Phishing is a scam where identity thieves use fraudulent emails, phony Web sites, online pop-ups, and even phone calls in an attempt to trick you into providing personal information such as bank account numbers, credit card numbers, passwords and social security numbers. Thieves use this information to make purchases, withdrawal funds or even obtain loans and additional credit cards in your name.
- Walmart will never ask you to e-mail personal information such as passwords, social security number, bank account details, credit card numbers, or other financial information nor will Walmart make unsolicited calls asking for such information. However, for fraud prevention purposes, Walmart may ask for you to verify personal information such as address or telephone number, which you have previously provided.
- Walmart will never send you e-mails or call you claiming we have lost or are updating your records.
- Walmart will never send unsolicited e-mails that contain attachments. If you receive an e-mail claiming to be from Walmart that includes an attachment, do not open as it could contain a virus harmful to your computer.
How to protect yourself:
- Do not reply to e-mail or pop-up messages that ask for personal or financial information.
- Look closely at links in an e-mail. While many legitimate e-mails include links to Web sites, remember these links can be forged. One way to spot a forged link is to roll the computer mouse over it. Many e-mail programs will show the real location of the link in a bubble or at the bottom of the reading window.
- Pay attention to the URL of a Web site. Phishers can make links look like they go to a legitimate Web site, but will actually send you to a different, possibly counterfeit, Web site.
- Know your account status. Many fraudulent e-mails try to deceive consumers with the threat that an account is in jeopardy and /or will be suspended if action is not taken immediately.
- Some scammers call or send an e-mail asking you to call a number and request personal information related to updating your account, accessing a "refund," or that you have "won" a gift card. Do not call this number. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.
- Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
- Don't open unsolicited e-mails with attachments and be cautious when downloading any files from emails you receive, regardless of who sent them.
To report suspected phishing scams:
- If you suspect you have been directed to a phony Web site claiming to be connected with Walmart, please send an email with the link to firstname.lastname@example.org. The Email abuse team will then work with authorities to put an end to the particular scam.
- If you suspect you have received a fraudulent e-mail claiming to be from Walmart, please forward the e-mail directly to Walmart at email@example.com. For investigatory purposes, please do not cut and paste the e-mail, change the subject line or forward it as an attachment.
- Suspected phishing attacks should also be reported to The United States Computer Emergency Readiness Team (US-CERT) at firstname.lastname@example.org.
- You also may report phishing e-mail to the Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies. The Anti-Phishing Working Group's e-mail is email@example.com.