Carding
Professional
- Messages
- 2,871
- Reaction score
- 2,333
- Points
- 113
Lecturer: Hoseramires
[19:10:20] <Hoseramires> In today's lecture we will look at the concept of antifraud, everyone has heard it, but not many understand what it is and how to work with it
[19:10:38] <Hoseramires> Why, with seemingly the same parameters, some are able to place an order and others cannot, why, with an identical sequence of your actions, with clean IPs, we get a lock of our accounts.
[19:11:08] <Hoseramires> Why can’t we pay for some service even with a blank card, with our own money?
[19:11:22] <Hoseramires> All this happens due to a lack of understanding of how the payment system works, how Antifraud works, what happens when you enter a card in a shop, because there is no understanding of the picture as a whole, it seems simple, but those methods that worked 2 years ago - they don’t work at all now, everyone has heard the concept of a shop tightening the nuts and stopping giving, but what does it mean to tighten the nuts?
[19:12:15] <Hoseramires> There are also guys who seem to work successfully without delving into anti-fraud systems, and I think there are such people too, but you need to dig a little deeper - what kind of stores do they operate? What kind of goods are in these stores? And it will become clear that these are small shops that did not have time to connect a decent anti-fraud system, or these are shops in small countries, for example, Kyrgyzstan. Of course, such schemes can work, but they die very, very quickly, connecting to new anti-fraud systems or training the system using machine learning.
[19:13:31] <Hoseramires> Let's skip all the stages of searching for shops, registering in them, this is all part of the process, let's look at the payment stage.
[19:13:48] <Hoseramires> When entering the card number on the payment page, our payment does not go directly to the bank, but goes to a third-party service - Antifraud service, which analyzes all the information that you provided about yourself, and this is not only those the data that you entered manually, such as address, telephone, mail, card and everything else, the system also evaluates you according to those parameters that are not obvious but are unique for each user in the store.
[19:14:48] <Hoseramires> If at this stage the anti-fraud does not have questions for us, or there are, but we have not scored enough fraud points to get us on board right away, our payment goes to the next stage of verification - this is an anti-fraud of the visa system itself , mastercard and others, at this stage we may be asked for a 3DS, this is not a mandatory stage, but it exists and that’s why we are considering it.
[19:15:38] <Hoseramires> Only after these checks does our payment reach the bank, where the bank, based on the results of checking the antifraud systems, sees that we are all white and fluffy and debits the money from our account, and the payment goes to the store.
[19:16:06] <Hoseramires> Everyone is happy - the shop gets money, someone gets a product or service, but what happens behind the scenes of these checks? What do antifraud systems look at?
[19:16:28] <Hoseramires> There are 2 types of anti-fraud systems, open - these are those where we can see what is being checked and closed - in which we will never know exactly what is being analyzed, we will look at the open infrastructure anti-fraud system, look at those parameters which can be analyzed by fraud
[19:17:08] <Hoseramires> There are about 170 such main parameters and this is at the moment, before there were fewer, later there will be more
[19:17:23] <Hoseramires> There is an anti-fraud system SEON (seon.io) this is a powerful anti-fraud system that works with large companies Forex Club, Air France, After Pay, PokerStar, Home Credit and hundreds of others, these are those who agreed place your logo on the home page, most do not do this for security reasons.
[19:18:08] <Hoseramires> But even with those that are on the main page, it is clear that these are very large companies.
[19:18:20] <Hoseramires> https://ibb.co/8KGVr40
[19:18:24] <Hoseramires> This service allows you to look inside this system and do it for free, I think that
[19:18:38] <Hoseramires> this opportunity may be closed in the near future
[19:18:45] <Hoseramires> https://ibb.co/4KFTnr5
[19:18:49] <Hoseramires> Since you are registering in the anti-fraud system, do not forget that you and your registration will also be analyzed, and you will not be able to register with the wrong email or even with a dirty Google account, do it on clean mail.
[19:19:23] <Hoseramires> After registration, we see this powerful tool from the inside, and what to see and what is important for this system - go to the Scoring Engine tab and then in the default rules this will be enough to understand.
[19:19:53] <Hoseramires> https://ibb.co/hgJsMRn
[19:19:57] <Hoseramires> we see a bunch of parameters that can be sorted by fraud points or importance for the system
[19:20:11] <Hoseramires> https://ibb.co/hFW8pWB
[19:20:14] <Hoseramires> we see what is important and also what category this parameter belongs to.
[19:20:25] <Hoseramires> The first parameter that can kill all pure thoughts and undertakings is if you use Tor to visit the site, you will receive an instant ban, even if you have super trust mail, a clean system and other parameters - immediately by
[19:21:00] <Hoseramires> The second most important parameter concerns your mail - the use of disposable mail will also negate all your further efforts.
