.svg)
The European Commission has confirmed it will present a dedicated EU Action Plan on Online Fraud to boost collective efforts to combat scams that increasingly target vulnerable groups, including older people.
In a written to a parliamentary question from Italian MEP Aldo Patriciello, the EU鈥檚 commissioner for internal affairs, Magnus Brunner, said the plan will formalise existing initiatives under the and the (EMPACT).
These frameworks already coordinate cross-border law enforcement against online fraud, but will now be expanded to include preventive measures and victim protection schemes.
Brunner acknowledged that responsibility for tackling telephone scams largely lies with member states, but emphasised the EU鈥檚 role in supporting digital literacy and security standards.
Programmes such as the and aim to improve digital skills across age groups, with particular attention to older adults, who are disproportionately affected by fraudulent calls.
Telecoms and security measures
The Commission also used the response to highlight progress made under existing EU legislation requiring telecoms operators to strengthen their defences.
For example, under the , providers must implement robust security measures.
Eleven member states have already introduced anti-spoofing rules, obligating operators to block fraudulent calls from abroad, register SMS sender IDs and deploy caller authentication technology.
Further measures are under review as part of the forthcoming , which could expand obligations on providers to counter scams.
Patriciello鈥檚 original question, which was in July 2025, highlighted the severe economic, emotional and psychological harm telephone scams cause to older people, who are often targeted with fake emergency requests, bogus service offers and extortion attempts.
He called for a harmonised EU framework and dedicated awareness campaigns to help victims and their families recognise and report fraud.
The Commission has responded by suggesting that its forthcoming Action Plan on Online Fraud will be the key vehicle for enhancing cooperation between member states, regulators, telecoms providers and consumer organisations, while boosting prevention and victim support.
What could the action plan look like?
Work on the action plan could take many forms. Many in the payments world will be familiar with the and its , both launched in the autumn of 2020.
These strategies were consequential for the following years鈥 legislative work, and included influential regulations such as the Digital Operational Resilience Act (DORA) and the Markets in Crypto-Assets (MiCA) frameworks, as well as payments legislation such as the Instant Payments Regulation (IPR) and updates to the Payment Services Directive.
The action plan may also involve marketing, including collaboration with both member state regulators and the private sector.
It could also include campaigns modelled on and intended to reach vulnerable groups such as older people, as well as fraud-specific digital literacy programmes building on the Digital Education Action Plan and Media Literacy for All.
The plan could also provide practical guidance for consumers and businesses on recognising scams, similar to the European Banking Authority鈥檚 (EBA) financial consumer guidelines.
Lessons from the UK
Should the EU be looking for inspiration, it may turn to the UK and its .
Signed in November 2023 by major tech platforms and the government, this is a voluntary agreement that commits companies such as Google, Meta, Amazon and TikTok to block fraudulent content and ads, improve data sharing with law enforcement, respond quickly by removing scams and suspending accounts, and provide better reporting tools and support for victims.
The charter has attracted some criticism, with calls for the UK government to reinforce the rules and, like the EU, introduce reimbursement requirements for tech and telecoms platforms.
Nevertheless, it could be a starting point for the EU to consider when developing its action plan.
With updates to the Payment Services Directive potentially including tougher liability expectations, and the added muscle of legislation such as the Digital Services Act, the EU is building a stronger toolkit that could place higher expectations on companies to tackle consumer harms arising from fraud.
