Contents:
Walmart Inc., the American multinational retail corporation that operates a chain of hypermarkets, fell victim to a phishing attack, with the attackers attempting to steal customer private information. The threat actors are also checking their victim’s emails for further phishing campaigns.
This new phishing operation is posing as Walmart and sends emails with the subject line of “Your Package delivery Problem Notification lD#” saying that they could not deliver clients package because the address is not correct. Then ask for the “correct” shipping address.
If the victims click on the ‘Update Address’ button, the phishing email will cause their mail program to create a new email with the subject ‘Update my Address!’ that will be sent to several email addresses under the threat actor’s control.
Phishing victims are urged to send their mailing addresses to the hackers posing as the American organization.
The gathered data is employed to carry out identity theft assaults, acquire access to other accounts, or execute targeted spear-phishing attacks. People are recommended to pay attention to dubious emails from Walmart and treat them with caution.
You should never access dubious links, instead, go to the main site’s domain to check whether there is a problem with your account.
If you received this phishing email and sent your mailing address by mistake, you cannot do much, unfortunately, other than being on the lookout for further targeted phishing attacks. The hackers behind the phishing campaigns will probably utilize the stolen information to perform an ample range of malicious actions such as sending you more scam emails.
People are advised to look out for other targeted phishing campaigns using the submitted data and keep an eye on your credit report to ensure duplicitous accounts are not created under your name.
In order to stop identity theft, customers can also provisionally freeze their credit report to impede financial institutions and other enterprises from issuing credit on their behalf.
Heimdal® Email Security
- Completely secure your infrastructure against email-delivered threats;
- Deep content scanning for malicious attachments and links;
- Block Phishing and man-in-the-email attacks;
- Complete email-based reporting for compliance & auditing requirements;