Reporting Cybercrime

Anyone can find themselves the victim of Cybercrime.

If you or someone else is in immediate danger or risk of harm dial 999 now.

Reporting a live cyber attack 24/7

If you are a business, charity or other organisation which is currently suffering a live cyber attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.

Reporting a Cyber Attack Which Isn't Ongoing

Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support and advice you need.

Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).

When you report a fraud to Action Fraud, you are given a police crime reference number and your case will be referred to the National Fraud Intelligence Bureau (NFIB), which is run by the police.

In some cases the police and other law enforcement agencies may want to contact you for further details, so it's important that you provide your correct contact details and keep any relevant information about the crime.

Although the police cannot investigate every report individually, the information you provide will aid them. The police use your information to build up intelligence about cybercrime, which includes who is committing what crimes and against whom. This contributes to making the UK a more hostile place for cybercriminals to operate in and helps to keep other potential victims safe.

When you report to Action Fraud, you can also choose to have your details passed on to Victim Support, a national charity that helps those affected by crime. If you take up this option, you will then be contacted by someone from the charity and offered free and confidential emotional support and practical help.

When you suffer a cyber-attack, or a related cybersecurity incident and you are a business, you might need to report it to the Information Commissioner's office (ICO).

Under the new General Data Protection Regulation (GDPR) rules, from the 25th May 2018 it is mandatory that you also report data breaches to the ICO within 72 hours. Action Fraud, the Police and the Cyber Resilience Centre will not report any contact with them to the ICO.

Reporting a cybersecurity incident

If you have visited a website you think is trying to scam you, report it to the NCSC and they'll investigate - https://www.ncsc.gov.uk/section/about-this-website/report-scam-website.

Simply enter the website URL or link, how you received the site details and any more information you want to provide.

Reporting a Suspicious Website

If you have received an email which you’re not quite sure about, don't use the links or contact details in the email, forward it to the Suspicious Email Reporting Service (SERS) using report@phishing.gov.uk

Did you know that the NCSC has an Outlook plugin so users can report phishing direct from their mailbox? Read more here.

Reporting a Suspicious Email

Suspicious text messages should be forwarded to 7726.

This free-of-charge short code enables your provider to investigate the origin of the text and take action, if found to be malicious.

Reporting a suspicious text message

Reporting a Suspicious Text Message

You can contact the Cyber Resilience Centre for guidance and support during normal office hours by visiting our Contact Us page. We also provide free advice on the website.

The National Cyber Security Centre (NCSC) has also created the Small Business Guide to Response and Recovery. It provides small to medium sized organisations with guidance about how to prepare their response, and plan their recovery to a cyber incident