The usual "credit card" string
Every vendor in the spaces used Credit Card strings and they are really simple and unique format, and thus easily defined.
The trick is finding all that "other stuff", so every time with catch someone doing something bad then in retrospect we write another string search......
Else you let your IT and/or security team go trawling for anything suspicious. [and that's so good for employee moral].