someone stole my cc info but how?
 

a few days ago i discovered that multiple fraudulent purchases were made on my credit card. this is what i found out:

the fraudsters have my name, address, credit card number, my credit card's security number, and possible my cellphone number (because the number they used had the same area code as well as the same first 4 digits. in other words 7 of the 10 digits are the same).

i am racking my brain in trying to figure out how they managed to steal my information. i'm wondering if you guys, especially the computer experts, can give me some suggestions.

now, i never throw away my credit card bills. when i throw away mail i usually tear up my name and address pretty good. i do make online purchases but i mainly use paypal. i use my credit card at stores as well. I made more purchases than usual at stores last month because of Christmas shopping. that said, I think it was still under 10 transactions? also, i did have to enter my credit card number twice. but the second time, as i would find out later, was after the first fraudulent purchase took place. i did have to enter the security number of my credit card for both orders.

whenever i have to enter my credit card info which is really rarely, i always run every scan i have before i do so. i know that probably isn't 100% effective but still.

i'm just wondering, do you guys think the chances that my info was stolen from my computer/the internet, or at the shops i went to? and all the stores i purchased from are big chain stores. what do you think?

and if the info was stolen when i was making purchases online or from my computer, what should i do?

Scan your system with the latest from Ad-aware, Spybot, and my new favorite, Malwarebytes Anti-malware.

I had the same thing happen to me, only the damage was limited to one fraudulent charge on my account.

I saw a popup come up in Firefox with the word 'install' in it, then a command prompt, and both disappeared. Seriously, to the untrained eye, they wouldn't have noticed anything, and if I hadn't been paying attention I wouldn't have caught it. Turns out it was an Iframe exploit. It all happened in a half a second.

I started up both ad-aware and spybot, checked for updates, then disconnected my machine from the internet. In the 2 minutes it took to update spybot and ad-aware, the bot scraped my internet cache and my CC info sent it off to the interwebs. Spybot found the malware, as did Ad-aware. Still, the malware was fast enough.

The very next day I received a call from my CC fraud prevention unit, asking if I'd paid for an AdultFriendFinder sub. Turns out it was flagged as fraud since the charge didn't have my CCV2 number. It either wasn't stored in the internet cache, or I disconnected in time. My cc company is great at handling fraud, and the fraudulent charges were reversed in no time.

I know people clear their internet cache on a regular basis, especially if they're going trolling for *cough* WarezSerialzHax *cough* somewhere like astalavista or the like. Just sayin. If you're going to the dark side of the internet, use protection. Patch the fvck out of your system, and keep your antivirus/spyware solutions updated at all times. if you don't have antivirus/spyware, get the aforementioned three, and AVG free if you're a cheapskate.