Quote:
|
Originally Posted by AsukaCredit
You can contact me
I'd also like to share a story about a relatively obscure gift card site I was hitting last year for good money before they caught on. Just to give you an idea on what goes into successfully carding digital items for decent money. This site sold Itunes and Amazon gift cards primarily. How I approached it was relatively simple if not a little time consuming as well (well worth it though). I'll list what I did step-by-step:
1. Registered around 30 accounts with the site using aged gmails, yahoos, and a mixture of domain emails. Also used burner numbers from prepaid simcards so I would have a valid phone number. this may sound time consuming (it is) but keep reading. it's worth it.
2. Bought 30 CC from my supplier and confirmed they ALL had a good balance by calling into the bank. After confirmation I would attach each card to a different account on the site.
3. from each account I would browse the site in as random a way as possible. they had a livechat feature. I talked to the livechat and asked random questions that a legit customer would be curious about such as expiration date of the gift cards, how quick is delivery, how do I attach the amazon cards to my amazon account, etc. don't worry about sounding stupid as most legitimate people are stupid anyway. The point of all of this is for the customer service rep to put notes on your account detailing the questions you asked. this will help later during post-checkout when they're verifying your purchase. They'll notice the notes on my profile and it will obviously help in convincing them that I'm not a thief.
4. I would wait a little bit, sometimes a day, and then come back and make a very small purchase of $10-20. these should go through easily after everything you did so long as you confirmed that the cards you attached are live. why so small? i wanted to build a purchase history on my account making bigger purchases on a later date much more viable. sometimes i'd do two small purchases. don't worry about the card cancelling as most standard CC should be able to handle a couple of $10-20 purchases without having a fit. obviously some will still be discovered anyway, but no big deal. shit happens
5. after all of this, I would come back and hit them ALL for a big $500 amazon gift card. as I've already put in the work to look legit and already accumulated a purchase history, this site in particular had no issue instantly delivering the $500 card to my email. if you're too lazy to do the math:
30 accounts X $500= $15,000 in Amazon gift cards. Obviously some of cards will end up cancelling, so not always that much, but close to it. For just 2-4 days of work that's not bad is it?
The site in question no longer works for such a thing and I will not give it out for security reasons, but I just wanted to give you an idea on how I work digital items. You often have to go the extra step to really make money. Use your head, think like a legitimate customer and not like a thief. You'll see the money come in.
|
Decent tips -- although surely overwhelming for the OP.
I have a few bits here to share overall.
Having an "aged" email that was never used in previous orders is as useful as a newly created email; while having an "aged" email that was involved in fraudulent orders in the past is worse than a newly created email.
Emailage, Sift Science, and other similar fraud-prevention tools do NOT actually have access to the creation date of the email from the provider (and they never make that claim). The way they work is by having a group of merchants share data about their orders and your email "age" is inferred from its existence (or lack thereof) in the
earliest order in the repository, and, if present, whether that email has been involved in legitimate or fraudulent orders. Therefore, there is no actual need to purchase an "aged" email that was unused.
The second point concerns how merchants are able to verify whether the name supplied matches what's embossed on the card. While it is true that processors aren't able to match the name supplied with the name on the card like they are able to do with other numerical data (such as numerical portion of address, zip, CC#, EXP, and CVV), and while it is true that merchants can manually verify the data by calling the issuing bank, there is often an automated step in the middle that I have never personally seen shared on any forum. A merchant can attempt to match the name supplied against the array of people that are listed to live on a particular address.
What happens here is two things, if the name supplied does indeed match the name of one of the people listed as residing at a particular address, the merchant can safely assume that it is the actual cardholder (although it could very reasonably be a sibling or a relative, or even a roommate of the actual cardholder placing the order instead), and in this case, this signal can be deemed safe. Whereas if the name does not match against any in the array, the risk is elevated (merchants are well-aware of thieves changing the billing address before placing a fraudulent order OR redirecting a shipment once an order has been shipped to the real billing address since the name matches the thief's name).
There are some other points, but this should be enough for now.