Jollier
Professional
- Messages
- 1,456
- Reaction score
- 1,456
- Points
- 113
Hello! Today we will discuss a slippery, very sensitive topic - fraud on the Internet, namely - carding. First, let's define the concept of what carding is, aka carding - stealing. This is a virtual mugging, only in the role of a mugger not in Adidas, but a nerd at the PC. In simple words, when someone got to your card details and tries to spend money on personal needs.
Be it a game on Steam, a Facebook advertising account, buying an iPhone for subsequent resale or a gift certificate on Ozon. In short, any unauthorized spending of money from someone else's card is carding. Yes, once I secretly took a card from my dad and donated to tanks, deleting SMS from the writings. This is also a kind of carding. In this topic, we will not consider the physical theft of a card, after all, we are talking about Internet things here.
So, how does this card end up in the hands of criminals?
Item 1. Hacked servers of online stores and payment systems. This is when one of the big ones gets worse, and then all these databases, including payment orders, are sold on the Internet.
Item 2. Remote access program. Spy Trojans. In short, all these are viruses that infect your phone or computer and extract the necessary data for criminals. For example, you downloaded some movie from a shady site in the avengers.exe format, and that's it, you're on the hook. It all works much more complicated, but in a nutshell, it's something like this.
Item 3. Phishing. From the English word "fishing". In fact, this is just a complete copy of a popular site, where a person can inadvertently leave their logins, passwords, card details. It looks like this. Instead of bank.com, you somehow miraculously got to banc.com. The site imitates a familiar design and interface, but its only goal is to steal your data.
Item 4. Social engineering. This includes calls from supposedly bank representatives.
For example, some Vasya from the same Sberbank says that there was a suspicious action on your card. Now we need you to tell us the numbers at the front, bottom, and back. Another option is correspondence in instant messengers and social networks. When the same Vasya communicates with you online, and under any pretext, be it pain, grandmothers, floods in the village, they try to find out your card details. And, by the way, do not be surprised that these guys know your full name and phone number. There are really a lot of leaked databases with personal data, and anyone can buy them.
Let's figure out how the so-called hit is done. Hit is a synonym for carding. The goal of the scammers is to cash out money in a way that leaves no trace. This could be buying gift cards, certificates, buying games on an account, or even launching ads on social networks. A slightly more dangerous scheme is ordering real goods with subsequent resale at a discount. Here you need to involve third parties, the so-called drops. A drop is a person in whose name the goods are ordered, actually, the recipient of the goods.
More about this process. Drops receive the goods, send them to the carder from a certain fence. Or sell them, after which they put the money into the carder's account. Drops are not always some bad people who pursue selfish goals. Often, they themselves, without suspecting it, become victims of scammers. Under the pretext of "help me, please, they don't send parcels to my village," the carder draws an unsuspecting victim into a money laundering scheme. The tragedy of the situation is that the drops are the ones who risk the most.
It is their real names and addresses that are exposed. So, in case of any investigations, the police will come to them first. For carding, they use hacked computers of citizens, virtual machines, android emulators, VPN and proxy chains, anti-detect browsers and other incomprehensible things for anonymity. That is why it is very difficult to track down such guys. One way or another, carders have one goal - to spend other people's money and get a profit. The largest case of carding was registered in 2007.
Hacker Albert Gonzalez received information on more than 130 million credit and debit cards of Americans. Having received the data, he put it up for sale on his own carder exchange. Other attackers could buy them for subsequent fraudulent actions. Gonzalez received 20 years in prison. Another well-known case is the attack on the WorldPay payment system of the Royal Bank of Scotland in 2008. A group of carders, led by Russian Viktor Pleshchak, withdrew more than $9 million from two thousand ATMs in 280 cities around the world.
The attack took less than 12 hours. The identity of the perpetrators was established only a year later. Gonzalez and Pleshchak were jailed, but the stores using stolen cards did not go away. Hundreds of suppliers can be found not only on the Darknet, but also on the regular white Internet. A bunch of shadow forums that provide such services live peacefully. To my great misfortune, the dark world of carding is thriving, and many scammers are still at large.