[19:21:20] <Hoseramires> The third important parameter and immediately a big jump in points, there are only 20 of them - this is the use of a proxy - if you get caught doing this, then you get 20 points - not critical - but they will
[19:21:44] <Hoseramires> The fourth parameter is your mail, whether you use normal mail or just typed letters, added a dog with the left domain and .com, here you will also get 20 points
[19:22:09] <Hoseramires> ID RULE NAME | SCORE CATEGORY
[19:22:15] <Hoseramires> P103 Customer is using TOR |95 IP Rules
[19:22:21] <Hoseramires> E100 Domain is disposable |80 Email Rules
[19:22:27] <Hoseramires> P105 Customer is using a Web proxy |20 IP Rules
[19:22:34] <Hoseramires> E120 Domain is not registered |20 Email Rules
[19:22:41] <Hoseramires> HC117 Suspicious browser profile - Bots and automation |12 Other Rules
[19:22:52] <Hoseramires> PH105 Phone is disposable |10 Phone Rules
[19:22:58] <Hoseramires> P112 Customer is using public proxy |10 IP Rules
[19:23:06] <Hoseramires> HC107 Customer is from Nordic country and using VPN |10 Other Rules
[19:23:16] <Hoseramires> P106 Customer is using a datacenter ISP |10 IP Rules
[19:23:24] <Hoseramires> E102 Domain is custom and was registered less than 1 month ago. No online profiles were found. It was not involved in a data breach |10 Email Rules
[19:23:46] <Hoseramires> E114 Domain is a free provider. No online profiles were found. It was not involved in a data breach |10 Email Rules
[19:24:03] <Hoseramires> HC125 Suspicious browser profile - Spoofing |8 Other Rules
[19:24:11] <Hoseramires> HC124 Browser version age is greater or equal to 5 years |8 Other Rules
[19:24:22] <Hoseramires> PH103 Phone is not possible |8 Phone Rules
[19:24:29] <Hoseramires> The remaining parameters are less important, and the average parameters for the successful passage of this system are about 50 points, if you don’t screw up too hard, then everything will be ok.
[19:24:54] <Hoseramires> But these are all default parameters, just what is there, but what will not be used in this form by default.
[19:25:10] <Hoseramires> And what can the anti-fraud system find out about us if desired, what parameters are available for analysis? This question will be answered by the Custom Rules tab, where you can see all possible parameters
[19:25:37] <Hoseramires> We create a new rule for evaluation and see that only this system can see about 470 parameters about us, each of which can be configured and each of which can be assigned its own value for fraud points
[19:26:07] <Hoseramires> Once again - 470 parameters that the system sees about you.
[19:26:15] <Hoseramires> Most, of course, will not be analyzed by the antifraud by default, but if necessary, the rules will be configured so that they can see what they need in each specific case.
[19:26:42] <Hoseramires> In order not to clutter up the lecture, I will post all the parameters for analysis as a link to the private one, you can take a look.
[19:26:57] <Hoseramires> https://privnote.com/OASAlqot#gbMmGuFzy
[19:27:03] <Hoseramires> Let's go over the main ones
[19:27:08] <Hoseramires> + Mail - registered social networks Facebook LinkedIn GitHub Vimeo Flickr Foursquare LastFM Myspace Pinterest Skype Yahoo Twitter Apple Yahoo Ebay Gravatar Airbnb and dozens of others, including Odnoklassniki and VKontakte - you can check not only whether your account is registered or not , but also filled in fields - last name, first name, biography and the rest. This parameter is one of the most important, since there are no living people who do not have this, which means that either this is a newly created account of a living person or it was created for some purpose - but in any case, this is out of the ordinary
[19:28:30] <Hoseramires> + Phone number - Skype Viber Whatsapp + the same social networks as when analyzing mail, plus the validity of the phone, operator, country, etc.
[19:28:49] <Hoseramires> Please note these are the most important parameters that are currently used in most antifraud systems.
[19:29:05] <Hoseramires> And when you use Google Voice, you should immediately understand that it’s all visible, and you’ve already collected extra fraud points
[19:29:22] <Hoseramires> Google Voice, purchased somewhere in a bot, will not have registrations on social networks, will not have Viber and WhatsApp and other services. I've met Google Voice accounts that had some kind of registration, but these are just a few of the few, usually they are 100% clean
[19:29:58] <Hoseramires> I also draw attention to fake numbers, when you indicate false numbers or, even worse, fictitious ones. You must understand that the numbers in a phone number are just the tip of the iceberg, which contains tons of information.
[19:30:29] <Hoseramires> The phone verification system works on the Get Contact principle, it can check how the owner is recorded in the phone books of people with the account name
[19:30:51] <Hoseramires> + IP – cleanliness, blacklists, proxies, open ports, DNS and everything else related to your IP. This is the third important parameter that you need to work with; using a clean IP is +20% to your success.
[19:31:21] <Hoseramires> People with experience remember the time when the cleanliness of the IP was assessed by the ability to register mail on Google without a phone number, I don’t know if it works now or not, but now you understand that clean, new mail is a bright spot about you in any anti-fraud system, but a clean IP is always good)
[19:32:04] <Hoseramires> Also, this SEO system has machine learning, which will draw conclusions based on the history of work, even if something is not configured for it initially.
[19:32:27] <Hoseramires> How it works.
[19:32:30] <Hoseramires> You find a shop that allowed you to place an order for a good amount, you are glad, you made your first profit by selling this stuff cheaply, received a coin, and for the sake of a nice word you told about this shop and bin in to your small group in TG. Hungry classmates are sitting in this group, and having heard that there is a shop, that there is a passing bin, they begin to crowd into it the same bin, of which there are a lot in shops - no one had used it before - but then - things started to happen, you have to beat
[19:33:35] <Hoseramires> And there are such attempts to drive in, and this is nothing more than shopping in a store - instead of the usual 2 purchases per hour - 40 pass, and everything seems to be ok - clean sox, good mail - that's all as it should - and even the warrant was hanged - and then bang
[19:34:04] <Hoseramires> And the order was canceled 12 hours later.
[19:34:09] <Hoseramires> And what happened - after all, everything is clean - you can’t find fault. Yes, from the purity side there are no questions, but for the antifraud this is an anomaly - and the system signaled to the store owner that something was wrong. The owner came in the morning and canceled all orders that seemed suspicious to the system.
[19:34:48] <Hoseramires> https://ibb.co/7Ct6NQf
[19:34:52] <Hoseramires> You, having received the respect of your classmates for adjusting the giving scheme, the next day decide to make another pack, acting according to the “working scheme” you discover an instant Decline, since the system has learned, the owner adjusted it and the shop is bigger does not work according to this scheme. But what it doesn’t give is only to you, and ordinary customers to continue shopping there.
