Comment | What kind of activity? Online purchases of in-person?
Whilst the card could have been skimmed (which would enable in-person fraud), getting hold of the security code (last three digits on the rear) would be nigh-on impossible if it never left his sight.
One possibility is that his data was part of a breach from a poorly run site, has he checked haveibeenpwned?
This is why you always, **always** use a credit card with a low limit for online purchases. You get the CC protections and the damage is limited. **Never** use a direct debit card. |
---|