Most of these superminds live in the Darknet. The Darknet is the same Internet, but the sites there do not open with regular browsers. They are all anonymous as hell, almost impossible to block. And they sell all sorts of illegal stuff there, like stolen cards, weapons, and drugs. If you suddenly find yourself on a site and its domain name looks something like this, congratulations, you have found the entrance to the Darknet. But this dump is not limited to the Darknet. By entering the search for Telegram "carding", you can find dozens of channels with carding training, selling stolen cards.
But, my young friend, if you have already thought about getting into carding, counting on anonymously buying other people's cards for relatively little money, I hasten to disappoint you.
Among the sellers of plastic there are a lot of scammers who push fake numbers under the guise of real cards. In addition, you can run into a person in uniform, and this will clearly not end well. But if you do find a normal seller, you can buy cards, understand the process, become a fucking anonymous and savvy guy, Sooner or later you will be jailed. They will definitely be jailed. If you came across more famous and savvy carders involved in carding, including in the CIS countries.
Chocolate is not guilty of anything, guys. The guy was on his way to success. It didn’t work out, he was unlucky.
Then why wouldn’t you, so unique, get caught? Will you play with small amounts and therefore avoid punishment? Well, why risk your freedom for the sake of a hundred bucks? It’s better to go to an educational portal and learn how to make money legally on online advertising. In order to keep your nerves in order. And the card in its integrity just needs to adhere to a few rules:
1. Do not follow suspicious links, and especially do not download or install files of questionable content.
2. Set limits on online payments.
3. Don't forget about antivirus. Yes, many will say that I'm some kind of old man using antivirus, but believe me, it's better with it.
4. Don't keep all your eggs in one basket. Use one card for everyday purchases, and the second only for storing large sums. And, of course, don't show yourself anywhere.
5. SMS notifications. Connect them.
6. If none of this helped, and the money was still written off from the card without your knowledge, call the bank and say that your money was taken by carders. They will block the card. Come to the bank, write a written statement, and they will decide whether to return your money or not. Your task is to prove to the bank that the write-off was without your permission.
If you think that carding is a super anonymous, easy way to make money, forget it and eat mashed potatoes. Shops, payment systems and the police do not sit still when it comes to cybersecurity, and everyone makes mistakes. Everyone makes mistakes, that's a fact. If you, my friend, decide to go to the dark side, remember, everything secret becomes clear. That's all. Appreciate freedom.
Be it a game on Steam, a Facebook advertising account, buying an iPhone for subsequent resale or a gift certificate on Ozon. In short, any unauthorized spending of money from someone else's card is carding. Yes, once I secretly took a card from my dad and donated to tanks, deleting SMS from the writings. This is also a kind of carding. In this topic, we will not consider the physical theft of a card, after all, we are talking about Internet things here.
So, how does this card end up in the hands of criminals?
Item 1. Hacked servers of online stores and payment systems. This is when one of the big ones gets worse, and then all these databases, including payment orders, are sold on the Internet.
Item 2. Remote access program. Spy Trojans. In short, all these are viruses that infect your phone or computer and extract the necessary data for criminals. For example, you downloaded some movie from a shady site in the avengers.exe format, and that's it, you're on the hook. It all works much more complicated, but in a nutshell, it's something like this.
Item 3. Phishing. From the English word "fishing". In fact, this is just a complete copy of a popular site, where a person can inadvertently leave their logins, passwords, card details. It looks like this. Instead of bank.com, you somehow miraculously got to banc.com. The site imitates a familiar design and interface, but its only goal is to steal your data.
Item 4. Social engineering. This includes calls from supposedly bank representatives.
For example, some Vasya from the same Sberbank says that there was a suspicious action on your card. Now we need you to tell us the numbers at the front, bottom, and back. Another option is correspondence in instant messengers and social networks. When the same Vasya communicates with you online, and under any pretext, be it pain, grandmothers, floods in the village, they try to find out your card details. And, by the way, do not be surprised that these guys know your full name and phone number. There are really a lot of leaked databases with personal data, and anyone can buy them.
Let's figure out how the so-called hit is done. Hit is a synonym for carding. The goal of the scammers is to cash out money in a way that leaves no trace. This could be buying gift cards, certificates, buying games on an account, or even launching ads on social networks. A slightly more dangerous scheme is ordering real goods with subsequent resale at a discount. Here you need to involve third parties, the so-called drops. A drop is a person in whose name the goods are ordered, actually, the recipient of the goods.
