Fraudbox
Junior Contributor
VIP
- Joined
- Mar 18, 2022
- Threads
- 33
- Post Replies
- 60
- Status
- offline
- Last seen
Introduction
Carding is an art form, and a difficult one at that to master.
Today's protected payment systems try to stop most attempts to fraudulently use cards that are not of the individuals property. However, with a bit of perseverance, hind-sight knowledge, creativity and some initial investment funds, you can imitate the Card Holder(CH) well enough to beat the fraud detection systems built within payment processors that work by the Payment Card Industry Data Security Standard(PCIDSS).
PCIDSS Meaning/Explanation
The PCIDSS includes certain factors that are checked every time a credit card transaction is
attempted. It is these factors that they look for to determine the possibility of the
transaction being fraudulent, and give you what I will refer to as the "Fraud Score".
With that knowledge, we can see that every payment processor is designed to let transactions
be processed. By imitating the CH well enough based on the determinative factors, we can
allow ANY transaction to go through.
___________________________________________________________________________________________________________________________________
ThreatMetrix
See the periodic table of threats to a payment's legitimacy and digital identity assessment:
Digital Identity Periodic Table | LexisNexis Risk Solutions
Visually explore the elements that make digital identity highly effective for frictionless fraud prevention, authentication and threat detection.
___________________________________________________________________________________________________________________________________
Avoiding VBV/MSC
To find a site to card you must first understand the PCIDSS of the payment system you�ll be
using. The payment system could be �authorize.net� as it does not require VBV/MSC
authentication We just need to avoid the declination triggers mentioned later.
___________________________________________________________________________________________________________________________________
Finding Sites To Card
With the target payment processor, that does not use VBV/MSC
( Authorize.Net | 400k+ Merchants ). We can find online stores that use
Authorize.Net by using Google and Search Operators. Replace Search Term in
double quotes with your desired product or product category.
Example
�authorize.net merchant� -site:authorize.net �Search Term�
�stripe merchant� -site:stripe.com �Search Term�
�braintree merchant� -site:braintreepayments.com �Search Term�
Putting a phrase into double quotation marks while searching Google will look for
pages with the exact keyword match, the �site:� Operator will only show results from
that site, the �-site:� operator will exclude the site and its results.
___________________________________________________________________________________________________________________________________
Declination Triggers
Braintree, authorize.net and stripe all have standard PCIs that once analysed,
gives you a pretty good idea on what the system looks for and classify as a
"could be fraud". Some of the device, browser and connection data collected to
verify transactions by processors heads into the hundreds, especially amazon,
paypal and skrill.
The process of finding the PCIs was a simple process of trial and error, some of
the device fingerprints they look for include;
- System Clock
- Time Zone
- Operating System
- Operating System Username
- Browser Fingerprints
- Cookies
- Caches
- I.P
- Using a Proxy
- Unusual or large Transactions
- Location
- User-Agent
- HTTP_Headers
- Browser Plugins
- Screen Size and zoom
- System Fonts (Times New Roma, Tahoma)
- Names / DOB/ SSN/ ADDRESS
- Copy & Paste Credentials
- Residential/data-cantre/spam RDP/socks
- Card Tagging
- Connection Speed (Due To Proxies)
- Email Domain authenticity and age (.edu is the best)
- Shipping Address / Billing Address
___________________________________________________________________________________________________________________________________
OPSEC (Operation Security) & Staying Anonymous
What You Should Know Before You Begin;
- Remmina is an RDP (Remote Desktop Protocol) Client
- VPN Is A Virtual Private Network that hides your IP
- Tor Facilitates An Anonymous Connection
Into Remotely And Use As Our Own.
- VMWare is a Virtual Machine That Hosts The Operating System We'll be using (Ubuntu)
- Socks Proxy Checker is Proxy-client that will connect to a remote Socks5 Proxy.
- Socks5 Proxy Server is the server located within vicinity of the victim.
___________________________________________________________________________________________________________________________________
#1 - Download, install and start VMWare Workstation
#2 - Download Ubuntu and start it with VMWare.
#3 - In Ubuntu, download, install and start "Tor Browser"
#4 - Download & install "Mulvvadvpn" to Ubuntu
PAY WITH BTC!
#5 - Start MullvadVPN
___________________________________________________________________________________________________________________________________
Your connection should then look like this:
Your OS -> VMWare -> Ubuntu -> VPN+Tor
___________________________________________________________________________________________________________________________________
#7 - Buy yourself a RDP Server From
#8 - Install Remmina RDP client on the virtual machine
#9 - Use Remmina to open a "Remote Desktop" connection to your RDP server
___________________________________________________________________________________________________________________________________
Your connection should then look like this:
Your OS -> VMWare -> Ubuntu -> VPN+Tor -> Hacked RDP Server
___________________________________________________________________________________________________________________________________
#10 - Download Socks Proxy Checker and firefox to the RDP Server,
then install the plugin
#11 - Buy a socks5 proxy server from premsocks.com or alternative provider,
in your victims city there 911.re good too
#12 - Connect to the Socks5 Server with Socks Proxy Checker
Note: Always check your location with an ip to location service.
___________________________________________________________________________________________________________________________________
Your connection should then look like this:
Your OS -> VMWare -> Ubuntu -> VPN+Tor -> RDP Server -> Socks5 Proxy (victims location)
Now you eady to can use the cards and making safe carding