My credit card was stolen, but it's still in my wallet

Here's how thieves manage to get your card number and security code -- and steps you can take to reduce the likelihood that you'll become a victim.

By MSN Money Partner Aug 13, 2013 12:03PM
This post comes from Jennifer Gregory at partner site logoI am positive that I had a puzzled expression on my face as I looked at my online credit card statement. I was relatively certain that I hadn't bought Farmville credits for Facebook or registered for an online genealogy website.

Credit card Computer( © Photographers Choice RF/Getty Images)And I was positive that I hadn't recently purchased a pre-designed website. But what had me even more perplexed than the thief's odd choices of items to purchase was the fact that my credit card was still in my wallet and had not been physically lost or stolen.

I immediately called my credit card company and the friendly representative assured me that I would not be liable for purchases I didn't make.

She also told me that the theft of both a credit card number and security code was very common and most likely didn't happen because I was careless with my card or number, but she couldn't explain exactly how my number was stolen.

How did the thief get my credit card number and security code?
Being a journalist, I took matters into my own hands and investigated in hopes of better understanding what happened so that I could avoid being a victim in the future. After talking with several experts, I learned that most card numbers are stolen through three methods:

1. Data breaches. According to the Privacy Rights Clearinghouse, over 600 million records have been stolen since 2005. If a company or website that has your credit card information has a data breach, then it is likely that your credit card number can fall into the wrong hands.

Neal O'Farrell, founder of the Identity Theft Council said that data breaches are the most common way for a hacker to get your credit card number. While some data breaches make national news, others are actually never discovered by the company or the consumers. "In data breaches, it has nothing to do with what the credit card user did, but that another organization or business with access to their credit card number did not protect it properly," O'Farrell says.

2. Keystroke logging. Another common way that a thief can get your credit card number is by installing a so-called keylogger on your computer without your knowledge and record every keystroke you make, including credit card numbers and security codes.
George Waller, executive vice president and co-founder of StrikeForce Technologies, says that phishing, where you click on a link sent you in an email, or visiting a website that has been infected with a keylogger are the most common ways to get a keylogger installed.

3. Card skimmers. Your number can also be stolen by an illegal device that copies your credit card number, which thieves then either use for their own purposes or sell to others. Card skimmers can be implanted in readers, such as at gas stations and ATMs, or an employee can run your card through a skimmer when you hand it over for payment.
How can you prevent this?

Unfortunately, there is no fail-safe way to prevent your card number from being stolen, especially since hackers are becoming more creative each day. "It's very easy crime to commit, but it's very difficult to retrace and identify exactly where it happened. Because of that it is very hard to prevent this type of theft," says O'Farrell. However, there are things you can do to reduce your chances of being a victim:

  • Check your credit card usage online between billing cycles. Make a habit of logging onto your account once a week to verify that you have made all of your charges. Thieves will often charge very small items, such as the Farmville credits in my case, to test the card. Contact your bank immediately if you notice any suspicious activity.
  • Protect against keyloggers. While most people think that antivirus software will protect against keyloggers, most antivirus software is defenseless against malware."Since it almost impossible to stop keyloggers from being installed, we have found that the best strategy is protecting your data by installing keystroke encryption technology," Waller says.
  • Check for card skimmers. While it can be hard to spot a compromised card reader, get in the habit of checking for anything that looks unusual before inserting you card."Examine any insertion points to make sure that anything is sticking out further," says Sherry. Familiarize yourself with photos of compromised card readers to help you be on the lookout.

Hopefully by using the common sense strategies that the experts recommend, I won't find myself in the position again. But I have to say that I am still amused by my thieves choices of purchases. I guess he or she must really like Farmville.

More from


Aug 13, 2013 3:55PM

Just to add one thing to this, scrutinize the small charges to your card as well.


 Thieves usually "test" the card by putting a very small charge on the card before  going "all in", it can be as small as 0.99. After a recent trip abroad we noticed a small charge in another country (which we hadn't visited).


due to our diligence the next charge was not only declined but they caught the person making it.

Aug 13, 2013 3:50PM
I think dishonest employees can also simply steal you cc number and either sell it or use it themselves.  My bank called me at home and asked if I had charged $1100 at Walmart in Kansas City.  I live in Maryland and have never been to KC
Aug 14, 2013 9:40AM

i called my CC company before i took a trip to europe.  i heard that is smart to do to insure they don't see my trip as a bunch of unexpected fraud charges. 


3 hours later i got a call from the CC company about some charges occurring 3000 miles from my home.  i hadn't even started my trip yet! 


the occurrence of the charges to me were likely due to some "announcement" inside the company about cards about to see unusual expenses.  someone perhaps thought they'd have maybe 2 weeks to get away with their fraudulent use of my card before i'd come close to noticing it. 


face it - so much of today's business is handled by "Joe" in india.  who believes our CC information is safe in 3rd world countries around the world? 

Aug 13, 2013 6:54PM

Yup, I'm retired and Socialist Insecurity goes into my checking account, and I use a debit card to access the money. 


I suddenly noticed my balance was going down.  Of course, by the time I got the statement, over $1500 had disappeared out of my account!  My bank cancelled the old debit card and issued me a new one. 


Not a lot of help...  'It's a debit card, and isn't given any protection, like a credit card.' 


Since Social Security only comes now on debit cards, I'm guessing this is the next major scam?

Aug 13, 2013 3:25PM
This happened to me at a wedding.  A guest took a picture of the front and back of 2 of my credit cards with his cell phone and racked up a bunch of online charges.
Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates theCode of Conductplease use this form to notify the moderators. They will investigate your report and take appropriate action. If necessary, they report all illegal activity to the proper authorities.
100 character limit
Are you sure you want to delete this comment?


Copyright © 2014 Microsoft. All rights reserved.

Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.