The UK communications regulator has announced a sweeping set of proposed rules designed to better protect individuals and businesses from fraudulent mobile texts, messages, and calls. The moves come after recent research showed that nearly half of UK mobile users reported receiving suspicious messages and texts during a recent survey period, and industry data revealed mobile providers blocked hundreds of millions of scam messages each year.
At the heart of the initiative are new requirements for mobile operators and messaging platforms. They will face stricter obligations to verify who is sending messages, to filter suspicious links and phone numbers, and to block abusive sender identities. In parallel, the regulator plans to clamp down on the use of spoofed UK numbers, both landline and mobile, which have been a key tool for fraudsters seeking to impersonate trusted organisations.
The regulator’s proposals reflect the changing nature of mobile fraud. Ofcom notes that criminals are increasingly using text messages and rich communication services to deliver phishing links, impersonate utility firms or courier companies, or pressure victims into responding to what appears to be an urgent request from someone they trust. The reliance on mobile messaging is growing, which is why the regulator sees the need for stronger protections both for everyday consumers and for business users.
One of the flagship measures is the introduction of sender-verification requirements for business messaging. Under the new regime, operators and aggregators will need to check that the identity behind a message matches the displayed sender name, and they will need to perform upfront and ongoing checks on businesses that send high volumes of messages. Suspicious or generic sender identifiers such as “Customer Service” or “Support” may be blocked unless backed by verification. With many business services relying on mobile texts and alerts, this change is expected to raise the bar against impersonation attacks.
Meanwhile, for ordinary users, the key change involves blocking or filtering large volumes of messages sent from unverified devices and SIM cards. Ofcom is consulting on rules that would limit the number of messages that can be sent from pay-as-you-go SIMs, require mobile providers to flag suspicious behaviour, and remove the most commonly exploited routes into the network for mass messaging campaigns. Operators already report that they block more than 600 million scam messages annually, yet Ofcom believes more action is needed as fraud tactics evolve.
Another important strand of the new rules addresses the problem of spoofed numbers. Fraudsters commonly manipulate caller ID or sender IDs to make it appear that a message or call comes from a trusted UK number. Ofcom’s data indicates that users are much more likely to answer calls when they display a familiar UK mobile number rather than one from an abroad code. In response, the regulator is proposing that telecom operators withhold the displayed number on calls that appear to originate from roaming abroad using a UK mobile number, unless the operator can verify their legitimacy. This step is aimed at closing a major loophole in mobile trust mechanisms.
As part of the crackdown on spoofing, the regulator builds on earlier rules implemented for landline numbers. From January 2025, phone providers were required to block incoming calls from abroad that misdisplay a UK landline number, an action seen as a milestone in removing one of the easier channels for fraudsters. The extension into mobile and messaging channels reflects how the threat is shifting and why mobile regulation must advance.
The regulator expects to finalise the new rules after consultation, with a deadline for feedback set later in the year. Once implemented, the changes will carry responsibilities for mobile operators, message-sender platforms, and businesses that use mobile communication as part of their services. While the rules are aimed at protecting individuals, they also recognise the importance of messaging in commerce and service delivery. Ofcom states that its goal is to make the UK a “world-leading” environment for mobile trust and fraud prevention.
For mobile users, the takeaway is clear: stay vigilant. If you receive a text or call that claims to come from someone you trust but asks for immediate action, payment, or to click a link, treat it with caution and report it. Forward suspicious texts to 7726 and consider enabling spam-filtering tools or blocking unknown senders. The regulator emphasises that users should exercise caution even if the message appears to come from a trusted number.