymore. Simple as that.
Perhaps most importantly, mobile operators will need to scan messages as they’re travelling across their networks, looking for telltale signs of scams. That means checking for suspicious sender IDs, dodgy web links, and phone numbers that keep cropping up in fraud reports. If something looks iffy, it gets blocked before it reaches your phone.
Cracking Down on Fake Business Texts
Business messaging is where things get a bit more technical, but it’s just as important. When legitimate companies want to send you texts – think appointment reminders from your dentist or delivery updates from online shops – they often use services called aggregators. These are middleman companies that handle the actual sending of messages on behalf of businesses.
The problem is, scammers have cottoned on to this system and sometimes manage to use these same services to send fake texts that look like they’re from real companies. Under Ofcom’s new rules, both mobile networks and these aggregators will need to do proper checks on anyone wanting to send business texts.
We’re talking “Know Your Customer” checks here – basically making sure the company is who they say they are before letting them loose on the messaging system. But it doesn’t stop there. They’ll also need to do “Know Your Traffic” monitoring, which means keeping an eye on what messages are actually being sent and investigating quickly if something suspicious crops up.
One clever bit involves sender IDs – that’s the name or number that shows up when you get a text from a business. Scammers love spoofing these to make their texts look legitimate. Under the new rules, providers will have to verify that sender IDs actually match the business they’re supposed to represent. So if someone claiming to be “YourBank” tries to send messages, the system should check they really are from your bank and not some dodger operating out of their bedroom.
There’ll also be protected lists of sender IDs that scammers won’t be able to use, and clear policies about generic names like “Customer Service.” The idea is to make it much harder for fraudsters to impersonate real organisations.
Will This Actually Work?
Here’s where it gets interesting. On paper, these measures should make a real difference. Standardising protections across all networks means scammers can’t just target the providers with weaker defences. The upfront checks on business messaging should catch a lot of fraud before it even gets started. And the real-time scanning of messages in transit should mop up plenty of what’s left.
But there are legitimate concerns too. Those volume limits on pay-as-you-go SIMs could potentially affect innocent customers, especially since the definition of “pay-as-you-go” has got pretty blurry these days. Many PAYG plans now work just like monthly contracts, only with 30-day terms instead of 12 or 24 months. The last thing anyone wants is genuine users getting caught in the crossfire.
Ofcom seems aware of this risk though. They’re proposing safeguards including the right to appeal if your number or messages get blocked, requirements for networks to train their staff properly, and obligations to make sure legitimate messages still get through. There’ll also be rules around keeping records, following data protection laws, and generally making sure the system doesn’t throw the baby out with the bathwater.
Amy Jordan, who’s Ofcom’s Strategy Delivery Director, reckons the plans will “ensure that mobile firms consistently apply proven measures to thwart these crimes.” She added that it means “locking scammers out of networks and blocking hundreds of millions more scams from getting through to people and businesses each year.”
What Happens Next?
The consultation’s open for responses until 5pm on 28th January 2026, which gives industry players, consumer groups, and anyone else with an opinion plenty of time to have their say. After sifting through all the feedback, Ofcom’s planning to publish its final decision sometime around summer 2026. If the rules get the green light, networks will then need to implement them – though the exact timeline for that hasn’t been nailed down yet.
It’s worth remembering that this sits within a broader picture of digital fraud that’s affecting people worldwide. The sophistication of these scams has ramped up massively in recent years. Fraudsters are using better social engineering techniques, exploiting trusted communication channels, and even starting to deploy AI to make their cons more convincing. This isn’t just a UK problem – it’s global – but the British regulator’s taking a pretty robust stance with these proposals.
Beyond the immediate financial losses that victims suffer, there’s also the knock-on effect of people losing trust in mobile messaging altogether. If you can’t trust that a text from “your bank” actually is from your bank, the whole system starts to break down. Legitimate businesses end up having to work harder to prove they’re genuine, which adds costs and complications that ultimately get passed on somewhere down the line.
The consultation document runs to quite a few pages of technical detail, but the core message is straightforward enough: mobile networks and the companies that facilitate business messaging need to up their game, and Ofcom’s prepared to make rules that force the issue if voluntary measures aren’t getting the job done.
Whether these proposals will actually stem the tide of scam texts remains to be seen. Fraudsters are nothing if not adaptable, and there’s every chance they’ll find new ways to exploit whatever system emerges from this consultation. But at least it’s a start, and given how many people are currently getting bombarded with dodgy messages, it’s a start that’s long overdue.
For now, the usual advice still applies: if you get a text that seems even slightly off, don’t click any links, don’t respond, and forward it to 7726. Your network might not catch every scam, but the more information they have about what’s out there, the better chance they’ve got of keeping the rest of us safe.
