Hey, just so you know ... this post is now about 16 years and 3 months old. Please keep that in mind as it very well may contain broken links and/or outdated information.

This past Saturday afternoon I received an automated call from my credit card company saying that there were some suspicious charges that they wanted me to verify. The computerized voice dutifully read off the past three transactions and asked to confirm that I recognized all of them.

Unfortunately, there was one I didn’t: a $1 pre-authorization charge from a travel agent in Nebraska. I indicated this by pressing 2 as directed and was told I would be transferred to an agent to discuss the next steps. After being on hold for 8 minutes, the automated voice said no agents were available and I would be called back later, click

Nice.

By Sunday afternoon I hadn’t received another call so I called the customer support number as listed on the web site. After punching in my credit card number into the automated system, I was asked, again, to validate some transactions which turned out to be the same ones as before (including the bad Nebraska travel agent one). I was eventually connected to a live human who informed me that their “systems were down” and they would be unable to pull up any account information until after 6pm and I should just call back then.

So last night I called back a third time and again the automated system asked me to verify some transactions. This time there were two new transactions I didn’t recognize for about $38 each. Up until now I had been hoping the Nebraska travel agent thing was just a fluke, but now I had that sinking feeling that something was indeed up. I spoke to a rep, who had me validate the same information again and then confirmed that it appeared that my credit card had been compromised and they would cancel it immediately. sigh

I’m glad my credit card company is actively monitoring this sort of thing and can stop it before any major fraud occurs (it’s in their best interests, after all). What’s frustrating is this is the third time since October 2007 that my credit card information has been stolen and used in a fraudulent manner. It’s really creepy!

Sure, I use my credit card a lot online … but I’m not new to e-commerce, or protecting my personal and financial information on the internet. I only use my credit card at trusted merchants (over encrypted connections). If I’m going to buy from a site I don’t necessarily know a lot about (or trust) I’ll use a secure one-time card generated by the PayPal plugin (and I use my Verisign PIP token to further secure my PayPal account). I still wish I knew how the theft was occurring so I could take measures to stop it. I’ve got to believe it’s not due to any direct action (or inaction) of my own, but due to things like third-parties with lax security measures over which I have no control.

Anyway, now I have to wait for my new card to arrive and then I can start calling my various service providers to update my card information. At least I have a comprehensive list of who to call/update (compiled from the last two times this happened) so I won’t miss any important items.