How does credit card phishing work? I bought an item on-line yesterday with my credit card. Today I got an email, supposedly from MBNA, stating I could win 1000 euro worth of groceries if I click on a link to their website. It looked really tacky with a big milk carton! Check it out www.visa.ie. It asked for my name, last 6 digits on credit card, date, amount and location of my last grocery purchase. I sent the email on to MBNA's fraud dept and they stated they would close down the site, but it is still operating. My question is, if they managed to get the brand of my credit card, my name and email address, why were they unable to get the number of the credit card?