Business news from the Fredericksburg region.
‘Smishing’ scam uses Walmart name
BY CATHY JETT
Roberta Alford suspected it wasn’t really her lucky day when a recent text message congratulated her for winning a $1,000 Walmart gift card.
The Falmouth woman, who worked in law enforcement for 35 years, figured she’d been targeted by a scammer.
“I said, ‘Wait a minute I haven’t been to Walmart except for Christmas” Alford said. “I certainly don’t think they’d send someone a $1,000 gift card if they haven’t been a regular customer.”
The other tip-off was that the text message on her cellphone directed her to a website where she thought she’d be asked to divulge private, personal information such as her address and date of birth.
Alford, who worked for the Bureau of Alcohol, Tobacco and Firearms for most of her career, instead contacted the manager of a local Walmart store and was given a corporate number to call. When she dialed, a recorded message confirmed her suspicions. The text message was, indeed, a “smishing” attack designed to scam people by capitalizing on Walmart’s name.
Smishing, sometimes spelled SMiShing, combines the abbreviation for text messages—SMS, or ShortMessage Service—with phish-
ing. Phishing uses emails
that look legitimate; smishing sends automated text messages and voice mails to cellphones.
According to a March 9 press release on Walmart’s website, there has been a “sudden increase” in scam text messages that refer people to a website where they can “claim a Walmart Gift Card” by entering some private personal information.
“The most popular website being used recently is called ‘walmartgift.mobi,’” according to the release.
“This site is not owned, operated by, or affiliated with Walmart,” it stated. “Any site can be used for this scam and users are often asked for private personal information including credit card numbers or Social Security numbers. Providing this type of information is very likely to lead to identity theft or credit card fraud.”
Alford said that the recorded message she received upon contacting Walmart’s corporate office said to ignore the text message because it wasn’t legitimate. It added that while Walmart does award gift cards to some customers who fill out a survey using the code at the bottom of their store receipt, winners are notified by mail, not text message, and they have to pick up the card at their local Walmart.
The Better Business Bureau has received so many complaints about the gift card scam that it sent out a national alert on March 21, said Tom Gallagher, president and CEO of the Better Business Bureau’s office in Richmond.
“It’s working its way all around,” he said of the scam. “It’s a very, very dangerous thing.”
According to the BBB’s alert, the scam has several versions. In one, the text reads “You just won a free $1000 Walmart Gift Card, enter ‘1000’ at LINK.” In another, it says: “Walmart $1000 gift card for the first 1000 users to go to LINK and enter code 2938.”
The texts also use several different URLs besides wal martgift.mobi. They include promocenterdaily.com/wal mart_gift and promocenter
Victims who attempt to claim the gift card by entering such information as their email address let scammers know that they’ve reached a real person and can use it in a future scam.
“You are vulnerable,” Gallagher said. “You may not be vulnerable today, but you sure will be on another day.”
There are a number of places to report a smishing attack. This include the Better Business Bureau and ic3.gov, the Internet Crime Complaint Center. The latter is a partnership between the FBI and the national White Collar Crime Center.
Cathy Jett: 540/374-5407