A Walmart phishing campaign masquerades as a retailer, trying to steal users’ personal information while checking their emails to verify them for future attacks such as identity theft and spear-phishing.<\/p>\n\n\n\n
The email, which has the subject “Your Package delivery Problem Notification lD #,” asks users to update the address at the end of the message, which says: “Unfortunately we were not able to deliver your postal package in time because your address is not correct. Please reply us with the correct shipping address”.<\/p>\n\n\n\n
After clicking on the ‘update address’ button, the phishing email automatically generates a new email with the subject ‘Update my Address!’ that will be sent to various emails under the control of the fraudster.<\/p>\n\n\n\n
Users are asked to send their e-mail address to the spammer posing as Walmart.<\/p>\n\n\n\n
Users are advised not to click on suspicious links, but to go to the domain of the main page for confirmation purposes.<\/p>\n\n\n