![]() |
Quote:
-buy some aged emails. many merchants of high risk items use a product called emailage to get information on an email address and this includes when it was created. any newly registered email is deemed high risk for any merchant who will be a target for fraud (sellers of electronics,digital items). you can find aged emails on any online marketing forum -Visa and Mastercard networks do not verify the name on a credit card, so you can put whatever name you want in the name field on an order form. If you buy some aged emails and some of them have a name in them, just put that name in the order form and you'll see a higher success rate. Obviously if the merchant calls the bank to confirm the transaction then it'll be declined, but this doesn't usually happen as long as everything looks right -Amex cards are the exception to what I said above. they do verify the name, and they tend to have higher security than visa and mastercard, so I normally avoid them. -You mentioned wanting to try a centurion. Why? Try thinking about this process rationally-why would anyone with a centurion card try to buy a $50 game code? that is much too cheap for someone with such a card. success in carding comes when you successfully impersonate the individual, and this can be done so long as you use common sense. If you're looking to purchase something like a $50 code, then use a standard credit card and maybe you'll see higher success -Do you have a good burner number for verification calls? This can be crucial in many instances. A good number mind you-not some virtual shit. -5socks is a good socks5 provider. How are you using the socks? I like to use the software proxifier and run everything through that as mozilla can leak stuff randomly I find. Are you checking for DNS leaks? Go here to check http://dnsleak.com/ you can enable "resolution through proxy" in the proxifier settings to use that proxy's DNS -Use getipintel.net to check the fraud risk score of the proxy you're using. Anything above 1 I tend to just scrap and replace. Use ip-score.com to check that your IP is not on any spammer blacklists. -Are you changing the time zone of your machine before you card? If you're on the east coast USA and you're on a California IP, but your computer's time zone is EST then that is obviously a red flag. Make sure to change this -If all of the above sounds like too much work for you, then maybe you can try phone carding using the 4G data network. anti-fraud networks do not typically blacklist such IPs as that would be unfair to the many legitimate customers that rely solely on their phone data. You can get a lot of success just doing this -There's not many hints I can give you in finding the right bins as it's mostly a solitary struggle for all of us. You have to experiment and just be smart. Eventually you'll amass your own list that you can do a lot of damage with. Keep notes on the bins you card with and maintain that list. Update it everytime you card I hope this helps |
Quote:
Thank You |
Quote:
|
Thanks for your knowledge bro ... I have a question ... When I go to carder a cc to pay with the interface of paypal they ask for two telephone numbers(phone and mobile), I can add numbers of telephones fake of the state or city of the card? ... That could decline the payment? |
Quote:
I have a few bits here to share overall. Having an "aged" email that was never used in previous orders is as useful as a newly created email; while having an "aged" email that was involved in fraudulent orders in the past is worse than a newly created email. Emailage, Sift Science, and other similar fraud-prevention tools do NOT actually have access to the creation date of the email from the provider (and they never make that claim). The way they work is by having a group of merchants share data about their orders and your email "age" is inferred from its existence (or lack thereof) in the earliest order in the repository, and, if present, whether that email has been involved in legitimate or fraudulent orders. Therefore, there is no actual need to purchase an "aged" email that was unused. The second point concerns how merchants are able to verify whether the name supplied matches what's embossed on the card. While it is true that processors aren't able to match the name supplied with the name on the card like they are able to do with other numerical data (such as numerical portion of address, zip, CC#, EXP, and CVV), and while it is true that merchants can manually verify the data by calling the issuing bank, there is often an automated step in the middle that I have never personally seen shared on any forum. A merchant can attempt to match the name supplied against the array of people that are listed to live on a particular address. What happens here is two things, if the name supplied does indeed match the name of one of the people listed as residing at a particular address, the merchant can safely assume that it is the actual cardholder (although it could very reasonably be a sibling or a relative, or even a roommate of the actual cardholder placing the order instead), and in this case, this signal can be deemed safe. Whereas if the name does not match against any in the array, the risk is elevated (merchants are well-aware of thieves changing the billing address before placing a fraudulent order OR redirecting a shipment once an order has been shipped to the real billing address since the name matches the thief's name). There are some other points, but this should be enough for now. |
Quote:
