As reported in the New York Times :
www.nytimes.com/2010/08/22/business/22digi.html
Papers filed in court allege that over a 4 year period, thieves created fictitious Merchants through use of accommodation addresses and stealing other peoples identities, charged more than $10 million on consumers’ credit and debit cards, and then moved
the money to bank accounts in Lithuania, Estonia, Latvia, Bulgaria, Cyprus and Kyrgyzstan.
The thieves evaded detection until eventually enough consumers did complain by keeping each charge under $10 (often even under $1) and resisting temptation, stole from each cardholder only once, spreading the theft across more than a million cardholders.
So do check your Credit Card Statements, and if you see something (eg an unfamiliar Merchant Name) you don’t recognise, no matter how trivial the amount, then query it with your credit card company; in the UK you have 13 months to query a transaction (other
jurisdictions may vary), but obviously the sooner you do it the better.