Latest World Breaking News Online News Portal
As the M&S cyber incident continues to impact services, shoppers have been urged to check up on their cyber security and look out for bogus messages.
The shop chain has confirmed the some customer details were taken in the cyber attack, such as email addresses and online order histories.
Customer services continue to be affected. In a reply to a customer who asked if they could place an order in store, M&S said today (May 22): “All ordering is currently unavailable.
“We are working incredibly hard to restore our services as soon as possible. Our stores remain open as usual but my colleagues are unable to place any order for you.”
As some customer details have been taken, security experts have urged shoppers to be vigilant for scammers trying to use their stolen details to ensnare them.
Joe Jones, CEO of cybersecurity attack simulation company Pistachio, said: “Shoppers should be on high alert for convincing scam emails, texts and calls.”
He urged people not to click on links from unexpected messages and to always go directly to the official website to check your account.
He warned about the kind of scams that fraudsters may try: “With access to names, contact details, and even order histories, cybercriminals can easily craft realistic messages that appear to be from M&S.
“Be wary of emails claiming ‘your order is out for delivery’ or ‘there’s an issue with your recent purchase’. Just because they include details that feel familiar, such as your favourite items, this does not prove their authenticity.”
He also warned that scams could come weeks or months after the current incident, so consumers need to stay watchful for suspicious messages.
Zain Javed, CTO at cyber security firm Citation Cyber, said that online retailers will likely step up their security in the wake of the incident.
He said: “Retailers will be keen to tighten protections, which means customers might encounter more frequent identity checks, multi-factor authentication during purchases, or longer verification processes at checkout. It’s important for consumers to follow these steps as it is essential to help protect from cyber attacks.”
Niall McConachie, regional director for UK & Ireland at cybersecurity firm Yubico warned that methods such as strong passwords and two-factor authentication may not be enough to deter scammers, as they can bypass these measures.
He suggested using physical passkeys instead to protect your data, which can include measures such as facial recognition or finger print.
Mr McConachie said: “Passkeys are a more secure data protection option than traditional passwords and legacy MFA since they don’t require users to recall or manually enter long sequences of characters that can be forgotten, stolen or intercepted.
“And when shopping online, they do not slow down the checkout process. Passkeys allow shoppers to securely manage logins across countless platforms and applications, offering a stronger authentication method than passwords or even two-step verification.
“With device-bound passkeys providing the highest level of security, customers can truly safeguard themselves and their valuable data.”
