Phone spamDatos

An X-ray of phone spam in Spain: what NoCall's data says

This is how we measure phone spam at NoCall: what data we publish, where it comes from and how you can read it yourself to protect yourself better.

N
By Equipo NoCall
NoCall Editorial
31 May 202611 min read
An X-ray of phone spam in Spain: what NoCall's data says
#datos#spam telefónico#estadísticas#comunidad#transparencia

At NoCall we collect blocked numbers, community reports and SMS campaigns to draw the real map of phone spam in Spain. Here we explain what we measure, where each piece of data comes from and how you can check it yourself. No inflated figures: only what the community reports every day.

When we talk about "NoCall data" we don't mean a survey or an estimate. We mean what actually happens on the platform: every number someone flags as suspicious, every comment they leave describing a call, every SMS campaign that repeats with the same hook. That constant flow is our raw material. And, unlike many reports, much of it is public and open to anyone.

This article isn't going to hand you a headline along the lines of "spam has risen by X%". It's going to teach you to read the data for yourself, to understand what it means and to use it to make better decisions when an unknown number rings.

Where does NoCall's data come from?

The data you see on NoCall has three sources that feed into one another.

The first is the list of blocked numbers: the set of phones the platform flags as problematic. This list draws on both our own sources and community activity.

The second, and the most valuable, are the community reports. When you get a nuisance call and report it, that data point is added to a global count. It isn't an isolated opinion: when many people report the same number with the same description, the pattern becomes clear. A single report is a suspicion; fifty matching reports are a solid signal.

The third are the SMS campaigns. When the same fraudulent message circulates with the same hook, the same impersonated brand or the same domain, we group it as a campaign and count how many times it has been spotted.

The clever part is how they combine. A number that appears on the blocked list and also racks up recent reports with consistent comments describes an active threat, not an isolated case from the past. That's the difference between dead data and live data.

What information do we publish openly?

Not everything we measure is public, and that's deliberate. Some data, misused, could single out specific people or make life easier for the scammers themselves. That's why we carefully separate what we share from what we hold back.

Here's what you can check openly:

Public dataWhat it tells you
Total blocked numbersThe size of the catalogue of phones flagged as problematic
Total reportsHow many people have helped by flagging nuisance calls
Today's reportsThe pulse of the day: recent community activity
Spam categoriesWhich type of nuisance predominates (scam, harassment, telemarketing, debt, surveys)
Weekly report trendHow activity is spread over the last 7 days
SMS campaignsHow many distinct smishing waves we are tracking
Most impersonated brands by SMSWhich companies scammers use as bait
Breakdown by regionWhich regions concentrate the reported landline prefixes
Operator directoryWhich operator runs each numbering range and its spam count
Recent comments (anonymous)How people describe the calls they receive

And here's what we don't publish: rankings of the most searched specific numbers, individual danger ratings generated by AI and fine-grained daily trends. The reason is simple: we want to give you useful context without turning the platform into a tool for naming and shaming, or into a map for anyone who wanted to fine-tune their scams.

How is spam split by category?

Each report is classified into a category. A pushy but legal telemarketing call is not the same as an attempted scam impersonating your bank. Telling them apart matters, because the right response differs in each case.

These are the broad families you'll see in the public data:

CategoryWhat it usually hidesWhat to do
Scam (SCAM)Impersonation of a bank, the tax office, courier firms or tech supportDon't give out data; hang up and verify through the official channel
Harassment (HARASSMENT)Repeated, silent or intimidating callsBlock, keep evidence and consider reporting it
Debt (DEBT)Aggressive debt collectors, sometimes for debts that aren't yoursAsk for identification in writing; know your rights
TelemarketingSelling energy, telephony, insuranceSign up for the Robinson List and block the number
Surveys (SURVEY)Fake surveys that extract personal dataDon't share sensitive details; hang up
Generic spam / OtherAssorted nuisances with no clear patternReport it anyway: it helps fine-tune the system

Here's an important nuance almost nobody mentions: the breakdown by category reflects what people report, not necessarily what happens most. Telemarketing calls can be very frequent but are reported little because "they're legal". By contrast, a scam attempt that frightens people gets reported straight away. That's why report data is a thermometer of perceived threat, as valuable as the raw volume. Whenever you interpret any community statistic, always keep this bias in mind.

If you want to dig deeper into how to tell apart the tone and signals of each type of call, our guide on how to read a number's risk signals will come in handy.

What do SMS messages tell us about who's trying to fool you?

The phone is no longer just voice. A good part of today's fraud comes in by SMS, and there the data tells a very clear story: scammers don't invent brands, they steal them. They pose as companies and institutions you already trust so that you let your guard down.

That's why we track SMS campaigns by grouping them by the brand they impersonate and the website domain they try to send you to. The most impersonated brands tend to be precisely those you interact with most in daily life: your bank, courier firms, shopping platforms, public bodies. It's no coincidence. The more legitimate SMS messages you get from a brand, the easier it is to slip a fake one in among them.

