[jazzyjackson]

Spoofing a descriptor I get, the most confounding part to me is how the charges continued after rotating the amex account number - isn't the whole point of getting a new card that charges against the old account are refused? Did OP update their Microsoft account with the new number? Any other way for it to be leaked ?

[crooked-v]

Recurring charges often use some arrangement with the payment processor that doesn't actually use the literal card number after the first authorization. There's a bunch of contributing reasons but the obvious ones are security (no storing card numbers) and to make things easier for both companies and individuals when replacing cards, since most outright fraud is one-off charges.

[amanzi]

I've had this happen to me before. I needed to cancel my credit card number and get a new one due to a fraud charge. I noticed that a bunch of valid subscriptions kept working despite me not updating the credit card number with them.

[nateb2022]

I've had a similar issue with Amazon. Amazon was charging me for someone else's Prime subscription, apparently they had somehow linked my Discover card to their Amazon account. Amazon was unable to unlink my card, and suggested I get a new Discover card number, which I did (twice) and both times continued to be charged by their system on a monthly basis. I just dispute it every month now.