[19:35:42] <Hoseramires> Let's return to our anti-fraud system.
[19:35:47] <Hoseramires> In addition to all the parameters for evaluating us with the system, we can also check the parameters from which we will enter, your mail, telephone IP, addresses, and even your card, how many points you can count on.
[19:36:18] <Hoseramires> https://ibb.co/4pFmX3w
[19:36:22] <Hoseramires> Fill out the data that you have, mail, IP, and everything else, you don’t need to fill out all the fields - you simply won’t have some of the information - fill in what you have and get the output whether your drive will be successful or not is of course not a 100% guarantee, but having mastered this tool you will understand how your assessment system works and with the right skills - by adapting to them you can bypass any anti-fraud system.
[19:37:20] <Hoseramires> I draw your attention to the example of one anti-fraud system SEON - it is large, works with many services and shops, and if you have an identity (mail, phone, system, IP) that was exposed in one of of these services, then you can guess that with the same introductory information, you will get a turnaround in any other service or shop that is served by the current antifraud system.
[19:38:17] <Hoseramires> This is something that concerns exactly one system. But the parameters for assessing personality are very similar from one system to another. If your mail does not have registrations and is shown as a new region, it will be like this in all antifraud systems, even though the systems have different databases, and the dossier on your identity will be in one system; when you enter it into a shop, it is serviced in another antifraud system, it will pull up almost all the parameters and data that is stored on your personality in SEO.
[19:39:20] <Hoseramires> AF systems are growing and developing, and in order to be successful in our field, we must constantly monitor these changes and adapt to them.
[19:39:41] <Hoseramires> This is the end of the lecture, put a question mark and I will answer
[19:40:01] <Mr_Lotus> From the lecture - The second most important parameter concerns your mail - the use of disposable mail will also negate all your further efforts.
What does disposable mail mean?
Does this mean that you need to somehow warm up the mail in advance or let it go lightly?
Or should I buy a pre-heated one?
[19:41:38] <Hoseramires> Mr_Lotus: yopmail.com and the like are disposable mail, no amount of time will give results, only mail with a high social rating can help
[19:42:01] <Snork> At the last lecture it was said that you need to buy old mail.
Question: Even if the email is old, there are hardly any registrations there, then perhaps before entering you need to register social networks and so on?
How are you doing at this moment yourself, please tell me.
[19:42:19] <Snork> And is it necessary to register social networks in the name of the holder?
[19:45:19] <Hoseramires> Snork: simply registering on social networks will not give you absolutely anything, you need the mail of a real person who used it, if it is a 2-year-old mail, but for 2 years there is not a single registration on it then in terms of its social rating it will be equal to Novoreg mail, there is only one way out - buy good mail, and let it be in a different name, you can place an order for friends and acquaintances, but this will give you 100 points ahead of Novoreg
[19:45:36] <Serpantin666> Antifraud sees the registration date of the same Facebook and other social networks? What to do in this case?
[19:46:51] <Hoseramires> sees, but you’re asking for 1 parameter, and the other 140 don’t bother you? take good mail and let him see anything, you will be in a better position than with novoreg
[19:47:12] <ya8no> Greetings.) my question is - what does clean ip mean? How do you know if it's clean? and one more thing - how not to burn what you are using as a proxy? How can the system shoot at all in addition to blacklists?
[19:49:34] <Hoseramires> ya8no: good question, the cleanliness of the IP is checked using several dozen parameters, about 30-40, the most important of which are about 8, when you take a sock you always need to check how clean it is, and black sheets can be always, maybe 1-2 or maybe 20, and it will be a different situation, maybe since this IP for several years the Chinese have been brutalizing something - such a sock is clearly not suitable
[19:49:41] <Hoseramires> vitoscanelli: come on
[19:49:45] <vitoscanelli> sooner or later will driving (carding) die (purely your opinion)? considering how af develops, etc.?
[19:50:26] <Hoseramires> vitoscanelli: will die only when the end of the world comes, not before, there will always be holes that are used
[19:51:19] <KimJo> 1. If we check the data through SEO and go to enter it after a couple of hours, won’t this help us score bad points? It’s strange that someone checked this data and then almost immediately went to enter it. 2. It’s probably not worth registering your personal email on Seon? Is it better to buy a clean, resting one, for example? 3. Seon checks well how the AF system for a store or does the AF of banks also work on a similar principle?
[19:52:15] <Hoseramires> KimJo: 1 can't
2 not worth it
3 all systems work on the same principle since the initial data for analysis is the same for all
[19:52:58] <alcapon> I saw on the forum that someone advised to register social networks on newregs gmail? or is it completely pointless
[19:55:12] <Hoseramires> alcapon: depending on what the goal is, if you increase your social rating here and now, then it’s complete nonsense, if you masturbate, then it’s possible, if you manage social networks and maintain them for half a year, plus you use mail while you’re regulating it’s in different mailing lists and on different platforms - that’s normal, but after half a year, everyone decides for themselves whether they need it or not, it’s easier to give 2 bucks and get normal mail now, my opinion.
[19:55:39] <nlf> where to get actively used emails? are they sold somewhere on the forum? 2. I didn’t quite understand the seon. Is it possible to check the material that we will then enter there?
[19:57:26] <Hoseramires> nlf:
1 yes, on our forum, as well as in telegram channels there are such offers
2nd season is an anti-fraud system, and this allows you to look at the work from the inside, you can test the parameters that you will use when entering, and if you see that you are falling short somewhere, correct them
[19:57:44] <GorilaDuster> such a question, in previous classes it was said that it is better to create mail under the name CH, and this is not the first time it has been said that it is better to buy old mail, but if you buy old mail, there will be no opportunity to change the name. and the situation will turn out that the mail is to Vasya Pupkin and CH John McCain, which will be more destructive for AF?
