My wife came up to visit me in my office at the end of the day today. She came by to tell me that she had just come from the bank and my debit card had been disabled. There were about $700 in charges made at gas stations and a Walgreens in and around Warren, MI. The two largest charges were at Walgreens for $306 and $311. What the hell can you buy at Walgreens that costs that much? I suppose it could be pharmaceuticals but wow.
The bank gave me paperwork I need to file a claim for each transaction. I have to do due diligence and contact the merchants, notify them that it is a fraudulent charge and ask if they will reverse the charge. I have to document what the merchants tell me and what action was taken, if any. What a pain.
My best guess is that my number was somehow captured from an online transaction. I don't use my card very much to begin with and don't shop online with great frequency (I'm too much into that instant gratification thing). When I do use it online, it is with familiar companies such as Amazon, Newegg, etc. I'm pretty sure I know where it happened.
I was cruising the deals.woot list last week and saw a USB cable that had 7 different ends, including iPod, mini and micro USB, Nokia, and Sony-Ericsson. Once I added shipping, the cable was about $7 so I ordered one. The site was called I Have to Have That (ihavetohavethat.com or ihtht.com). I had never ordered from them before but I saw a lot of their deals on the deals.woot list in the past. I didn't even think twice. In fact, I bought some dog biscuits from one of their partner sites a few days later.
My products arrived in a timely manner and I am satisfied with them for what I paid. But that is the only place I have shopped recently that I can even imagine would have skimmed my number. Oddly enough, the charge for the cable hasn't come through yet but the dog biscuits have. Of course, this is the last time I will ever shop I Have to Have That and, in the future, I will always use PayPal if that is an option.
Just because I'm mildly paranoid now, I also went through and changed all of my passwords for email, Facebook, etc. and scanned my systems for viruses.