font loading for Top nav

Free store collection|Free delivery when you spend €50|Free returns for online orders

Security

Everything you need to know about your online security, including phishing emails and keeping your personal data safe, so you can shop with peace of mind.

  • If you’re using a shared or public computer, it’s best to log out of your account completely when you’ve finished shopping. You might also want to look at our privacy policy for more details.

  • Yes, your data is safe with M&S. We comply with the Data Protection Act. Your account, personal details and any order details are protected. Take a look at our privacy policy for more details.

  • M&S will never ask you to submit payment details or need you to pay to win competitions.

    Phishing scams are fraudulent communications that appear to come from a legitimate and reputable source, usually through email and text messaging (“smishing”).

    Attackers approach you with an enticing offer, or claim there’s an issue with your order or account, and encourage you to give away your personal information in the form of log-in details, bank details and/or credit card details.

    If in any doubt regarding the legitimacy of the communication, avoid clicking on any links and visit the M&S website or app to read the guidance below.

    How to spot a phishing scam

    The following signs can indicate fraudulent email communications:

    • Phishing attempts often create a sense of urgency, pressuring you to act quickly without thinking. Stress or excitement can cause you to act impulsively, so take a moment to consider before responding & avoid clicking on any links.
    • Emails that address you by your email address rather than your name.
    • Spelling and grammatical mistakes. (However, phishing scams are increasingly using AI and therefore copy may not always contain errors.)
    • Logos or graphic design that look familiar but are inaccurate, old logos, or pixelated.
    • Unusual email addresses accompanying the sender’s name, e.g. Joe Bloggs “12noinsegl@lkj.net”
    • Email addresses that appear legitimate however are incorrect when checked with the company, for example Mark’s & Spencer (rather than the correct spelling, Marks & Spencer).
    • A request for you to share personal data, e.g. your bank or card details to access a prize.

    How to report phishing scams

    If you have provided your bank, payment, or credit card details, we recommend that you contact your local Garda station – guidance on how to do so here. Afterwards, delete the message and do not send to friends or family.

    If you have received a suspicious phone call, text message, email, or interaction on social media, please do report it, even if you have not engaged with the scam.

    Reporting phishing could help reduce the amount of scam communications you receive and help protect others from cyber-crime.

    Report text messages by forwarding them to 7726. There is no charge for this service.

    How to receive support and protect yourself from phishing

    It can be upsetting to be a victim of a phishing attack. The Crime Victims Helpline - Supporting & informing victims of crime in Ireland can offer guidance following a cyber attack.

    CyberSafety gives advice and guidance for citizens to stay safe online, and know how to prevent future cyber attacks.

Still need help?

Please choose a subject from the menu below.

Choose a subject

Prefer the phone?

See our phone numbers