[20:00:47] <Hoseramires> GorilaDuster: look, there is Vasya Pupkin, who can be checked and found on social networks and many other places, he has been using it for 10 years and has appeared everywhere, and there is John Smith, who appeared today and trying to buy a MacBook for 5k, who will be more trusted? what if Vasya Pupkin buys poppy seeds for his maternal brother John? who will be more trusted? I think the choice will be obvious
[20:01:15] <BaronLuffy> When you type in, when you’re already warming up the shop, it will be completely pointless to register a social network, it won’t even give you one point, right? Is it easier not to waste time and shoot like this, without social networks, or to buy a heated version? I saw the answers to the previous questions, I want to finally put an end to it for myself. I just saw somewhere that one of the lecturers had previously registered social networks on novoreg mail
[20:04:48] <Hoseramires> BaronLuffy: I highly recommend just doing an experiment, even with the same seon, check your personal old mail, and check your new account, and then register 3 dozen social networks on it and check it again, and you have everything will work out in your head, social networks will not change the social rating immediately, even in a week, this is a long painstaking process, and if you have a scheme that works exactly like this, but after a month or two, then you can edit new registers, edit social networks, and drive in 2 months, I think in theory such a scheme can also exist, but here you need to understand what kind of material you have, whether it will live that long or not, there are a lot of development options here
[20:06:03] <Dreamwalker> Is the Hushed service a good solution for our problems, or maybe there are other services that are more suitable? On Husha, for example, I can register all services and receive SMS for a long time and calls, which should give more trust.
[20:07:01] <Snork> Then maybe it makes sense to buy social network accounts? The same Facebook (with age), because the kit includes mail or another social network.
Also, what is the minimum age for mail?
How do you do it yourself?
Thank you.
[20:07:16] <Hoseramires> Dreamwalker: I haven’t encountered such a service, I can’t say anything
[20:11:57] <Hoseramires> Snork: regarding social networks - it’s not clear what it is, if this is one social network for which mail was managed, then this is not a working option, one social network does not make a difference at all, the concept What is mail age? you can take a mail that is 20 years old but for which nothing has been regulated for these 20 years - the social rating is pure zero, or you can take a six-month mail that will have an active life, and it will be top, only buying old mail will give results, a very good option is mail dead people, but this must be dealt with. after 2 years, according to the new rules, Google deletes emails that were not used, and such emails can be registered again, and with this approach there can be a bunch of registrations at the post office, a completely working option
[20:12:14] <korovka_stig> what’s the best way to deal with a phone? so as not to receive fraud points.
[20:13:20] <Hoseramires> korovka_stig: with a phone it’s more difficult, here you either indicate the phone number or look for some clean, real number with SMS reception
[20:14:51] <Hoseramires> haskj17: I missed you
[20:15:18] <Snork> And yet, please tell me how you do it yourself?
Are you buying old mail with a large number of registrations?
I apologize, but I want to understand the mechanism.
[20:15:59] <Hoseramires> Snork: yes, I buy mail with a high social rating, I don’t understand the question, there are offers on the market - you buy what you need
[20:16:13] <pyokey> Where can I buy a phone number?
[20:16:34] <haskj17> Hoseramires: I missed the point. I read an incomprehensible part of the lecture. Can I ask a question?
[20:16:48] <Hoseramires> pyokey: start your search from our forum, there are plenty of offers, look at the review services
[20:17:55] <ya8no> you said that you should always check how clean the sock is. How to do it ? or where can I read about this process?
and one more) can you recommend a tg service for buying old regs? Please
[20:18:03] <haskj17> What postal stores do you recommend? Today I was looking for services, specifically by mail, and there weren’t that many
[20:21:20] <Hoseramires> ya8no:
https://t.me/ip_score_checker_bot?start=3C0B939 this is an IP checker
There was also a bot by mail, but I couldn’t find it right away, but there are shops, ask in the Q&A, I don’t remember exactly what it’s called, they’ll send you a link there
[20:23:16] <Hoseramires> haskj17: I actually didn’t look well, they are sold in packs, you can find them more expensive and individually, or you can find them in packs and almost free, but the social rating will have to be checked separately, ya8no will ask on the forum - it will be possible enjoy
[20:23:40] <Hoseramires> guys, did you answer everyone? or who did you miss?
[20:23:51] <Serpantin666> It turns out that it’s quite suitable to work with logs from the stealer? After all, there are cookies and active mail
[20:24:11] <Hoseramires> Serpantin666: if you have access then yes, this is a good option
[20:24:49] <Snork> Only you still need to grow into a stealer?)
[20:25:45] <Hoseramires> Snork: yes, but it opens up huge prospects, but again you need volume, and do everything with your team, then there will be an effect
[20:26:48] <haskj17> Is a purchased log suitable for these purposes?
[20:27:05] <Hoseramires> haskj17: for which ones?
[20:27:26] <Snork> Off-topic question.
Will working with logs, etc. be discussed in lectures? BA for example or something else.
[20:27:38] <haskj17> We have a log with US mail. Is it suitable for hitting?
