I believe everyone checks their credit card statements. To navigate, even thinking about it, in that direction would be so stupid, ie person thinking not to be caught Do you really believe that organizations forgo security measures on billing information, with the justification that "no one would be so stupid as to try to obtain that information"???
Trust me, there ARE people who try to obtain that information.
In some organizations, admin users who have access to billing information have to sign very strict agreements that spell out severe penalties.
I don't have an active credit card on file with the UT. But if I did, you better believe I'd be asking some questions right now.
Kevin