What is the most stupid thing from an infosec perspective on the internet? Surely nothing tops the recklessness of those kids who get their first debit or credit card, take a picture and post it on the internet. The problem is so widespread, there are several twitter accounts setup specifically for the purpose of tracking such pictures and retweeting them.
Of course, some may argue that it is a minor issue and not much can be done with the PAN or in some cases the number is blurred out etc. However, the issue runs deeper, as it is an attitude issue. A person who is going to put a picture of their bank card on the internet, is most likely going to be lax with other personal details they put online, such as their name, address, pictures of themselves etc.
You can have all the security controls in place you like, but if people are going to continue to be reckless with their own data, there is nothing that can be done to protect them.