M&S shoppers told to look out for these two emails

The ongoing cyber incident affecting M&S has not only hampered customer services but also raised major cyber security concerns. Shoppers have been urged to stay vigilant and look out for scammers sending out bogus emails.

The retail giant has acknowledged that some customer information was compromised in the cyber attack, including email addresses and online purchasing records. Services continue to face disruption. Responding to a customer enquiry about placing orders in-store on May 22, M&S stated: "All ordering is currently unavailable.

"We are working incredibly hard to restore our services as soon as possible. Our stores remain open as usual but my colleagues are unable to place any order for you."

In light of some customers' data being compromised, cyber security experts have issued warnings to consumers, advising them to be wary of bogus messages from scammers exploiting stolen information.

READ MORE:

Joe Jones, CEO of cybersecurity firm , said: "Shoppers should be on high alert for convincing scam emails, texts and calls." He advised people against clicking on links from unexpected sources, recommending instead to visit the official website directly to check what is going on.

Mr Jones pointed to two scam emails that fraudsters may try: "With access to names, contact details, and even order histories, cybercriminals can easily craft realistic messages that appear to be from M&S. Be wary of emails claiming 'your order is out for delivery' or 'there's an issue with your recent purchase'.

"Just because they include details that feel familiar, such as your favourite items, this does not prove their authenticity." He also cautioned that scams could surface weeks or months following the on-going incident, so it's crucial to remain vigilant.

Zain Javed, CTO at cybersecurity company , thinks that online shops will bolster their security measures in light of the cyber attack. He said: "Retailers will be keen to tighten protections, which means customers might encounter more frequent identity checks, multi-factor authentication during purchases, or longer verification processes at checkout.

READ MORE:

"It's important for consumers to follow these steps as it is essential to help protect from cyber attacks." Another security expert urging people to take care is Niall McConachie, regional director for UK & Ireland at cybersecurity outfit .

He pointed out that even stringent methods like strong passwords and two-step verifications may not deter fraudsters as these can be sidestepped. Instead, he advocated using physical passkeys to safeguard your data, which may involve biometric solutions like facial or fingerprint recognition.

Mr McConachie said: "Passkeys are a more secure data protection option than traditional passwords and legacy MFA since they don't require users to recall or manually enter long sequences of characters that can be forgotten, stolen or intercepted. And when shopping online, they do not slow down the checkout process.

"Passkeys allow shoppers to securely manage logins across countless platforms and applications, offering a stronger authentication method than passwords or even two-step verification. With device-bound passkeys providing the highest level of security, customers can truly safeguard themselves and their valuable data."