If you’ve received an unsolicited password reset email from Walmart, you’re not alone.
Mysterious emails from Walmart
There are multiple reports that the emails flooding the inboxes of Walmart.com customers could be used in a future phishing attack.
Here is an email that a member of Team Clark received:
But that’s nothing compared to one person on Twitter who claims he received more than 1,000 password reset emails in about an hour!
Read more: 4 things you should never text or email
The links will take you to Walmart’s real website, not a malicious one.
What’s going on here? A Walmart spokesperson told Gizmodo that someone likely obtained a list of email addresses and is using the password reset tool to validate them.
Like most of these tools, all you need is an email address to initiate the password reset process.
Read more: How to outsmart email ‘phishing’ scams
There are more questions than answers right now, but the tech website BGR says hackers could be using this information to launch a future phishing attack.
Walmart says it doesn’t believe any accounts have been compromised.
However, the retailer has offered some good advice on Twitter to people who have received the emails, telling them not to click any links in emails.
We recommend NOT clicking any links in emails. Instead, go directly to your account to change a password. Thanks! -Cole
— Walmart (@Walmart) August 5, 2016
If you really need to reset your Walmart.com password, you can start the process directly on their website.