[20:27:42] <Hoseramires> Snork: will be
[20:28:46] <Hoseramires> haskj17: oh. the log does not give mail superpowers, also check the social rating - high - you can use it, low - you can also use it, but there will be little effect
[20:29:04] <Hoseramires> ok, if there are no questions, then good luck to everyone!! I recommend watching AF videos from vector T13, he looks at this direction well
[20:29:13] <Hoseramires> left
[19:10:20] <Hoseramires> In today's lecture we will look at the concept of antifraud, everyone has heard it, but not many understand what it is and how to work with it
[19:10:38] <Hoseramires> Why, with seemingly the same parameters, some are able to place an order and others cannot, why, with an identical sequence of your actions, with clean IPs, we get a lock of our accounts.
[19:11:08] <Hoseramires> Why can’t we pay for some service even with a blank card, with our own money?
[19:11:22] <Hoseramires> All this happens due to a lack of understanding of how the payment system works, how Antifraud works, what happens when you enter a card in a shop, because there is no understanding of the picture as a whole, it seems simple, but those methods that worked 2 years ago - they don’t work at all now, everyone has heard the concept of a shop tightening the nuts and stopping giving, but what does it mean to tighten the nuts?
[19:12:15] <Hoseramires> There are also guys who seem to work successfully without delving into anti-fraud systems, and I think there are such people too, but you need to dig a little deeper - what kind of stores do they operate? What kind of goods are in these stores? And it will become clear that these are small shops that did not have time to connect a decent anti-fraud system, or these are shops in small countries, for example, Kyrgyzstan. Of course, such schemes can work, but they die very, very quickly, connecting to new anti-fraud systems or training the system using machine learning.
[19:13:31] <Hoseramires> Let's skip all the stages of searching for shops, registering in them, this is all part of the process, let's look at the payment stage.
[19:13:48] <Hoseramires> When entering the card number on the payment page, our payment does not go directly to the bank, but goes to a third-party service - Antifraud service, which analyzes all the information that you provided about yourself, and this is not only those the data that you entered manually, such as address, telephone, mail, card and everything else, the system also evaluates you according to those parameters that are not obvious but are unique for each user in the store.
[19:14:48] <Hoseramires> If at this stage the anti-fraud does not have questions for us, or there are, but we have not scored enough fraud points to get us on board right away, our payment goes to the next stage of verification - this is an anti-fraud of the visa system itself , mastercard and others, at this stage we may be asked for a 3DS, this is not a mandatory stage, but it exists and that’s why we are considering it.
[19:15:38] <Hoseramires> Only after these checks does our payment reach the bank, where the bank, based on the results of checking the antifraud systems, sees that we are all white and fluffy and debits the money from our account, and the payment goes to the store.
[19:16:06] <Hoseramires> Everyone is happy - the shop gets money, someone gets a product or service, but what happens behind the scenes of these checks? What do antifraud systems look at?
[19:16:28] <Hoseramires> There are 2 types of anti-fraud systems, open - these are those where we can see what is being checked and closed - in which we will never know exactly what is being analyzed, we will look at the open infrastructure anti-fraud system, look at those parameters which can be analyzed by fraud
[19:17:08] <Hoseramires> There are about 170 such main parameters and this is at the moment, before there were fewer, later there will be more
[19:17:23] <Hoseramires> There is an anti-fraud system SEON (seon.io) this is a powerful anti-fraud system that works with large companies Forex Club, Air France, After Pay, PokerStar, Home Credit and hundreds of others, these are those who agreed place your logo on the home page, most do not do this for security reasons.
[19:18:08] <Hoseramires> But even with those that are on the main page, it is clear that these are very large companies.
[19:18:20] <Hoseramires> https://ibb.co/8KGVr40
[19:18:24] <Hoseramires> This service allows you to look inside this system and do it for free, I think that
[19:18:38] <Hoseramires> this opportunity may be closed in the near future
[19:18:45] <Hoseramires> https://ibb.co/4KFTnr5
[19:18:49] <Hoseramires> Since you are registering in the anti-fraud system, do not forget that you and your registration will also be analyzed, and you will not be able to register with the wrong email or even with a dirty Google account, do it on clean mail.
[19:19:23] <Hoseramires> After registration, we see this powerful tool from the inside, and what to see and what is important for this system - go to the Scoring Engine tab and then in the default rules this will be enough to understand.
[19:19:53] <Hoseramires> https://ibb.co/hgJsMRn
[19:19:57] <Hoseramires> we see a bunch of parameters that can be sorted by fraud points or importance for the system
[19:20:11] <Hoseramires> https://ibb.co/hFW8pWB
[19:20:14] <Hoseramires> we see what is important and also what category this parameter belongs to.
[19:20:25] <Hoseramires> The first parameter that can kill all pure thoughts and undertakings is if you use Tor to visit the site, you will receive an instant ban, even if you have super trust mail, a clean system and other parameters - immediately by
[19:21:00] <Hoseramires> The second most important parameter concerns your mail - the use of disposable mail will also negate all your further efforts.
