In the past year I have had 3 separate credit/debit card numbers stolen from 2 different accounts. PayPal twice, and a regular bank account most recently. The actual card was never misplaced or stolen. I am trying to figure out how this happens to see if I can prevent it. Two times the card was used overseas, in 2 different countries. Most recently a charge was incurred for an online dating site in Ireland! That, and $700 worth of other charges. There was Cricket, Newegg, an international service fee, etc. Over the past few days I have noticed the charges being reversed. So obviously something they entered raised suspicion. My bank was going to reverse charges but not until after I wrote a statement, which I haven’t sent them yet. Some background info to help figure this out, if you will. I have been working on Macs exclusively for 15 years. I never fall for any email phishing scams. I never get any phone calls asking for info. I always use bookmarked, legitimate URLS when accessing banking sites and other sites that would require sensitive info. I did have a router with no password for while. It has since been replaced with a new modem/router with WPA password protection. This has happened while using my PowerBook and now with my i5 MBP. My husband uses a MacBook at home for all banking and many purchases. He has never had any card numbers stolen. I have to make purchases online for my small business. I sometimes do this at small, local coffee shops. Bad? I use the physical cards at coffee shops too. I rarely use them anywhere else-sometimes at a small, local health food store. Could a worker be stealing info? Could I be keylogged somehow? Could my info be read on open WIFI or WEBbeams at the coffee shops? I try to be discrete and aware when entering info like passwords in public. I am running Sophos right now; not sure if it could pick up a keylogger or other program that could steal my data… Is this the best way to check if I have something on my computer giving my info? Other ideas? Editing to add Sophos results: 0 threats, 140 errors. Can errors lead to this type of problem at all?