What you are describing is known as a man-in-the-middle attack. Credit cards 'should' be safe from that as most sites use https (encrypted) for such transactions, however the attacker can still get a list of sites you visit and when you visited them.
What you are describing is known as a man-in-the-middle attack. Credit cards 'should' be safe from that as most sites use https (encrypted) for such transactions, however the attacker can still get a list of sites you visit and when you visited them.