[19:21:20] <Hoseramires> The third important parameter and immediately a big jump in points, there are only 20 of them - this is the use of a proxy - if you get caught doing this, then you get 20 points - not critical - but they will
[19:21:44] <Hoseramires> The fourth parameter is your mail, whether you use normal mail or just typed letters, added a dog with the left domain and .com, here you will also get 20 points
[19:22:09] <Hoseramires> ID RULE NAME | SCORE CATEGORY
[19:22:15] <Hoseramires> P103 Customer is using TOR |95 IP Rules
[19:22:21] <Hoseramires> E100 Domain is disposable |80 Email Rules
[19:22:27] <Hoseramires> P105 Customer is using a Web proxy |20 IP Rules
[19:22:34] <Hoseramires> E120 Domain is not registered |20 Email Rules
[19:22:41] <Hoseramires> HC117 Suspicious browser profile - Bots and automation |12 Other Rules
[19:22:52] <Hoseramires> PH105 Phone is disposable |10 Phone Rules
[19:22:58] <Hoseramires> P112 Customer is using public proxy |10 IP Rules
[19:23:06] <Hoseramires> HC107 Customer is from Nordic country and using VPN |10 Other Rules
[19:23:16] <Hoseramires> P106 Customer is using a datacenter ISP |10 IP Rules
[19:23:24] <Hoseramires> E102 Domain is custom and was registered less than 1 month ago. No online profiles were found. It was not involved in a data breach |10 Email Rules
[19:23:46] <Hoseramires> E114 Domain is a free provider. No online profiles were found. It was not involved in a data breach |10 Email Rules
[19:24:03] <Hoseramires> HC125 Suspicious browser profile - Spoofing |8 Other Rules
[19:24:11] <Hoseramires> HC124 Browser version age is greater or equal to 5 years |8 Other Rules
[19:24:22] <Hoseramires> PH103 Phone is not possible |8 Phone Rules
[19:24:29] <Hoseramires> The remaining parameters are less important, and the average parameters for the successful passage of this system are about 50 points, if you don’t screw up too hard, then everything will be ok.
[19:24:54] <Hoseramires> But these are all default parameters, just what is there, but what will not be used in this form by default.
[19:25:10] <Hoseramires> And what can the anti-fraud system find out about us if desired, what parameters are available for analysis? This question will be answered by the Custom Rules tab, where you can see all possible parameters
[19:25:37] <Hoseramires> We create a new rule for evaluation and see that only this system can see about 470 parameters about us, each of which can be configured and each of which can be assigned its own value for fraud points
[19:26:07] <Hoseramires> Once again - 470 parameters that the system sees about you.
[19:26:15] <Hoseramires> Most, of course, will not be analyzed by the antifraud by default, but if necessary, the rules will be configured so that they can see what they need in each specific case.
[19:26:42] <Hoseramires> In order not to clutter up the lecture, I will post all the parameters for analysis as a link to the private one, you can take a look.
[19:26:57] <Hoseramires> https://privnote.com/OASAlqot#gbMmGuFzy
[19:27:03] <Hoseramires> Let's go over the main ones
[19:27:08] <Hoseramires> + Mail - registered social networks Facebook LinkedIn GitHub Vimeo Flickr Foursquare LastFM Myspace Pinterest Skype Yahoo Twitter Apple Yahoo Ebay Gravatar Airbnb and dozens of others, including Odnoklassniki and VKontakte - you can check not only whether your account is registered or not , but also filled in fields - last name, first name, biography and the rest. This parameter is one of the most important, since there are no living people who do not have this, which means that either this is a newly created account of a living person or it was created for some purpose - but in any case, this is out of the ordinary
[19:28:30] <Hoseramires> + Phone number - Skype Viber Whatsapp + the same social networks as when analyzing mail, plus the validity of the phone, operator, country, etc.
[19:28:49] <Hoseramires> Please note these are the most important parameters that are currently used in most antifraud systems.
[19:29:05] <Hoseramires> And when you use Google Voice, you should immediately understand that it’s all visible, and you’ve already collected extra fraud points
[19:29:22] <Hoseramires> Google Voice, purchased somewhere in a bot, will not have registrations on social networks, will not have Viber and WhatsApp and other services. I've met Google Voice accounts that had some kind of registration, but these are just a few of the few, usually they are 100% clean
[19:29:58] <Hoseramires> I also draw attention to fake numbers, when you indicate false numbers or, even worse, fictitious ones. You must understand that the numbers in a phone number are just the tip of the iceberg, which contains tons of information.
[19:30:29] <Hoseramires> The phone verification system works on the Get Contact principle, it can check how the owner is recorded in the phone books of people with the account name
[19:30:51] <Hoseramires> + IP – cleanliness, blacklists, proxies, open ports, DNS and everything else related to your IP. This is the third important parameter that you need to work with; using a clean IP is +20% to your success.
[19:31:21] <Hoseramires> People with experience remember the time when the cleanliness of the IP was assessed by the ability to register mail on Google without a phone number, I don’t know if it works now or not, but now you understand that clean, new mail is a bright spot about you in any anti-fraud system, but a clean IP is always good)
[19:32:04] <Hoseramires> Also, this SEO system has machine learning, which will draw conclusions based on the history of work, even if something is not configured for it initially.
[19:32:27] <Hoseramires> How it works.
[19:32:30] <Hoseramires> You find a shop that allowed you to place an order for a good amount, you are glad, you made your first profit by selling this stuff cheaply, received a coin, and for the sake of a nice word you told about this shop and bin in to your small group in TG. Hungry classmates are sitting in this group, and having heard that there is a shop, that there is a passing bin, they begin to crowd into it the same bin, of which there are a lot in shops - no one had used it before - but then - things started to happen, you have to beat
[19:33:35] <Hoseramires> And there are such attempts to drive in, and this is nothing more than shopping in a store - instead of the usual 2 purchases per hour - 40 pass, and everything seems to be ok - clean sox, good mail - that's all as it should - and even the warrant was hanged - and then bang
[19:34:04] <Hoseramires> And the order was canceled 12 hours later.
[19:34:09] <Hoseramires> And what happened - after all, everything is clean - you can’t find fault. Yes, from the purity side there are no questions, but for the antifraud this is an anomaly - and the system signaled to the store owner that something was wrong. The owner came in the morning and canceled all orders that seemed suspicious to the system.
[19:34:48] <Hoseramires> https://ibb.co/7Ct6NQf
[19:34:52] <Hoseramires> You, having received the respect of your classmates for adjusting the giving scheme, the next day decide to make another pack, acting according to the “working scheme” you discover an instant Decline, since the system has learned, the owner adjusted it and the shop is bigger does not work according to this scheme. But what it doesn’t give is only to you, and ordinary customers to continue shopping there.