There are three sectors where this stands out especially clearly:

  • Couriers. The classic "your parcel is being held, pay a small fee to release it". Remember one rule that never fails: Correos never sends you payment links by SMS. Payments are made at an office or in its official app. We cover this in parcel scams with a fake Correos SMS.
  • Banking. Messages mimicking your bank asking you to "reactivate the account" or confirm a charge. Your bank will never ask you for full passwords or codes by SMS. Before touching anything, read how to verify whether a call or SMS from your bank is real.
  • Public bodies. Fake notifications from the tax office or Social Security with an urgent tone. The AEAT never asks for confidential data by SMS or email; always go in through the Electronic Office with Cl@ve. You'll find the full guidance in how to verify a notification from the tax office or Social Security.

Smishing is also the gateway to bigger frauds. A piece of data stolen by SMS can end up feeding a SIM duplicate (SIM swapping) or a quishing attack with QR codes. The SMS is rarely the end of the journey; it's usually the beginning.

Why do we talk about operators and prefixes?

Every Spanish phone number belongs to a numbering range assigned to a specific operator. That assignment is public and comes from the regulator. At NoCall we cross-reference it with our list of blocked numbers to build the operator directory, where you can see how many numbers flagged as spam fall within each operator's ranges.

A key warning so you don't misread this data: an operator appearing with many reported numbers does not mean the operator is "the bad guy". It means it has many numbering ranges assigned and, by pure statistics, more of its numbers end up in the hands of spammers. Large operators show up more in any count simply because they manage more lines. Read the data as a clue about who to ask for help or who to complain to, not as a verdict on the company.

Prefixes tell another part of the story. There are ranges that, by their very cost, attract fraud:

Type of numberHow to spot itWhy it matters
Premium rate803, 806, 807, 905They cost money just to call; a common wangiri lure
900 linesStart with 900Free for the caller
MobilesStart with 6 or 7The bulk of voice and SMS spam
Geographic landlines9XX by provinceAllow the region to be located in the territorial breakdown
International+XX prefixBe careful about returning calls to numbers you don't recognise

If you want to understand what lies behind each range, you'll find the full reference at prefixes and a specific analysis in the most reported mobile prefixes in Spain. And if you ever get a call with a foreign prefix you're not expecting, review what to do about a call from an unknown international number before calling back.

How is spam spread across the territory?

The breakdown by region is based on geographic landline prefixes. When a reported number starts with a provincial prefix, we link it to its region. This gives us a heat map of landline spam across Spain.

Be careful with the reading once again: this breakdown only covers geographic landlines. Mobiles (which start with 6 or 7) carry no province information, so they don't appear on the territorial map. That's why the map describes part of the picture, not all of it. It's useful for detecting concentrations of fraud with a "local" appearance, but not for concluding that one region suffers more spam than another in absolute terms.

How can you use this data?

Here's the practical part. Data is useless if it stays on a screen. Here's what you can do with it:

  1. Before answering an odd number, look it up in the directory of reported numbers. If it already has reports and comments, you have your answer.
  2. Read the comments, not just the count. A number with twenty reports and comments saying "they pose as my bank" gives you context that a plain number can't convey.
  3. Report what you receive, even if it seems minor. Every report improves the data for the next person. The system's strength is collective: you benefit from what others reported, and others benefit from what you report.
  4. Check the trends at /tendencias to see what's moving this week and adjust your alert level.
  5. Learn to block depending on your device: we have a guide for blocking spam calls on iPhone, for Android by manufacturer and for landlines and SME switchboards.

If you want to know the exact criteria by which we build each figure, we document it on our methodology page. And if you're looking for the why behind each specific threat, the blog and the guides have the detail.

Why is transparency part of protection?

There's an underlying reason for publishing all of this. Phone fraud feeds on asymmetric information: the scammer knows how their trick works and you don't. When we put the data on the table, we tip that balance a little.

Knowing that scammers recycle the same brands, that they abuse the same premium-rate prefixes, that urgency is always the common ingredient, trains you to recognise the pattern before you fall for it. You don't need to memorise specific numbers; you need to recognise the shape of the scam. And that shape repeats with very few variations.

That's why we're cautious about what we publish but generous with what we do share. We don't give you a ranking of numbers to memorise: we give you the tools to look things up, interpret them and decide for yourself. A user who understands the data is worth more, against a scam, than a hundred loose figures in a headline.

In summary

NoCall's data isn't a report you read once and forget. It's a living system that you yourself feed and consult. Blocked numbers, community reports and SMS campaigns combine to give you, almost in real time, an honest picture of phone spam in Spain: no exaggerations, no inflated figures and no unfairly pointing the finger at anyone.

Your part is the simplest and the most powerful. When you get a suspicious call or SMS, look it up and report it on NoCall. That thirty-second gesture is what keeps the data alive and useful for the next person who gets that same call. The community is the data, and you are the community.

Received a suspicious call?

Look up the number in NoCall before sharing data, calling back, or clicking any link.

Search a phone number or a company name (British Gas, EE and O2...) to check if it has been reported as spam.