Walmart Customers Report Barrage Of Password Reset Requests

Image courtesy of Patrick

Getting an email from a retailer telling you to reset your password because you may have been the victim of a data breach is alarming enough. Imagine you’re one of the Walmart.com shoppers who say they have received dozens of emails directing them to reset their login credentials.

BGR reports that Walmart.com customers began sharing news of the emails on social media on Thursday.

While Walmart has yet to confirm that it is the latest victim of a hack attack or that it is aware of the potential phishing attempt, the customers concerned that the emails are a phishing attempt say they appear to be from a legitimate Walmart.com address.

Unlike traditional phishing scams, the emails don’t take users to an external link to reset their password, but instead mimic the email one would receive when they simply forgot their password.

“Please enter the following verification code on our website, and you’ll be able to rest your password.

If you didn’t request a password change, please visit out Help Center. Please do not reply to this email. This mailbox is unmonitored.”

It’s unclear how a scam would work using this type of email, BGR reports, but it appears the number of times someone can request a reset password is unlimited.

One user posted on Twitter that he had received more than 1,000 reset emails from Walmart.com.

https://twitter.com/JoshOakes/status/761203784898928640

https://twitter.com/NindiSultana/status/761391753798774785

We reached out to Walmart about the possible issue. We’ll update this post when we hear back.

In the meantime, it the retailer has responded to some Twitter users expressing concerns about the emails, warning that they should not click on any link in emails.

Someone is trying to steal accounts from Walmart.com customers [BGR]

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.