We'd like to share some information with you about the practice known as "phishing." Below, you'll find valuable information about things you should keep in mind as you surf the Internet and read your email to help protect your identity and privacy online.

Phishing is the practice of tricking people into providing personal or confidential information for the purpose of committing fraud. Phishing can happen through verbal conversation and online via two common methods: email forgeries and spoofed websites.

Email forgeries or phishing scams use email messages to deliver misrepresentations to users. You may have seen them in your inbox or read about them in the news ? emails designed to appear as though they come from legitimate businesses, but in truth come from con artists intent on fraud.

Many sophisticated phishing emails are designed to trick someone out of a password to an online account, such as a bank account or credit card, so the con artist can use the account to money-launder or commit fraud. The emails claim to be conducting an audit and may ask for passwords and account numbers for authentication.

Keep the following in mind when you receive an email:

• Sender's Email Address - Phishing or "spoof" emails may include a real email address in the "From" line. The "From" line can be edited before it is sent, and the con artist will often put a real Walmart.com email address in it to make it look like we sent it to you.
• Email Greeting - Many spoof emails will begin with a general greeting like "Dear Customer." The con artist doesn't know your name, so the greeting won't be specific to you.
• Account Status - Most spoof emails try to deceive you with the threat that your account is in jeopardy and you will not be able to shop on Walmart.com if you do not update it immediately. The email may claim that Walmart.com is updating its files or accounts.
• Links in an Email - While many legitimate emails have links included, please remember that links can be forged, too. One way to spot a forged link is to roll your mouse over it. Many email programs will show you the real location of the link in a little bubble that pops up or at the bottom of the reading window.
• Requests for Personal Information - Spoof emails often include requests that you enter sensitive personal information, such as a User ID, password or bank account number, by clicking on a link or completing a form within the email.

Keep the following in mind when reading your email:

• Walmart.com will never ask you to email personal information, such as your password, bank account or credit card information
• We will never send you an email that claims we have lost or are updating your records
• We may ask for you to verify personal information already provided to us if we suspect any fraud activity, but will never threaten to close your account if you do not provide us with personal information
• We will never send unsolicited emails that contain attachments. If you receive an email claiming to be from Walmart.com that includes an attachment, please do not open it.

If you receive an email that is purportedly from Walmart.com that contains any of the above, it is likely a spoof email. Please refer to the Take Action if You Receive a Suspicious Email or Visit a Suspicious Website section.

It's important to note that websites can also be faked or "spoofed." Users may be directed to these sites through a variety of links, including those shown in phishing emails as well as in search results on some of the major search engines. Some things to look for:

• Make certain ".walmart.com" is immediately before the first "/". There must be a "." before "walmart.com" for the address to be legitimate.
• Beware of subtle misspellings. These are often used as the URLs for spoofed sites
• Ensure the URL in the link matches the URL of the site it takes you to. One way to spot a forged link is to roll your mouse over it. Many email programs will show you the real location of the link in a little bubble that pops up or at the bottom of the window.

You also want to make certain that the site uses Secure Sockets Layer (SSL) technology when capturing and processing personal information for transactions. SSL is normally denoted by a gold lock icon in the lower right corner of your screen.

If you suspect you have been sent an email that is from a forged email address, please forward the email to us at abuse@walmart.com. Please don't cut and paste the email, and don't change the subject line or forward it as an attachment, as that makes it harder for us to investigate.

If you are ever in doubt about the authenticity of an email, don't provide personal or sensitive information to the sender of that email.

If you suspect that you are or have been on a spoofed site purporting to be Walmart.com, please send an email to abuse@walmart.com. And please don't enter any personal or sensitive information on the site.

If you feel that you have been defrauded, contact the Federal Trade Commission (FTC) at www.ftc.gov or at 1-877-FTC-HELP, or the Consumer Fraud Division of your state's Attorney General's office.