[19:35:42] <Hoseramires> Let's return to our anti-fraud system.
[19:35:47] <Hoseramires> In addition to all the parameters for evaluating us with the system, we can also check the parameters from which we will enter, your mail, telephone IP, addresses, and even your card, how many points you can count on.
[19:36:18] <Hoseramires> https://ibb.co/4pFmX3w
[19:36:22] <Hoseramires> Fill out the data that you have, mail, IP, and everything else, you don’t need to fill out all the fields - you simply won’t have some of the information - fill in what you have and get the output whether your drive will be successful or not is of course not a 100% guarantee, but having mastered this tool you will understand how your assessment system works and with the right skills - by adapting to them you can bypass any anti-fraud system.
[19:37:20] <Hoseramires> I draw your attention to the example of one anti-fraud system SEON - it is large, works with many services and shops, and if you have an identity (mail, phone, system, IP) that was exposed in one of of these services, then you can guess that with the same introductory information, you will get a turnaround in any other service or shop that is served by the current antifraud system.
[19:38:17] <Hoseramires> This is something that concerns exactly one system. But the parameters for assessing personality are very similar from one system to another. If your mail does not have registrations and is shown as a new region, it will be like this in all antifraud systems, even though the systems have different databases, and the dossier on your identity will be in one system; when you enter it into a shop, it is serviced in another antifraud system, it will pull up almost all the parameters and data that is stored on your personality in SEO.
[19:39:20] <Hoseramires> AF systems are growing and developing, and in order to be successful in our field, we must constantly monitor these changes and adapt to them.
[19:39:41] <Hoseramires> This is the end of the lecture, put a question mark and I will answer
[19:40:01] <Mr_Lotus> From the lecture - The second most important parameter concerns your mail - the use of disposable mail will also negate all your further efforts.
What does disposable mail mean?
Does this mean that you need to somehow warm up the mail in advance or let it go lightly?
Or should I buy a pre-heated one?
[19:41:38] <Hoseramires> Mr_Lotus: yopmail.com and the like are disposable mail, no amount of time will give results, only mail with a high social rating can help
[19:42:01] <Snork> At the last lecture it was said that you need to buy old mail.
Question: Even if the email is old, there are hardly any registrations there, then perhaps before entering you need to register social networks and so on?
How are you doing at this moment yourself, please tell me.
[19:42:19] <Snork> And is it necessary to register social networks in the name of the holder?
[19:45:19] <Hoseramires> Snork: simply registering on social networks will not give you absolutely anything, you need the mail of a real person who used it, if it is a 2-year-old mail, but for 2 years there is not a single registration on it then in terms of its social rating it will be equal to Novoreg mail, there is only one way out - buy good mail, and let it be in a different name, you can place an order for friends and acquaintances, but this will give you 100 points ahead of Novoreg
[19:45:36] <Serpantin666> Antifraud sees the registration date of the same Facebook and other social networks? What to do in this case?
[19:46:51] <Hoseramires> sees, but you’re asking for 1 parameter, and the other 140 don’t bother you? take good mail and let him see anything, you will be in a better position than with novoreg
[19:47:12] <ya8no> Greetings.) my question is - what does clean ip mean? How do you know if it's clean? and one more thing - how not to burn what you are using as a proxy? How can the system shoot at all in addition to blacklists?
[19:49:34] <Hoseramires> ya8no: good question, the cleanliness of the IP is checked using several dozen parameters, about 30-40, the most important of which are about 8, when you take a sock you always need to check how clean it is, and black sheets can be always, maybe 1-2 or maybe 20, and it will be a different situation, maybe since this IP for several years the Chinese have been brutalizing something - such a sock is clearly not suitable
[19:49:41] <Hoseramires> vitoscanelli: come on
[19:49:45] <vitoscanelli> sooner or later will driving (carding) die (purely your opinion)? considering how af develops, etc.?
[19:50:26] <Hoseramires> vitoscanelli: will die only when the end of the world comes, not before, there will always be holes that are used
[19:51:19] <KimJo> 1. If we check the data through SEO and go to enter it after a couple of hours, won’t this help us score bad points? It’s strange that someone checked this data and then almost immediately went to enter it. 2. It’s probably not worth registering your personal email on Seon? Is it better to buy a clean, resting one, for example? 3. Seon checks well how the AF system for a store or does the AF of banks also work on a similar principle?
[19:52:15] <Hoseramires> KimJo: 1 can't
2 not worth it
3 all systems work on the same principle since the initial data for analysis is the same for all
[19:52:58] <alcapon> I saw on the forum that someone advised to register social networks on newregs gmail? or is it completely pointless
[19:55:12] <Hoseramires> alcapon: depending on what the goal is, if you increase your social rating here and now, then it’s complete nonsense, if you masturbate, then it’s possible, if you manage social networks and maintain them for half a year, plus you use mail while you’re regulating it’s in different mailing lists and on different platforms - that’s normal, but after half a year, everyone decides for themselves whether they need it or not, it’s easier to give 2 bucks and get normal mail now, my opinion.
[19:55:39] <nlf> where to get actively used emails? are they sold somewhere on the forum? 2. I didn’t quite understand the seon. Is it possible to check the material that we will then enter there?
[19:57:26] <Hoseramires> nlf:
1 yes, on our forum, as well as in telegram channels there are such offers
2nd season is an anti-fraud system, and this allows you to look at the work from the inside, you can test the parameters that you will use when entering, and if you see that you are falling short somewhere, correct them
[19:57:44] <GorilaDuster> such a question, in previous classes it was said that it is better to create mail under the name CH, and this is not the first time it has been said that it is better to buy old mail, but if you buy old mail, there will be no opportunity to change the name. and the situation will turn out that the mail is to Vasya Pupkin and CH John McCain, which will be more destructive for AF?
