Odyssey Bar owner Andy Kordopatis of Pocatello says he gets three or four phone calls a day from people wondering about electronic transactions at his bar that appeared on their credit card.
"It's crazy," Kordopatis told the Idaho State Journal. "What do I do?"
So far he's been referring the callers to Lawrence Baldwin, a cybercrime investigator from Georgia.
Baldwin said criminals got the credit card numbers after hacking into Heartland Payment Systems.
He said the criminals are using Odyssey Bar not to make purchases, but to see if the stolen card numbers are still valid by checking to see if there is authorization for a pending charge.
If the cards are active, the thieves use them to go on shopping sprees, Baldwin said.
Some of the card holders who keep close watch on their credit cards online are calling Kordopatis after seeing small pre-authorization charges.
Baldwin said Kordopatis has done nothing wrong and is not at risk of losing money. He said Kordopatis is one of thousands with merchant accounts that criminals are using as phony charge sites for pre-authorization checks.
"There's all different classes of people that are using these systems," said Baldwin. "Some of them are basically street criminals who are on the ground, trying to use these cards at Wal-Mart and Target and such."
If a card number is valid, the criminals have equipment to electronically write the number onto the magnetic strips of a blank card.
"Five minutes later, they run in the store and buy a $500 camera," Baldwin said.
He said the pre-authorization typically never appears as a charge, and is usually only spotted by banks with careful fraud precautions or card holders who frequently check their accounts online.
Baldwin said even he's been a victim.
"I had it happen on my own card," Baldwin said. "It was because of the Wyndam Hotel breach (last July). The ironic thing is I was meeting with law enforcement at the time to discuss identity theft issues."