Yesterday, I received a letter in the mail from my credit card company saying that they have been desperately trying to reach me and that I should call them about my account as soon as possible. This was curious; I can pretty much identify all the calls I’ve been avoiding and I don’t recall American Express being one of them. It occurred to me that the good thing about phishing scammers, I guess, is that they tend to avoid print. (Point in our favor!) But I do love those e-mails I get purportedly from PayPal or Bank of America, where the logo graphic is distorted, things are spelled wrong, including the name of the company (“An important mesage from Paypall”), and the reply-to address is something like [email protected]. Sometimes it seems like the scammers aren’t even trying anymore.

Still, I was suspicious about the AmEx letter, so I did some verification. Before I wasted five minutes calling them back, I thought I would waste twenty minutes examining their letter first. I made sure that everything in the letter was spelled correctly, I compared the logo on the letter to one on a past statement to make sure they were the same color and proportions, and I was satisfied that it was a legitimate letter. Sometimes I will do anything to avoid raking the yard.

I called them, still somewhat dubious, and the phone system was fairly labyrinthine and irritating. “Say or enter your card number...Say or enter your mother’s maiden name...Say or enter the number of quarts in a gallon...Say or enter the Gettysburg Address...Now press the pound sign for no earthly reason.” Then I accidentally coughed, the robovoice got indignant and said tersely, “I don’t understand what you said,” and made me start over. Yep, there was no mistake: it really was American Express’s phone system. (At least it was better than Verizon's, which is basically the Winchester Mystery House of phone systems.)

A human ultimately came on the line and told me that someone has stolen my identity. My initial response was, “My identity? I guarantee, give them five minutes and they’ll be begging me to take it back.” But, no, someone used my card to buy a $1,000 sewing machine from and $1,600 worth of leather handbags from something called, which I had never even heard of before. They also changed the address, phone number, and e-mail address on my account. These guys (or girls, perhaps, given what they bought, but then one never knows...) were good; the next time I move, I wonder if I can get them to change my magazine subscriptions.

Last year, another card number of mine was stolen, and someone had bought a few hundred bucks worth of beauty care products at, another company I had never heard of before.

Then it occurred to me: I wonder if this is a new type of marketing strategy. A company nicks someone’s credit card number, charges some stuff from their own store, knowing full well the credit card company will probably end up rejecting it anyway if the cardholder disputes it. But regardless, the cardholder ends up going to their Web site to find out what the heck is (maybe they did buy something from them and forgot about it), and maybe sees something they like. Or ends up at to find out what they sell, and keeps it in mind when the significant other’s birthday rolls around. Hmmm...could this strategy be transpromo’s “evil twin”?

Farfetched? Yeah, probably. But then I’m the same person who for years thought that credit card companies also partnered with the companies that made paper shredders.

Still, in all seriousness, say what you will about credit card companies, but I am impressed with American Express's ability to spot and resolve identity theft problems. About five years ago, someone had stolen my AmEx number (you know, I've really come to like using cash) and charged (I swear I am not making this up) a couple hundred bucks' worth of anti-spyware. AmEx had caught that before I did, which was rather impressive, because it's the kind of thing I would be likely to buy (unlike leather handbags or a sewing machine). So I asked them, "How did you figure out it wasn't me?" And they responded, "We don't tell anyone so that the bad guys don't find out." That's a fair point.