1. If I have provided my M1 account information to a fraudulent domain/call, what should I do?
    We recommend that you log in to your M1 account via to update your password if you have entered your account details on a fraudulent domain.

    As always, we urge our customers to exercise caution and not follow instructions in fraudulent emails, SMSes, and/or phone calls.

  2. How can I protect myself against phishing attempts?
    We have compiled a list of tips that can help you spot phishing scams on Please check back on regularly, as we will share reports of recent phishing attempts.

    We'll also increasingly use app notifications to share scam alerts via My M1 and My M1+ apps. Please keep your app notifications enabled.

  3. How did the sender know I am an M1 customer?
    In phishing attacks, the perpetrators usually disguise themselves as a reputable organisation or a legitimate person to send out mass amounts of emails or messages in the hope that some of the recipients will respond.

    It is not necessary for them to know if you use the M1 service or if you are familiar with the person who allegedly sent the email. Their goal is to trick you into divulging your personal details or financial information so that they can scam you.

  4. What do I do when I receive such emails?
    If you receive any unexpected emails or messages, we strongly advise you not to click on any link or attachment and to delete those emails or messages immediately.

  5. Can M1 stop all these phishing emails/SMSes?
    Unfortunately, we cannot stop perpetrators from disguising as M1, but we recommend that you exercise caution and ignore fraudulent emails, SMSes, and phone calls. To learn how to spot phishing scams, check out