Forum Thread

What are steps I can take to prevent any online accts getting hacked? I was hacked by Walmart this morning.

10,253 2,629 May 16, 2019 at 09:48 AM
I received an email that my Walmart acct info was updated. I didn't update it and could not get into my acct any longer. I could not reset my password either and email didn't exist. Called Walmart and someone got into my acct and placed an order. Thankfully I caught it just as it happened and Walmart canceled the order but I feel my payment info has been compromised which is scary.

I am now also being bombarded with junk email that I have to send to spam.

I had all my Walmart gift cards and credit card info on their website/mobile app.

I googled Walmart hacked and there are many instances over the years. Is this my fault by not having my computer secure enough? What would cause this to happen on my end? I have McAfee provided to me by my internet provider and I use premium Malwarebytes for daily scans. This is the first time this has happened to me and don't wish it to happen again.

Or is this happening because of Walmart's security? After googling, it seems quite common for Walmart.

Thanks.

13 Comments

1

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Jun 2005
L6: Expert
1,173 Posts
447 Reputation
#2
Quote from just123me
:
I received an email that my Walmart acct info was updated. I didn't update it and could not get into my acct any longer. I could not reset my password either and email didn't exist. Called Walmart and someone got into my acct and placed an order. Thankfully I caught it just as it happened and Walmart canceled the order but I feel my payment info has been compromised which is scary.

I am now also being bombarded with junk email that I have to send to spam.

I had all my Walmart gift cards and credit card info on their website/mobile app.

I googled Walmart hacked and there are many instances over the years. Is this my fault by not having my computer secure enough? What would cause this to happen on my end? I have McAfee provided to me by my internet provider and I use premium Malwarebytes for daily scans. This is the first time this has happened to me and don't wish it to happen again.

Or is this happening because of Walmart's security? After googling, it seems quite common for Walmart.

Thanks.
It's almost assuredly you and not Walmart. Best thing you can do is use unique complex passwords for websites, pay close attentions to emails/phone calls to make sure you avoid phishing, and ensure you don't download sketchy apps on your computer/phone.

Any time I've had an account compromised it's because it's used a password from another site which was compromised. There's literally people out there who will run a list of usernames/passwords leaked from one site on another site to see if people used the same password. I now use unique complex passwords for every website and no longer have any issues.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2007
L10: Grand Master
7,146 Posts
#3
I think the biggest issue is people clicking on links in emails. Mostly the ones that are from the "company"...

I always go to the actual website to do anything and nothing from the links in emails.
Reply Helpful Comment? 0 0
for those that hate spelling mistakes www.walmarts.comCool

bulb save money by checking your insurance every 2 years (and not every 20) Thanks Liberty Mutual for reminding me to shop. The $842 increase this year sums it up. Across the board increase for Ohio....whatever
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2009
L10: Grand Master
10,253 Posts
2,629 Reputation
Original Poster
#4
Quote from NYExcuse
:
It's almost assuredly you and not Walmart. Best thing you can do is use unique complex passwords for websites, pay close attentions to emails/phone calls to make sure you avoid phishing, and ensure you don't download sketchy apps on your computer/phone.

Any time I've had an account compromised it's because it's used a password from another site which was compromised. There's literally people out there who will run a list of usernames/passwords leaked from one site on another site to see if people used the same password. I now use unique complex passwords for every website and no longer have any issues.
Thanks. That makes sense. I do need to be more careful with my passwords and not make them so similar each place. Thanks.

I'm going to have to start writing my passwords down so I don't forget which goes with what site.

I do know that I get locked out of Kohl's all the time. I come up with odd passwords each time to prevent being locked out again but it doesn't matter.....someone must be trying or is successful at getting in my acct because I get messages to change my password. What causes that when I've changed my password to something completely different than anywhere else....just curious.
Reply Helpful Comment? 0 1
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2009
L10: Grand Master
10,253 Posts
2,629 Reputation
Original Poster
#5
Quote from stufine
:
I think the biggest issue is people clicking on links in emails. Mostly the ones that are from the "company"...

