I woke up on Sunday morning to find an email confirmation in my inbox from walmart.com, thanking me for my order. The email came through at 1:39 am, when I was asleep. I knew something was seriously wrong, because the last thing I purchased from walmart.com was a pair of pants weeks ago, which I received. I opened the confirmation and the following had been ordered: D-Link Whole Home Router- $89.00, 2 Year Replacement Plan for router ($9.00), and Just 4 You Walmart eGift Card ($200.00). All items were charged to the Visa debit card linked to my account for a total of $307.54. The transaction went through and the funds were deducted from my bank account.
I immediately called my bank's hotline and cancelled the card, printed the confirmation, and went to the police station to file a report. After that, I began doing some research online and found out I wasn't the only victim of walmart.com fraud. In fact, there are many, many others. I have found hundreds of stories from people with very similar or identical stories. And I believe that Walmart knows about this and is doing nothing to protect it's customers. I very much believe that this is either a security vulnerability that leaves walmart.com open to attacks from hackers, or it is an inside job. Let me tell you why. I use this card on a very limited number of online sites. Mostly bill pay and Amazon.com. I have been doing this for years and never had an issue. A few weeks after I make a purchase on walmart.com and it stores my card info, my account is compromised and my bank account drained. Also, I used a unique password for this walmart.com account. The perp used my walmart.com login and unique password, along with my billing and shipping address to make the fraudulent purchase.
Also, I believe this is a sophisticated crime ring carrying out these attacks. They have it all planned out. first, they know that Walmart.com stores payment information without your consent and doesn't require security codes to be entered. Second, Walmart.com charges your form of payment immediately, as opposed to waiting until the item ships, unlike most retailers. Third, the perp added a router with protection plan (legitimate items) to avoid Walmart's fraud flags going up on the transaction. The real prize for the perp was those sneaky egift certificates, which they had sent to some yahoo email account. Just the fact that they added the decoy items, make me highly suspicious that Walmart knows about this fraud. And last, they made the purchase in the middle of the night while I was sleeping, so that I would not get the email notification from Walmart until hours later.
In my honest opinion, a major investigation needs to be launched into this fraud that is occurring on a large scale on walmart.com. And I believe a lawsuit is definitely not out of the question. My advice? Do not shop on walmart.com, and if you do, call walmart customer service and have them remove your stored payment information from their records.