So I checked my credit card transactions online this morning (as I often do just to keep track of what I'm spending), I noticed three transactions that definitely weren't mine. Long story short-someone got ahold of both my credit card number, expiry date, and home address and phone number. the $800 or so in transactions don't really worry me-the company will charge them back, and I'll get credited, but it's how the guy got my card number that I want to know. Now I delete any email that looks suspicious, don't open unsolicited attachments, and keep norton and windows up to date. I use my cards online, but any of those transactions have been through a secure connection, and I find it hard to believe that someone has broken RSA. I can't think of what (or how) something could have made it onto my computer without my knowledge. Norton hasn't picked up anything, and it's been a while since I ran ad-aware or anything-could there be something more malicious out there? Any suggestions on how to find it? It's probably something like one of the businesses I've bought something from online either selling or having their database stolen (i.e. no fault of mine), but it raises some interesting questions. I've seen a lot of paranoia about what people can get from your computer, and am wondering how much of it is really justified. From what I understood, the worst any of this "adware" or "spyware" could do is to track web activity-not actually capture anything that's sent to an encrypted source. I also know that there are scams out there that will put out fake links to sites that ask for CC info (and look legit), but I can't think of any time when I've clicked on one of those either. Anyone have any thoughts as to how my infomation might have gotten out there?