About two months ago, a travel agent sent me an email to confirm a credit card number. They stupidly included the credit card information in the email. I read that email is not secure and sending credit card information in this way is a bad idea. However, I figured several hundred million emails are sent each day. The probability of someone intercepting this one message seems miniscule.
After scolding the travel agent, I stopped using the card and checked the account every week or two for activity. Well, sure enough in the last two weeks there were charges from Cambodia and Poland totaling about $400. I called the credit card company and informed them the card has been compromised. They put a hold on the card and will investigate. I am not responsible for any fradulant charges.
I am interested in figuring out who could get the card information and how they did it. I find it hard to believe someone could intercept that one email. I did use the card often, even online. I make it a point of dealing with merchants who seem honest. I have never entered the card information in any site linked from an email message. This card was registered with PayPal, but there is no fraudulant PayPal activity.
I do travel on business frequently and visit some out of the way places. I was in Poland last summer and did use the card to charge hotel rooms. I’ve never been to Combodia.
So I ask the Teeming Millions: Is it likely someone was able to intercept the email message and get my card information? If not, what is the most likely way the card was compromised?