I always go to the actual website to do anything and nothing from the links in emails.
Good advice. People are getting so sleazy with spam/scams. You have to be so careful. I try to be but one time a Paypal email got me andI clicked on it. I had to request my credit card be replaced with a new one....what a hassle.

I don't answer the phone unless I recognize the number. I figure if it's important and they really want me, they can leave a message....now if I could just convince my mom that she needs to do the same. lol she picks up the phone and yells at them to stop calling her.

I also found out that you should never ever save your credit card information on a website. Thing is, at Walmart, I always used Walmart Pay since it was so convenient and a good place to store Walmart gift cards. I will delete the app from my phone and remove my credit cards from their website.
Thanks.
Reply Helpful Comment? 0 1
This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2008
L10: Grand Master
6,456 Posts
2,511 Reputation
#6
Quote from just123me
:
Thanks. That makes sense. I do need to be more careful with my passwords and not make them so similar each place. Thanks.

I'm going to have to start writing my passwords down so I don't forget which goes with what site.
Don't just make them less similar, make them truly random. Use password manager software to generate random passwords and store them. Most password managers offer to fill in your password automatically, if you're on a phishing site password managers won't autofill your password.

There may be some things you don't want to store in a password manager or choose to store in a different password manager that's encrypted differently.

Set up two factor authentication for your email account! Preferably using something like google authentication or an ubikey not just a sms code.
Reply Helpful Comment? 0 0
We the People of the United States, in order to form a more perfect union, establish justice, insure domestic tranquility, provide for the common defence, promote the general welfare, and secure the blessings of liberty to ourselves and our posterity, do ordain and establish this Constitution for the United States of America.

Why do conservative politicians oppose conservation?

"If you tell a lie big enough and keep repeating it, people will eventually come to believe it" -Joseph Goebbels
This comment has been rated as unhelpful by Slickdeals users
Joined Jan 2019
New User
1 Posts
10 Reputation
#7
I was going to say the same thing: use a password manager and two factor authentication but I wouldn't recommend Google Authenticator because, at least as of right now, there's no way to backup up the keys or codes (whatever it's called). I just switched over to from Google Authenticator to Authy which was a bit time consuming but Authy has cloud backup. Their website can explain the differences better (https://authy.com/blog/authy-vs-google-authenticator/).

Then there's YubiKey which has other advantages (https://www.yubico.com/) but not every website supports it yet.

Also, you can download extensions for your browsers which might help like: HTTPS Everywhere, Ghostery, uBlock Origin, NoScript, and others but keep in mind, I can't guarantee these developers won't do anything wrong so at least read their terms and conditions before downloading.

Lastly, look into VPNs.

As far as placing blame, don't beat yourself up, there's plenty to go around. Look at all the companies that have been hacked because they themselves didn't take the appropriate measures beforehand, like Apple, Home Depot, etc. Heck even one of the credit bureaus (Equifax) put "The personal data of 148 million people was exposed during the breach..." (https://www.ajc.com/business/two-years-after-breach-equifax-costs-top-billion/EJ4QQQx1vItpJDSVc4EqOM/)

I think one thing we can do to help each other is call/email/send feedback on websites to companies and ask the ones who fall short to improve their security for us, like the ones who are still making us use security questions, send two factor authentication via text message, or limit how strong we can make our passwords.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2008
L10: Grand Master
6,456 Posts
2,511 Reputation
#8
You can check your email address here: https://haveibeenpwned.com to see a list of all the places you've used that email that have been hacked. You can also check if some of your passwords have been included in various data breaches.
Reply Helpful Comment? 0 0

Sign up for a Slickdeals account to remove this ad.

This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2009
L10: Grand Master
10,253 Posts
2,629 Reputation
Original Poster
#9
Quote from Iona1418
:
I was going to say the same thing: use a password manager and two factor authentication but I wouldn't recommend Google Authenticator because, at least as of right now, there's no way to backup up the keys or codes (whatever it's called). I just switched over to from Google Authenticator to Authy which was a bit time consuming but Authy has cloud backup. Their website can explain the differences better (https://authy.com/blog/authy-vs-g...enticator/).

