Protecting you against phishing

What is phishing?

‘Phishing’ is a technique used by criminals to try to steal information about a person's identity. They can do this via email, text and even over the phone.

  • Usually, a phishing scam begins with an email which looks like it's from a genuine business – a bank, for example
  • It often includes logos and fonts exactly like those of the business it claims to be from
  • It usually asks for details like usernames, passwords and PINs. There's normally a link that takes you to a fake website if you click on it

IMPORTANT: Never click on these links. It can lead to your identity being 'stolen' – which might lead to money being taken from your bank accounts.

  • The fake websites usually ask for personal details which no credible business or organisation would ever ask you to reveal
  • Or it might take you to a mirror copy of a real website
  • If you see 'https' at the beginning of a web address in your browser or a padlock symbol next to the address bar, then you’re on a secure website
  • You can always click the padlock to check that the website is what it claims to be

IMPORTANT: Never enter and submit your details into a form like this. It can lead to your identity being 'stolen' – which might lead to money being taken from your bank accounts.

Phishing texts will usually ask you to do something – like click on a link or call a number.

Keep yourself protected by doing the following:

  • Delete the message
  • Don't call the number – you could be charged a lot of money
  • Don't click on any links – it could infect your device with a virus

IMPORTANT: We'll never ask you for your PIN or password by text or email – and we'll only ever text you if you've opted in to receive texts from us. You can check if you've done this in My Vodafone

Phishing isn't always easy to identify. Look out for things like:

  • Poor spelling – those committing scams often have weak English language skills
  • Non-personal address – the scammer probably doesn't know you by name, so they might address you as 'Dear Sir/Madam' . If you're registered with Vodafone, we'll always address you by your name. If it's not personal, it's not from us.
  • False email address – if it doesn't end with '' or '', it's not from us
  • The URL/web address of any links – check that it's genuine, isn't unusually long and doesn't include special characters or letters substituted for numbers
  • Requests to act fast – They'll often urge you to act immediately, and say that your account will be suspended if you don't
  • Unexpected email – try to think if there's a good reason for this business to be contacting you

The first thing to do is – nothing. Don't reply to the email. Don't click on the link. And definitely don’t give away any of your personal details.

What if it’s too late?

  1. Open a new web browser window or tab
  2. Log in to My Vodafone and change your password
  3. If you can't do this, please contact us

If you receive a suspicious email that claims to be from Vodafone, forward it to – we'll investigate it and try to find out where it came from.

You can also protect your PC with anti-phishing software. Buy yours from a name you trust – like McAfee, Norton or similar.

There are also lots of antivirus apps. Make sure you get yours from a legitimate app store, like the Apple App Store, Android Market™ or BlackBerry App World™.