[20:00:47] <Hoseramires> GorilaDuster: look, there is Vasya Pupkin, who can be checked and found on social networks and many other places, he has been using it for 10 years and has appeared everywhere, and there is John Smith, who appeared today and trying to buy a MacBook for 5k, who will be more trusted? what if Vasya Pupkin buys poppy seeds for his maternal brother John? who will be more trusted? I think the choice will be obvious
[20:01:15] <BaronLuffy> When you type in, when you’re already warming up the shop, it will be completely pointless to register a social network, it won’t even give you one point, right? Is it easier not to waste time and shoot like this, without social networks, or to buy a heated version? I saw the answers to the previous questions, I want to finally put an end to it for myself. I just saw somewhere that one of the lecturers had previously registered social networks on novoreg mail
[20:04:48] <Hoseramires> BaronLuffy: I highly recommend just doing an experiment, even with the same seon, check your personal old mail, and check your new account, and then register 3 dozen social networks on it and check it again, and you have everything will work out in your head, social networks will not change the social rating immediately, even in a week, this is a long painstaking process, and if you have a scheme that works exactly like this, but after a month or two, then you can edit new registers, edit social networks, and drive in 2 months, I think in theory such a scheme can also exist, but here you need to understand what kind of material you have, whether it will live that long or not, there are a lot of development options here
[20:06:03] <Dreamwalker> Is the Hushed service a good solution for our problems, or maybe there are other services that are more suitable? On Husha, for example, I can register all services and receive SMS for a long time and calls, which should give more trust.
[20:07:01] <Snork> Then maybe it makes sense to buy social network accounts? The same Facebook (with age), because the kit includes mail or another social network.
Also, what is the minimum age for mail?
How do you do it yourself?
Thank you.
[20:07:16] <Hoseramires> Dreamwalker: I haven’t encountered such a service, I can’t say anything
[20:11:57] <Hoseramires> Snork: regarding social networks - it’s not clear what it is, if this is one social network for which mail was managed, then this is not a working option, one social network does not make a difference at all, the concept What is mail age? you can take a mail that is 20 years old but for which nothing has been regulated for these 20 years - the social rating is pure zero, or you can take a six-month mail that will have an active life, and it will be top, only buying old mail will give results, a very good option is mail dead people, but this must be dealt with. after 2 years, according to the new rules, Google deletes emails that were not used, and such emails can be registered again, and with this approach there can be a bunch of registrations at the post office, a completely working option
[20:12:14] <korovka_stig> what’s the best way to deal with a phone? so as not to receive fraud points.
[20:13:20] <Hoseramires> korovka_stig: with a phone it’s more difficult, here you either indicate the phone number or look for some clean, real number with SMS reception
[20:14:51] <Hoseramires> haskj17: I missed you
[20:15:18] <Snork> And yet, please tell me how you do it yourself?
Are you buying old mail with a large number of registrations?
I apologize, but I want to understand the mechanism.
[20:15:59] <Hoseramires> Snork: yes, I buy mail with a high social rating, I don’t understand the question, there are offers on the market - you buy what you need
[20:16:13] <pyokey> Where can I buy a phone number?
[20:16:34] <haskj17> Hoseramires: I missed the point. I read an incomprehensible part of the lecture. Can I ask a question?
[20:16:48] <Hoseramires> pyokey: start your search from our forum, there are plenty of offers, look at the review services
[20:17:55] <ya8no> you said that you should always check how clean the sock is. How to do it ? or where can I read about this process?
and one more) can you recommend a tg service for buying old regs? Please
[20:18:03] <haskj17> What postal stores do you recommend? Today I was looking for services, specifically by mail, and there weren’t that many
[20:21:20] <Hoseramires> ya8no:
https://t.me/ip_score_checker_bot?start=3C0B939 this is an IP checker
There was also a bot by mail, but I couldn’t find it right away, but there are shops, ask in the Q&A, I don’t remember exactly what it’s called, they’ll send you a link there
[20:23:16] <Hoseramires> haskj17: I actually didn’t look well, they are sold in packs, you can find them more expensive and individually, or you can find them in packs and almost free, but the social rating will have to be checked separately, ya8no will ask on the forum - it will be possible enjoy
[20:23:40] <Hoseramires> guys, did you answer everyone? or who did you miss?
[20:23:51] <Serpantin666> It turns out that it’s quite suitable to work with logs from the stealer? After all, there are cookies and active mail
[20:24:11] <Hoseramires> Serpantin666: if you have access then yes, this is a good option
[20:24:49] <Snork> Only you still need to grow into a stealer?)
[20:25:45] <Hoseramires> Snork: yes, but it opens up huge prospects, but again you need volume, and do everything with your team, then there will be an effect
[20:26:48] <haskj17> Is a purchased log suitable for these purposes?
[20:27:05] <Hoseramires> haskj17: for which ones?
[20:27:26] <Snork> Off-topic question.
Will working with logs, etc. be discussed in lectures? BA for example or something else.
[20:27:38] <haskj17> We have a log with US mail. Is it suitable for hitting?
[20:27:42] <Hoseramires> Snork: will be
[20:28:46] <Hoseramires> haskj17: oh. the log does not give mail superpowers, also check the social rating - high - you can use it, low - you can also use it, but there will be little effect
[20:29:04] <Hoseramires> ok, if there are no questions, then good luck to everyone!! I recommend watching AF videos from vector T13, he looks at this direction well
[20:29:13] <Hoseramires> left
