Back to Cashout Methods
OPSEC

OPSEC for Carding and Bank Fraud

INTRODUCTION
Carding is a real art form, and it ain’t easy to master, that’s for sure. These days, the payment systems are pretty well protected, trying to stop most of us from using cards that don’t belong to us. But with a bit of determination, some insider knowledge, a touch of creativity, and a bit of startup cash, you can impersonate the Card Holder (CH) well enough to beat the fraud detection systems built into the payment processors that follow the Payment Card Industry Data Security Standard (PCIDSS).

The PCIDSS has a bunch of factors that they check every time someone tries to make a credit card transaction. These are the things they look at to figure out if the transaction might be dodgy, and they give you what I like to call the “Fraud Score”.

With that in mind, we can see that every payment processor is designed to let legit transactions go through. So, if you can imitate the CH well enough based on those key factors, you can get any transaction to go through.

Threat Matrix
Check out the periodic table of threats to a payment’s legitimacy and digital identity assessment: https://risk.lexisnexis.com/digital-ide … odic-table

Avoiding VBV/MSC
To find a site to card, you first need to understand the PCIDSS of the payment system you’ll be using. A good option could be “authorize.net” as it doesn’t require VBV/MSC authentication. The key is to avoid the declination triggers we’ll discuss later.

Finding Cardable Sites
If you’re looking to card somewhere, you gotta find a payment processor that doesn’t use VBV/MSC, like Authorize.Net – they’ve got over 400,000 merchants on their books. To find online stores using Authorize.Net, just jump on Google and use some handy search operators.
Try something like this: “authorize.net merchant” -site:authorize.net “your desired product or category”
You can also swap out “authorize.net” for other processors like “stripe merchant” -site:stripe.com “product” or “braintree merchant” -site:braintreepayments.com “product”.
The key is putting your search term in double quotes to look for the exact match, using the “site:” operator to only show results from that site, and the “-site:” operator to exclude a site and its results.

Declination Triggers
The big payment processors like Braintree, Authorize.Net, and Stripe all have their own standard PCI checks that can give you a good idea of what they’re looking for to flag a transaction as potentially fraudulent. The device, browser, and connection data they collect to verify transactions can get pretty extensive, especially with the likes of Amazon, PayPal, and Skrill.

The process o’ findin’ the PCIs wis a simple yin o’ trial an’ error, some o’ the device fingerprints they look fur include:

  • Device Fingerprints
  • System Clock
  • Time Zone
  • Operatin’ System
  • Operatin’ System Username
  • Browser Fingerprints
  • Cookies
  • Caches
  • IP
  • Usin’ a Proxy
  • Unusual or large Transactions
  • Location
  • User-Agent
  • HTTP_Headers
  • Browser Plugins
  • Screen Size an’ zoom
  • System Fonts (Times New Roma, Tahoma)
  • Names / DOB/ SSN/ ADDRESS
  • Copy & Paste Credentials
  • Residential/data-cantre/spam RDP/socks
  • Card Tagging
  • Connection Speed (Due To Proxies)
  • Email Domain authenticity an’ age (.edu is the best)
  • Shippin’ Address / Billin’ Address.

OPSEC an’ Staying Anonymous fur Carding and Bank Fraud
Whit Ye Should Ken Afore Ye Begin:

  • Remmina is an RDP (Remote Desktop Protocol) Client
  • VPN Is A Virtual Private Network that hides yer IP
  • Tor Facilitates An Anonymous Connection Into Remotely An’ Use As Oor Ain.
  • VMWare is a Virtual Machine That Hosts The Operatin’ System We’ll be usin’ (Ubuntu)
  • Socks Proxy Checker is Proxy-client that will connect tae a remote Socks5 Proxy.

Socks5 Proxy Server is the server located within vicinity o’ the victim.
1.- Download, install an’ start VMWare Workstation.
2.- Download Ubuntu an’ start it wi’ VMWare.
3.- In Ubuntu, download, install an’ start “Tor Browser”.
4.- Download & install “MullvadVPN” tae Ubuntu and PAY WI’ BTC!
5.- Start MullvadVPN.
Yer connection should then look like this: Yer OS -> VMWare -> Ubuntu -> VPN+Tor.
6.- Buy yersel’ a RDP Server Frae. PAY WI’ BTC!
7.- Install Remmina RDP client on the virtual machine.
8.- Use Remmina tae open a “Remote Desktop” connection tae yer RDP server.
Yer connection should then look like this: Yer OS -> VMWare -> Ubuntu -> VPN+Tor -> RDP Server.
9.- Download Socks Proxy Checker an’ firefox tae the RDP Server, then install the plugin.
10.- Buy a socks5 proxy server frae premsocks.com or alternative provider.
11.- Connect tae the Socks5 Server wi’ Socks Proxy Checker.
Note: Aye, always check yer location wi’ an IP tae location service.
Yer connection should then look like this: Yer OS -> VMWare -> Ubuntu -> VPN+Tor -> RDP Server -> Socks5 Proxy (victims location).

Noo ye’re ready tae use the cards an’ makin’ safe cardin’!

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Cashout Methods