top of page

The City of London Police urges the public to #ReportThePhish

The City of London Police is urging the public to remain vigilant when it comes to suspicious messages. Text messages and emails impersonating well-known organisations remains a common tactic used by criminals.

As of 31st May 2022, the public has made over 12 million reports to the Suspicious Email Reporting Service (SERS), with the removal of over 83,000 scams and 153,000 malicious websites.

SERS was launched by the National Cyber Security Centre (NCSC) and the City of London Police in April 2020 to enable the public to forward suspicious emails to an automated system that scans them for malicious links.

The most impersonated organisations in phishing emails reported last year were the NHS, HMRC and

Detective Chief Superintendent Oliver Shaw, from City of London Police, said:

“Phishing scams continue to pose a significant threat for both individuals and businesses. I would urge everyone to be vigilant of unexpected messages or calls that ask for your personal or financial information.”
“If you receive a call or message that you think might be a scam, don’t respond to it. Instead, contact the organisation directly using contact information from the company’s official website, and not the links or numbers provided in the message itself.”
“Remember, your bank, or any other official source, will never ask you to supply personal information via email or text message.”

Mobile network providers also offer a service that allows customers to report suspicious text messages, by forwarding them to the number 7726.

The service is free of charge and enables providers to takedown malicious websites and block malicious texts from being sent across their network. As of 31st May 2022, 13,000 scams have been removed as a result of suspicious text messages reported using the 7726 service.

The new figures come as the National Fraud Intelligence Bureau’s (NFIB) Cyber Protect team launches a national phishing awareness campaign on Monday 11th July 2022 to remind the public to think twice before handing over personal and financial information.

What is phishing?

'Phishing' or ‘smishing’ is when criminals use scam emails, text messages or phone calls to trick their victims. Whether it’s an email asking you to “verify” your bank account details, or a text message claiming you’ve been in close contact with someone that’s got COVID-19, the goal is usually the same - to trick you into revealing personal and financial information.

Protect yourself

Fake emails and texts can be difficult to spot as criminals are constantly getting better at creating genuine-looking messages .

Here’s some practical advice you can follow when it comes to dealing with phishing scams:

1 - If you have any doubts about a message, contact the organisation directly.

Don’t use the numbers or address in the message – use the details from their official website. Remember, your bank (or any other official source) will never ask you to supply personal information via email.

2 - If you think an email could be a scam, you can report it by forwarding the email to: Send us emails that feel suspicious, even if you're not certain they're a scam - we can check.

3 - Most phone providers are part of a scheme that allows customers to report suspicious text messages for free by forwarding it to 7726. If you forward a text to 7726, your provider can investigate the origin of the text and arrange to block or ban the sender, if it’s found to be malicious.

4 - If you’ve lost money or provided personal information as a result of a phishing scam, notify your bank immediately and report it to Action Fraud at or by calling 0300 123 2040. In Scotland, call Police Scotland on 101.

NFIBs Cyber Protect team also advises that the public follow the advice of the Take Five to Stop Fraud campaign to keep themselves safe from fraud.

· Stop: Taking a moment to stop and think before parting with your money or information could keep you safe.

· Challenge: Could it be fake? It’s okay to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.

· Protect: If you think you’ve been a victim of fraud, contact your bank immediately and report it to Action Fraud online at or by calling 0300 123 2040, or Police Scotland on 101.

Kelly Paterson, HMRC’s Chief Information and Security Officer, said:

“Never let yourself be rushed. If someone contacts you saying they’re HMRC, wanting you to urgently transfer money or give personal information, be on your guard.
“Tax scams come in many forms. Some threaten immediate arrest, others offer a rebate. To help us fight these crimes, please forward suspicious texts claiming to be from HMRC to 60599 and emails to Report tax scam phone calls to us on GOV.UK.”


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.


The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page