Then there's YubiKey which has other advantages (https://www.yubico.com/) but not every website supports it yet.

Also, you can download extensions for your browsers which might help like: HTTPS Everywhere, Ghostery, uBlock Origin, NoScript, and others but keep in mind, I can't guarantee these developers won't do anything wrong so at least read their terms and conditions before downloading.

Lastly, look into VPNs.

As far as placing blame, don't beat yourself up, there's plenty to go around. Look at all the companies that have been hacked because they themselves didn't take the appropriate measures beforehand, like Apple, Home Depot, etc. Heck even one of the credit bureaus (Equifax) put "The personal data of 148 million people was exposed during the breach..." (https://www.ajc.com/business/two-...DSVc4EqOM/)

I think one thing we can do to help each other is call/email/send feedback on websites to companies and ask the ones who fall short to improve their security for us, like the ones who are still making us use security questions, send two factor authentication via text message, or limit how strong we can make our passwords.
Thanks. Think is I can't use any type of ad-blocks because I use cash back sites when purchasing online. I will definitely look into the password managers.
Reply Helpful Comment? 0 1
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2009
L10: Grand Master
10,253 Posts
2,629 Reputation
Original Poster
#10
Quote from jkee
:
Don't just make them less similar, make them truly random. Use password manager software to generate random passwords and store them. Most password managers offer to fill in your password automatically, if you're on a phishing site password managers won't autofill your password.

There may be some things you don't want to store in a password manager or choose to store in a different password manager that's encrypted differently.

Set up two factor authentication for your email account! Preferably using something like google authentication or an ubikey not just a sms code.
Thanks for the suggestion. I will look into these. Do they auto-fill your password whether on phone or desktop?
Reply Helpful Comment? 0 1
This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2005
L10: Grand Master
14,627 Posts
5,443 Reputation
#11
Quote from just123me
:
Thanks. That makes sense. I do need to be more careful with my passwords and not make them so similar each place. Thanks.

I'm going to have to start writing my passwords down so I don't forget which goes with what site.

I do know that I get locked out of Kohl's all the time. I come up with odd passwords each time to prevent being locked out again but it doesn't matter.....someone must be trying or is successful at getting in my acct because I get messages to change my password. What causes that when I've changed my password to something completely different than anywhere else....just curious.
Use a password manager, Lastpass, and 1Password are both popular options that are good. Humans are bad at coming up with long random character based passwords, so use a computer to generate 20+ character complex complete random passwords and store them. No two websites should have the same password. Also adding 2FA for any account that supports it would be a wise idea. Avoid SMS based 2FA when possible.
Reply Helpful Comment? 0 0
Vague questions receive vague answers . . . . . .
This comment has been rated as unhelpful by Slickdeals users
Joined Aug 2010
L12: God
7,117 Posts
641 Reputation
#12
Instead of writing down your passwords, get a password manager like LastPass. It's a little unnerving to put all of your passwords in one place but password managers like LastPass have some of the best security there is unlike store websites.

Personally I try and use paypal for everything when I can and when I want to use my credit card, I always uncheck 'store to account' ever since someone got a hold of mine from what I think was the Target hack. It's worth either memorizing your number or just pulling out the card when you need it IMO.
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Feb 2007
L10: Grand Master
7,146 Posts
#13
Only thing I've had hacked
Taxes. I believe from the irs transcript hack they had few years back
Hair. from great clips.... 10 years ago
Reply Helpful Comment? 0 0
This comment has been rated as unhelpful by Slickdeals users
Joined Dec 2012
L7: Teacher
2,727 Posts
211 Reputation
#14
Quote from just123me
:
Thanks. Think is I can't use any type of ad-blocks because I use cash back sites when purchasing online. I will definitely look into the password managers.
You can disable adblockers for certain pages. Check out uBlock Origin.

FYI, for PW managers, I used Lastpass for a few years but it developed a few issues, so I switched to KeePass.I recommend KeePass.
Reply Helpful Comment? 0 0
Page 1 of 1
1
Join the Conversation
Add a Comment
 
Link Copied to Clipboard