Thanks for sharing your story, Doug. I am very sure that my credit card number has never gone through anything other than an SSL-encrypted channel from me to those I've done business with on the Internet. I write security software for a living so I'm reminded daily of how many people out there are looking to break into things and get information.

The only possibilities I can think of are:
1) The "old school" method of dumpster-crawling for a CC# on a receipt.
2) A cashier/waitress at a restaurant or other business getting my info from their copy of my receipt and then using it.
3) One of the merchants who has my CC on file (not many, I rarely select that option, but sometimes they don't give you a choice) had a database hacked, or had some inside fraud going on.

Anyway I seriously doubt I'll ever find out who did it... As long as the charges are reversed I'll be happy. My one hope is that it's an isolated incident and that I'm not headed for some kind of identity theft.