The key major updates done to this carding textbook: it will covers the basic of most carding knowledge. Going into absolutely everything would mean having to go into ID theft and fake IDs which can be classed as 2 different categories of their own.
What I’m going to cover:
A quick overview of what online carding is
- SOCKS and why we use them
- Finding a cardable site and what cardable means
- Carding “non cardable websites” with fake CC scans and other fake documents
Carding while on the job
- Getting CC, CVV, CVV2 through use of mobiles
- Skimming whilst on the job
- Using carbonless receipts to get details (pretty outdated method)
- Trashing for receipts and credit reports (pretty outdated although still works)
- Phishing over the phone for details
- Hardware keylogging
- What in-store carding is (very brief)
- How it’s done
- How to act and present yourself in-store
- Carding over the phone
- Services provided in IRC
- Advantages to using IRC for info
- Disadvantages
- How to find carding channels (Will not go too much into this as there are secrets
- Vendors and how to approach them
- How to rip in IRC (Every vendor, reliable or not has ripped some noob who acted like they knew what they were doing)
- What COB is and why it’s useful
- Use through phishing pages
- Use through keylogging
- Drops and what you need to know about them
What carding is:
Carding summed up quickly is the act of obtaining someone’s credit card information, from the CC#, CVV, CVV2, CVN, and the billing address, along with the expiry date and name of the person the card belongs to along with a signature.
Online Carding
Online carding is the purchasing of goods done over the internet with the CVV2. Now for you n00bies you’re probably wondering what a CVV2 is, it’s simply just the database of basic info for the card such as the card type (e.g. Mastercard) First and last name, address and post code, phone number of the card owner, the expiry date (and start date if it’s a debit card or prepaid CC), the actual CC number and the CVC (card verification code, which is the 3 digits on the back of the card).
This is the format you usually get them in when you buy off IRC:
:::MC ::: Mr Nigerian Mugu ::: 1234567890123456 ::: 09|11 ::: 01/15 ::: 123 ::: 123 fake street, fakeville, ::: Fake City ::: DE24 TRH ::: 01234-567890 :::
SOCKS and why we use them
Now with ANY fraud at all you have to take precautions so you don’t make it easy for anyone to catch you in your wrong doings. As usual I swear against TOR for carding/scamming because most nodes are blacklisted by websites and because TOR cycles through various different proxies; and even if you configure it to go straight through an exit node of your choice it’s still not worth it. You can use JAP but make sure you’re using some constant sock proxies from the same city, town or area that the card is from; also go war-driving and use a VPN (don’t trust anyone off IRC with these, won’t comply with LE).
You can get good SOCKS here (people are selling accounts for the site in IRC all the time), that’s the best place but even I ended up losing the account eventually.
want FRESH proxies every time you card.