While I was scrolling down the artists news I stumbled across this journal and I thought to share it despite not being able to directly help the person who experienced this nasty incident, if you can spread her journal is fine too so more people can reach her and eventually directly help her:
https://artistiacons.newgrounds.com/news/post/1514530
I know the person in question may not want to talk about details of how it happened but I want to take opportunity to mention possible causes of this event by using this website that shows some interesting causes of it:
Physical credit card theft still happens. If you forget your wallet somewhere or your wallet is stolen, a criminal can snatch your card and use it right away. A stolen or lost credit card has the unique advantage that it’s ready to use without requiring any extra steps.
Your mail can be an easy source for credit card fraud. If you throw away a pre-approved card, accidentally toss a replacement card, or forget to shred your statements, anyone can take them out of the trash and use them.
Perhaps surprisingly, family members are often the perpetrators of credit card fraud. A family member or friend you trust could have access to your cards and use them without permission. Or, a member of your family could open a credit card in your name.
These small devices collect credit card data from the card’s magnetic strips, which criminals then use to create a cloned card. Thieves install skimmers on ATMs, gas pumps, and other publicly available card readers.
Shimmers are the natural evolution of card skimmers. But instead of stealing data from your card’s magnetic strip, they go inside the reader and steal your chip information.
Open wireless connections at places like coffee shops and airports are notoriously unsafe. Hackers can use what’s called a “man-in-the-middle” (MiTM) attack to intercept your connection and collect any data you share, including credit card information.
Many modern cards use radio-frequency identification (RFID) for contactless payment. A thief close enough to you with the right device can use this technology to “scrape” your credit card information. There are very few reports of this scam, but it could grow as RFID becomes more common.
Phishing is a type of social engineering attack designed to scam you online and give up your sensitive information. A phishing message pretends to be from an organization you trust like your bank or the IRS. But if you share information by clicking on the link or responding to the email/text, the data goes directly to a hacker.
Phishing attacks can also try to get you to download attachments that include malware. This harmful software can steal sensitive data from your devices and share it with hackers. One common type of criminal software — called a keylogger — records everything you type. This includes credit card numbers, passwords, emails, and more, and sends them to the hacker.
Phishing attacks can also take place over the phone. A scammer will call posing as an authority figure who needs to confirm your credit card information. Often the scammer will use serious threats — like jail time for unpaid taxes or criminal activity on your card — to get you to act.
A rogue restaurant employee can copy your card data when you’re not looking (this scam is called shoulder surfing). Or, a call center worker can write down your information when you pay via credit card over the phone. I remember something like that happened in Japan where a man, with a strong eidetic memory, stole credit/debit card info from customers and drained their accounts.
Hackers use different types of cyber attacks to inject malicious software onto website forms. When you enter your info — including credit card numbers — they get access to them.
Researchers found “formjacking” code on major sites like Ticketmaster, Newegg, and British Airways. In 2022, security experts detected the code on over 100 real estate websites.
A thief with login information for your credit card company can use your credit as if it were their own. This form of identity theft is particularly dangerous as a fraudster can use account information to apply for new credit, take out fraudulent loans, and collect personal data.
Research shows that data breaches increased by 15% from Q2 to Q3 of 2022. Billions of account details have been leaked from Facebook, T-Mobile, Experian, LinkedIn, and more. A single data breach can expose tens of millions of credit card numbers to hackers on the Dark Web.
Many websites where you shop or pay for services offer to keep your card on file. While this can be convenient, it also means that if a hacker later accesses the company databases, they can steal that saved data(1).
https://privacy.com/blog/how-can-someone-use-my-credit-card-without-having-it
References and footnotes:
(1) https://www.aura.com/learn/how-do-people-steal-credit-card-numbers