It’s important to stay educated about the types of fraud so that you can recognize threats to your financial information. There are three common scams that you should be on the lookout for:
Phishing leverages email
Vishing leverages phone calls
SMiShing leverages text messages
These fraud techniques are designed to mislead you into providing personal information such as:
- Account numbers
- Social Security numbers
- Login credentials (username and password)
- Answers to security questions (your mother’s maiden name, for example)
Recognizing Official M&T Bank Communications
If you ever receive an email that appears to come from M&T Bank and contains our logo but requests personal information or provides a link to a page to enter personal information, do not respond. It is a policy that M&T does NOT initiate a request for personal information via email.
you initiate the contact or we are completing an application for you, M&T will NOT request personal information. If you are being asked for any of the information listed above, it may be a scam.
Recognizing a Scam
NEVER give out your personal information in response to an unsolicited email, phone call or text message. Forward any suspicious emails to
email@example.com that appear to be from M&T and request that you click on a link to enter your login credentials or personal information.
You should never supply any account or login credentials to suspicious emails, but if you’re concerned that the request may be legitimate, contact us directly rather than through the communication you received. A representative will be able to help you.
What to Do if You Suspect Fraud
If you believe you have been a victim of fraud related to your M&T accounts, notify us immediately at 1-800-724-2440 (Monday–Friday 6am–9pm, Saturday–Sunday 9am–5pm ET), so we can take action to help you.
Phishing, Vishing and SMiShing Scam Prevention Tips
- Never respond to any phone calls, emails or text messages requesting personal information
- Check and monitor your credit report regularly
- Always look for “https://” and a padlock icon on legitimate websites that require the input of personal information
- Keep software updated (operating systems and web browsers)
- Keep your computer clean from Spyware
- Use a SPAM filter, anti-virus software and a personal firewall
- Delete emails before opening them if received from anyone you do not recognize
- Never click on hyperlinks within emails, tweets, posts or text messages if you believe they may be fraudulent (hyperlinks may contain a virus). Instead, retype the company name into your browser
- Ignore emails or text messages that threaten termination of service if you do not follow the instructions contained in the message. If the email or text message appears to come from a company that you do business with, contact them directly to discuss/report the message
These scams aren’t the only ways fraudsters can access your accounts and information. Learn more about fraud scams and how you can help protect yourself at websites such as: