Since yesterday morning I’ve received several emails from readers reporting a new scam that appears to be spreading right now.
As is often the case, this scam is being spread via email and it’s targeting folks who shop online at Walmart’s website.
Here’s the text used in these fraudulent emails:
From: Walmart Customer Service
To: John Doe
Dear Mr. Doe,
This message is to inform you that our systems detected a fraudulen purchase from your Walmart account.
These fraudulen purchases are made by a malicious software that is on the victims computer, and our audit has confirmed that your computer has the malicious software on it.
We have already cancel the purchase and refund the money to your account so you don’t have to do anything for that.
But its really important that we remove that software from your computer to prevent this bad charge from happening again.
Please click [link redacted] so our Customer Service rep can log into your computer and remove the awful software for you.
If you don’t agree right soon you are at higher risk of fraud.
Thanks you,
Walmart Customer Service
As you can see, this is more or less a standard scam email with the usual spelling, punctuation and grammar errors, but there are a couple of important differences:
1 – The scammer is actually addressing the recipients by name and using email addresses that are actually linked to their Walmart accounts, indicating that they possibly pulled the names and email addresses from some type of list.
2 – All the recipients (thus far) have reported that they do in fact shop at Walmart’s website, indicating that the scammers appear to be targeting actual Walmart online customers instead of the public at large as is usually the case.
All of this has me wondering if there has been some type of data breach. If so, I’m sure we’ll hear about it soon enough. Of course this could just be a coincidence, but who knows?
Be that as it may, if anyone receiving this message clicks on the link, they’ll end up downloading a malicious file that grants the scammer back-door access to their computer. And you know how those things always end up.
Bottom line: If you receive one of these emails you now know that it’s a scam. DO NOT click the link in the message or attempt to respond to the message in any way.
Instead, log into your account at Walmart.com and report the message to Customer Service.
If you happen to receive this message and you have never shopped at the Walmart website, please let me know about it.
Stay safe out there!