Fair point on emailage. I would still strongly suggest buying aged emails though. Online marketers who sell these do not just make them and sit on them for a few years. They are emails that they've used themselves for various things related to their work and this involves often using them for LEGITIMATE purchases. I've never had an aged email that was just unused or used for fraudulent orders (different story if you buy these from a fraudster obviously). there is often an automated step in the middle that I have never personally seen shared on any forum. A merchant can attempt to match the name supplied against the array of people that are listed to live on a particular address. What happens here is two things, if the name supplied does indeed match the name of one of the people listed as residing at a particular address, the merchant can safely assume that it is the actual cardholder (although it could very reasonably be a sibling or a relative, or even a roommate of the actual cardholder placing the order instead), and in this case, this signal can be deemed safe. Whereas if the name does not match against any in the array, the risk is elevated (merchants are well-aware of thieves changing the billing address before placing a fraudulent order OR redirecting a shipment once an order has been shipped to the real billing address since the name matches the thief's name). I'm a little confused on what you mean. Are you talking about Experian File One? Or public data? If public data, that can be at times ridiculously inaccurate and surely unreliable for any merchant looking to verify information. I've carded numerous electronics, e-tickets, wholesale sites, gift cards, etc. and used a different CH name for all of them. So...Who is using this? Better question would be what is using this lol. |
Quote:
And regarding the second point, comparisons are made against public and proprietary DBs. And I do agree that the DBs can be inaccurate, but it remains a signal that affects the fraud score. And since you asked, I know with fully certainty Tigerdirect uses it, as well as Sony in the past when they still had an ecommerce division, although many others are also likely using it. |
Quote:
The DB checks you mentioned is very interesting. I've never heard of it and I've opened a few payment processor accounts. If it's Experian File One, then it certainly makes sense that places such as TigerDirect would use it. I'm gonna play around with it and see what I can do with them. |
Unbelievable amount of information in just a few posts. Thank you AsukaCredit and jamesbondd, this info is pure gold for me and other members too. I will now try to answer some of the AsukaCredit's questions: -You mentioned wanting to try a centurion. Why? Try thinking about this process rationally-why would anyone with a centurion card try to buy a $50 game code? that is much too cheap for someone with such a card. success in carding comes when you successfully impersonate the individual, and this can be done so long as you use common sense. If you're looking to purchase something like a $50 code, then use a standard credit card and maybe you'll see higher success I was just reading random info everywhere and I didn't realize that centurions are for high-ticket items and pro carders. Standard credit card it is from now on. -Do you have a good burner number for verification calls? This can be crucial in many instances. A good number mind you-not some virtual shit. Unfortunately NO. I am in Europe, currently I don't know how to get an US pre-paid SIM, I will look into this, thank you. -5socks is a good socks5 provider. How are you using the socks? I like to use the software proxifier and run everything through that as mozilla can leak stuff randomly I find. Are you checking for DNS leaks? Go here to check http://dnsleak.com/ you can enable "resolution through proxy" in the proxifier settings to use that proxy's DNS Yes, at this part I am careful, I use proxifier and firefow and set proxy sock in BOTH of them, then check with check2ip.com, and whoer.net and 3-4 other checkers and adjust everything (time zone, java, flash etc.) until everything is green https://txgate.io/images/smilies/smile.gif -If all of the above sounds like too much work for you... Not at all, you have just filled the gaps in my setup https://txgate.io/images/smilies/smile.gif Actually, I was doing similar thing on gift code sites. Created an account, and randomly browsed the website, logout, leave it for an hour and get back and try to card. But chatting and leaving it for a day or two sounds reasonable. How do you search for cardable site? Go through them all until you hit the winner? I was doing "10th page of the google search result shop" method. Also, what about using non-US CCs? I see they're more expensive on jstash, must be the reason for that? German CC, German socks and German site? Hm? Cheers! |
Good post been enjoying reading it. I've been in this game long time ago (silverunix, irc nodes tempsys etc... ) . I was buying game memberships, it was so easy 2 card, even google checkout was cardable (good old days). Unfortunately I stopped doing it. But now i wanna go back to game again, but there is so many security added in all of these merchants. I was just wondering is still worth doing it? I'm planning buying digital goods,clothes ( everything that I can sell instantly ) what setup shall I use? My plan is : Buy a server with Monero VPN ( using express vpn ) Socks 4/5 (probably gonna use private shop posted in other forums) Disposable sim card What else am I missing? |
All times are GMT. The time now is 07:47 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.