Threat actors are abusing virtual shopping lists to trick Walmart customers into transferring money or disclosing personal information, according to researchers at Malwarebytes. Links to the lists are distributed via Google Ads that impersonate Walmart support.