More about this process. Drops receive the goods, send them to the carder from a certain fence. Or sell them, after which they put the money into the carder's account. Drops are not always some bad people who pursue selfish goals. Often, they themselves, without suspecting it, become victims of scammers. Under the pretext of "help me, please, they don't send parcels to my village," the carder draws an unsuspecting victim into a money laundering scheme. The tragedy of the situation is that the drops are the ones who risk the most.
It is their real names and addresses that are exposed. So, in case of any investigations, the police will come to them first. For carding, they use hacked computers of citizens, virtual machines, android emulators, VPN and proxy chains, anti-detect browsers and other incomprehensible things for anonymity. That is why it is very difficult to track down such guys. One way or another, carders have one goal - to spend other people's money and get a profit. The largest case of carding was registered in 2007.
Hacker Albert Gonzalez received information on more than 130 million credit and debit cards of Americans. Having received the data, he put it up for sale on his own carder exchange. Other attackers could buy them for subsequent fraudulent actions. Gonzalez received 20 years in prison. Another well-known case is the attack on the WorldPay payment system of the Royal Bank of Scotland in 2008. A group of carders, led by Russian Viktor Pleshchak, withdrew more than $9 million from two thousand ATMs in 280 cities around the world.
The attack took less than 12 hours. The identity of the perpetrators was established only a year later. Gonzalez and Pleshchak were jailed, but the stores using stolen cards did not go away. Hundreds of suppliers can be found not only on the Darknet, but also on the regular white Internet. A bunch of shadow forums that provide such services live peacefully. To my great misfortune, the dark world of carding is thriving, and many scammers are still at large.
Most of these superminds live in the Darknet. The Darknet is the same Internet, but the sites there do not open with regular browsers. They are all anonymous as hell, almost impossible to block. And they sell all sorts of illegal stuff there, like stolen cards, weapons, and drugs. If you suddenly find yourself on a site and its domain name looks something like this, congratulations, you have found the entrance to the Darknet. But this dump is not limited to the Darknet. By entering the search for Telegram "carding", you can find dozens of channels with carding training, selling stolen cards.
But, my young friend, if you have already thought about getting into carding, counting on anonymously buying other people's cards for relatively little money, I hasten to disappoint you.
Among the sellers of plastic there are a lot of scammers who push fake numbers under the guise of real cards. In addition, you can run into a person in uniform, and this will clearly not end well. But if you do find a normal seller, you can buy cards, understand the process, become a fucking anonymous and savvy guy, Sooner or later you will be jailed. They will definitely be jailed. If you came across more famous and savvy carders involved in carding, including in the CIS countries.
Chocolate is not guilty of anything, guys. The guy was on his way to success. It didn’t work out, he was unlucky.
Then why wouldn’t you, so unique, get caught? Will you play with small amounts and therefore avoid punishment? Well, why risk your freedom for the sake of a hundred bucks? It’s better to go to an educational portal and learn how to make money legally on online advertising. In order to keep your nerves in order. And the card in its integrity just needs to adhere to a few rules:
1. Do not follow suspicious links, and especially do not download or install files of questionable content.
2. Set limits on online payments.
3. Don't forget about antivirus. Yes, many will say that I'm some kind of old man using antivirus, but believe me, it's better with it.
4. Don't keep all your eggs in one basket. Use one card for everyday purchases, and the second only for storing large sums. And, of course, don't show yourself anywhere.
5. SMS notifications. Connect them.
6. If none of this helped, and the money was still written off from the card without your knowledge, call the bank and say that your money was taken by carders. They will block the card. Come to the bank, write a written statement, and they will decide whether to return your money or not. Your task is to prove to the bank that the write-off was without your permission.
If you think that carding is a super anonymous, easy way to make money, forget it and eat mashed potatoes. Shops, payment systems and the police do not sit still when it comes to cybersecurity, and everyone makes mistakes. Everyone makes mistakes, that's a fact. If you, my friend, decide to go to the dark side, remember, everything secret becomes clear. That's all. Appreciate freedom.
