EMAIL SCAM SIGNS
Beware of the odd-looking email
Be on the lookout for misspellings, strange spacing and sentences that don’t read quite right.

How to spot a phishing email
Remember that professional organizations like a bank likely have a considerable budget and staff to manage their messaging. It’s typical for many sets of eyes to review any written correspondence before it is sent or published. For that reason, obvious and repeated spelling, spacing and sentence-structure errors in an email appearing to be from a bank or other legitimate business are huge red flags likely indicating a scam.
It’s also important to look carefully at the sender’s email address. Does it match who the sender is claiming to be?
Don't share personal information
Understand that legitimate companies like M&T Bank will not ask you for personal information by email. If you receive an email asking you to provide account information, login credentials or passwords, it is almost certainly fraudulent.
And be wary of any unsolicited email that includes a hyperlink or attachment. Cybercriminals want you to click on links that will take you to websites or open attachments that contain malware — both set up to steal your critical information. When in doubt, don’t click the link or open the attachment!
Simple rules to guard against phishing
- When in doubt, don’t click any links or open any attachments.
- If the email is suspicious, don’t reply to the sender.
- Never provide personal information like account numbers or passwords via email.