I’m a very private person. I only share my home address with family and handle everything else—work and personal—through my work office, which is an hour from home. My online presence is minimal, and I shouldn’t be on any mailing lists at my home address.
A month ago, I got a letter from the Sierra Club addressed to me at my home. I didn’t open it, just threw it in the recycling. Last week, while checking my credit card statements, I saw two monthly charges to the Sierra Club for a membership I never signed up for. I dug out the letter, opened it, and it was a welcome message for my “new” membership.
Here’s what’s strange: I didn’t sign up for this. I tried logging into the Sierra Club website, but they said my email didn’t match what they had. I called them, and the rep said the email on file was some gibberish Hotmail address I didn’t recognize. I updated my info, canceled the charges, and stopped all payments.
I’m not upset about the money—it’s just a few bucks. What really confuses me is how this happened. To recap:
Someone got my credit card info and my very private home address.
They used it to sign me up for a charity membership.
They haven’t made any other unauthorized charges on my card.
What’s going on here? I called my bank, canceled my card, and got replacements for me and my wife. I’m just baffled by the whole thing. Has this happened to anyone else?
Hey, just a heads-up for anyone new here. Be careful—scammers might DM you pretending to have a solution or offering to recover your money for a fee. Don’t trust advice given in private. Always discuss things openly in this thread so everyone can weigh in and help.
Also, quick reminder: don’t share personal details like names, phone numbers, or email addresses here. Let’s keep it civil and stick to the forum rules. If you spot something suspicious, use the report button to flag it.
This is actually pretty common. Scammers often use nonprofits to test stolen credit card info. Nonprofits have low transaction minimums, and they’re not as strict about security checks as regular retailers. It’s a quick way for scammers to confirm a card works without raising red flags.
What’s odd in your case is they didn’t follow up with more charges. My guess is they were compiling a list of valid cards to sell later. It’s part of organized crime, not just random individuals testing one card for personal use.
Here’s my take: the scammer got your credit card info but not your full billing address. To fill in the gaps, they could’ve pulled your property records—they’re public—or found your address in a data breach. Even though you use a work address, utilities like electricity and water will have your home as the service address, so it’s not hard for them to piece things together.
In the US, property ownership and tax records are public. So unless your house is owned through a trust or something, it’s easy for someone to find your home address. If the scammer already had your name, they could search public records to get the rest.
As for how they got your card info, it could’ve been a data breach, a skimmer, or even someone taking a photo of your card while you were using it.
First, check with your spouse to see if they signed up for it by mistake. If not, the gibberish Hotmail address makes it likely this was a scammer testing your card.
Card skimming and identity theft are everywhere these days. Scammers can get your address in lots of ways—buying hacked data, pulling info from public records, or even digging through trash. One of my coworkers had their server hacked within two days, and it was packed with stolen credit card data. It’s wild how easily this info is traded.
@Kimberly
Nonprofits often skip address validation entirely. Like I mentioned earlier, they keep fraud filters minimal since they don’t lose much when fraud happens. It’s not like a retailer losing expensive goods—it’s just a bit of processing and mailing costs.
@Mia
That makes sense. Nonprofits probably don’t have the resources to implement tight security anyway. They’re more focused on running their programs than building out advanced fraud detection systems.