Walmart rewards phishing email
We have to admit, receiving Walmart phishing emails is new to MailShark. It is true that our services are global (we have clients in 37 countries, at last count) but we have not received a Walmart phishing email. Today’s inspection of the email filters has changed that. True to form, this email promises rewards. Unfortunately the rewards are stealing of your credit card details and personal information. We were unable to confirm it, but the phishing site linked to also attempts to download malware onto your PC. The criminals didn’t do their homework on targeting of users. All the Walmart phishing emails targeted Australian users. A pity there is no Australian Walmart stores. If this email does lob into your inbox, delete it. Do not click on the link.
Figure A shows the email. The greeting is personalised. We have blacked out the recipient name. We suspect the criminals have obtained details via subterfuge. The sender of the email is “Walmart Rewards Team”. The email domain is not a Walmart domain. The subject line of the email reads “<Recipient first name> (walmart.com) delivery notice 1484075673”. No Walmart branding is used. The email states that the recipient has an unclaimed reward.
It also says that the recipient can come in and enjoy Easter rewards. We are not sure which calendar the criminals are using, but the Western Easter and the Orthodox Easter are long over. We suspect this is a re-used phishing email. There are six links in the email. All lead to the same malicious site. One of the links uses Walmart in the anchor text. This is a trick. The actual link points to the same malicious site. Even the help links point to the malicious site.
There are signs that this email is bogus. The lack of branding is one sign. Another is the email domain. The big giveaway is the web site links. There is not a single link back to Walmart. All the links lead to a malicious site.