The blogger at GhettoWebmaster dropped us a line to help spread the word that those Wal-Mart pre-paid Visa cards are not only financially a horrible idea, but that your money would be safer scattered in the street.
I heard about Walmartâ€™s new â€œMoney Cardâ€ which is nothing more than a prepaid Visa card. Just like any other such card, it has a website where you can check your balance, add funds to your account, etc.
Alternatively, you can have your account information stolen, be exposed to hardcore XXX porn, or line the pockets of a bottom-feeding douche bag while trying to reach the site. Why? Because Walmart, just like most companies, is nothing short of retarded when it comes to internet security and protecting their brand in the online world.
No big surprise there. Why should Wal-Mart care about the security of your card after it collects the up-front fee you pay for the priveledge of loaning it money interest free? Here’s the problem.
Their site says that itâ€™s secure. It even has a nifty little seal on it from Thawte verifying that itâ€™s protected by RC4 128-bit encryption.
Yeah, so what? I said that all those evil evil bad bad things could happen to a person while trying to reach the site. I never said that theyâ€™d actually make it there. Your good olâ€™ Uncle Buck or Aunt Charlene whoâ€™s not too savvy on that there interweb, but falls perfectly into the demographic of folks who would have a Wally World prepaid money card, is likely to mistype the web address.
Thatâ€™s why any security-minded company who wants to protect their customers and brandâ€™s image would / should at the very least register all of the most common typo domains when setting up shop on a new domain – especially if itâ€™s a financial kinda deal. In Walmartâ€™s infinite wisdom, they did no such thing.
I’ve been hovering around the edges of computers for more than 30 years and one lesson I’ve learned is that the moment anyone claims to have created the unhackable you can start the countdown clock to when it will be, in fact, hacked.
There is nothing code-slingers like better than making a fool out of some arrogant suit.
After hearing about this new Walmart card and the accompanying website, I checked to see if they had registered and were forwarding over traffic from one of the most common typos: the full web address prefixed with a â€œwwwâ€. Typing out â€œwwwâ€ and then forgetting or simply missing the dot afterwards is commonplace among eTards and fast typers.
Sure enough, wwwwalmartmoneycard.com was wide open. So, I registered it. Just for good measure, I went ahead and registered almartmoneycard.com today too. Missing the first letter of a domain is also pretty common. Luckily for Walprivilegely World, I snagged those domains with the sole intent of using them as an example for this blog entry.
And see? You don’t even need a degree in Computer Science to do something like this. Imagine what the real crooks are thinking.