Walmart Jumps to Top of the List of the Worlds Most Impersonated Brands Used in Phishing Attacks

Walmart Most Impersonated Brand Walmart’s rise to become the brand most likely to be impersonated in Q1 of this year is a real problem.

If you’ve been paying attention to brand impersonation in phishing attacks, you know the premise is to use a brand that a large number of potential victims do business with as a means of both establishing credibility . For many quarters, we continually saw Microsoft and/or Microsoft 365 as the brand of choice due to its wide use. Phishing scams ranged from attempting to take over your computer for “tech support” to spoofing login pages to obtain legitimate Microsoft 365 credentials.

But, according to Check Point’s latest Brand Phishing Report for Q1 of this year, Walmart has risen to the top of the list, representing 16% of all impersonated phishing attacks in Q1. This jump, up from 13th place, demonstrates that attackers are looking for new ways to trick victims into performing the desired malicious action – whether that be clicking a link, opening an attachment, or making a phone call.

We found a recent example of a Walmart-themed email at where the scam appears to be similar to ones we’ve encountered that were Amazon-themed.


Source: Check Point

The scam makes the recipient think they ordered something rather expensive (that they didn’t actually order), and get them to call the customer service number to trick them into giving up their credit card details.

All it takes to trick someone is the fabricated legitimacy. Seeing that Walmart has not been a large focus for phishing scams to date, it’s newfound popularity could be all that’s needed to trick email recipients into becoming victims.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Cybersecurity Awareness Month Free Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews