Carding
Professional
- Messages
- 2,871
- Reaction score
- 2,342
- Points
- 113
Lecturer: Payne
Greetings. Lecture topic: “Driving in CC from A to Z”
As such, “driving in” is not too different from ordering pizza from a personal card - it’s still the same selection of goods, filling out fields on the website pages and conducting a transaction. Everything changes with the introduction of disguise into the equation: the perception of the client through the prism of anti-fraud systems takes on special importance, and in conditions of incomplete information about the owner of the material and limited actions, there is a greater chance of making a mistake.
Positive and negative features in the client’s image, prerequisites for success and failure, interpretation of results, examples and practical considerations - it is quite possible that a detailed review of the process can answer some of the pressing questions. Exploring theory is necessary to eliminate gaps in knowledge, reduce errors, or at least understand where to look for them.
Three “pillars” on which a successful transaction stands: material, disguise and client actions on the website of the store or service. Let's start by discussing the material.
• validity. Of course, it will not be possible to achieve results without live material, but formal performance is not the key to success. Multiple payment attempts, a suspicious client profile, checkers and financial pressure can accidentally ruin the material or provoke a limitation of its capabilities.
Moreover, initially live material may fall into the hands of people already limited, for example, by transaction limits, a modest balance, or other technical features. Therefore, you should not rely entirely on standard verification methods (except perhaps enroll and calling the bank), nor should you wield the material like a jackhammer;
• the balance, in turn, can be guessed to some extent using the type and level of the card: Debit, Credit; Classic, Gold, Premier, Platinum, etc. Intuition suggests that platinum credit cards often turn out to be richer than classic debit cards, but in general problems in this regard cannot be ruled out.
• VBV and analogues: MCSC for MasterCard, SafeKey for Amex, automatic processing without a password AutoVBV. During your work, you may encounter a request for an additional password for the card when conducting a transaction. Then you will have to look for non-VBV stores, change the material or, depending on the bin, change the password using various information about the owner;
• chargeback - transaction cancellation, its speed and probability. Automatic cancellation, as a rule, occurs immediately, but if the owner reacts, the time depends on his efficiency, the type of notifications about transactions (periodic statements, online access, messages, etc.) and the procedural subtleties of the bank: for example, in the case of using VBV instead of fast cancellation proceedings may be initiated;
• statistical data. The above ultimately converges at one point - the map bin. And certain bins, similar to, for example, IP addresses, due to the actions of other people, can be marked as a risk factor or even be on the blacklist of anti-fraud systems. In addition, what works today will not necessarily work tomorrow.
Also, if the bank is sensitive, its information about the client can play a role: for example, over the past months the owner of the material has been satisfying only household needs to pay bills or groceries, and then one day he lost his temper and tried to order fake Rolexes on the Internet. It is very likely that if you do not block the card, then at least the bank can suspend the transaction.
The second “whale” is camouflage. If previous lectures described general discussions regarding the characteristics of the IP address, device fingerprints, system and browser data, then here some specific aspects of the topics raised in the context of practice will be presented. However, it is important to understand: this is an addition, not a change in principles.
• Firstly, the distance between the zip codes (ZIP) of the IP address and the material. Based on the idea that the content owner is more likely to transact from a personal IP address, it is reasonable to expect a relationship between increased distance and decreased transaction rates from alternate IP addresses. Although this is situational (for example, if billing changes), under normal circumstances it cannot be ignored.
This means that if the material index is “12345”, the best choice would be the same – “12345”, or the closest available: “1234*”, “123**”. In most cases, the location of the IP address is found out when visiting anonymity verification sites, but in reality their information may differ radically from the stores’ own opinion about the client due to differences in databases.
Therefore, information needs to be checked on different sites, and if the store leaves hints in the form of automatically filling out part of the client’s data (for example, zip code, city and state) - of course, when setting up masking and choosing material, his opinion is preferable;
• Secondly, the store experience. The characteristics of orders and fingerprints of different clients within the same anti-fraud system can be compared with each other. If the client's assessment on many points coincides with fraudulent precedents (or, conversely, with honest ones), the result of the transaction may change accordingly. Relatively speaking, on average in a hospital it is better to be as healthy as possible.
This also means that due to the detection of similar indicators in different orders, the use of several disguises by one client will become obvious (multi-accounting), and experience tends to grow over time - increasing recognition and sampling for comparison leads to the need to develop after anti-fraud systems. Sometimes you need to change your approach;
• thirdly, the session. This includes the client’s actions before visiting the store: registration of social networks and general surfing. Anti-fraud systems are capable of both checking social networks registered to the client’s email address (Facebook, LinkedIn, Google, Instagram, etc.) and establishing the fact of their authorization in the browser - https://browserleaks.com/social - demonstration.
The completeness of accounts with photos and information is not automatically checked, and the very presence of registration already plays in favor of the image of a normal client. At the same time, depending on the anti-fraud system, the age of the email, the dates of its first appearance on social networks and specific activity can significantly increase the credibility of the email.
Another detail that has a positive effect on the client’s portrait is the imitation of the behavior of an ordinary person. For example, a conscious search for goods or services, interaction with contextual advertising, reading popular media and other actions appropriate to disguise as the owner of the material can play along with large analytical companies and advertising managers.
The latter will collect information about the user, then, perhaps, through a chain of analytics and advertising, it will reach popular sites, thus reinforcing the illusion. Strictly speaking, this will allow you to kill two birds with one stone: filling the cookie and imitating the behavior of the average client, a hamster user, so to speak. Of course, surfing is carried out with prepared camouflage.
The third “pillar” is the client’s actions on the website of the store or service. Although we will talk about some universal patterns of behavior, it is extremely important to understand that there is no one solution to all problems or a “formula for success”. Depending on the anti-fraud system, the store, human factors and general financial or technical trends, any rule can be broken.
• the way the customer enters the store. Statistics are collected to analyze marketing effectiveness and evaluate customers. Surely at least once there has been a survey about how exactly the client found the service - proof that they are interested in this.
Some examples: browser home page > store; various search engines > store; social networks, advertising on other sites, coupon or cashback services, email newsletters > store. Let’s assume that if, in percentage terms, the “through a search engine” method has more problematic transactions than the “from the mailing list” method, it is logical that the latter may have more trust;
• suspicious behavior. It's like when a person is asked to behave naturally, and he turns into a twitchy robot... Actions can manifest themselves as follows: copy-paste, surfing speed, chaotic switching between tabs (for example, to use a translator), lightning-fast filling of fields, amazing awareness " new" client about all the functions and products of the store.
Or in an incorrect delay - a break between the first visit or registration and the completion of the transaction. You need to not break off at the last moment before ordering, having already linked the material, so that a week later you can continue from the same place, but copy the adequate behavior of people: registration, studying the assortment, viewing photos, choosing, comparing, organic return to the store.
Or in the ordering method. Firstly, in most cases, orders are placed with a registration or "guest". On the one hand, the account will be considered recent, not to mention the fact that there is a possibility that the owner of the material from his account in the store. On the other hand, the fact of registration itself can add loyalty, and a “guest” is, in a sense, a new, unverified client.
In other words, one or another opinion about the client cannot be avoided; one must strive to improve the overall perception. Secondly, indicators in the payment process: time from registration or linking of material to the transaction, changes in personal data, number of payment attempts, promotional codes used, cart filling or “buy now” - all this to some extent produces an impression of the client.
Many payment attempts and different cards will cast a shadow, and a promotional code for subscribing to the email newsletter can contribute to the result. In practice, you just need to look like a normal client and not stand out too much. Typing is okay, copy-pasting your own name is not.
It is worth noting separately: some stores allow you to place an order by calling the store - “order by phone”. It happens that a client, due to technical problems with the site, turns directly to support, which independently fills out all the data. The anti-fraud system does not evaluate fingerprints, but the method itself is expensive and suspicious.
In general, behavioral features are variable and the entire warming up scenario can be attributed to them. It is useful to understand the following: “holders” are not an abstract term, but real, ordinary people. One will put VBV, the other will not; the third will scour dozens of sites before purchasing or, on the contrary, immediately place an order;
• the owner of the material may have already completed transactions in a particular store. Most likely, his transactions will create a contradiction in the fingerprints associated with the material, remembered by the anti-fraud system. In this case, how much the chance of selling the material in the same store decreases depends on the activity of the owner and the presence of registration.
If orders were placed without registration or long enough ago that changes can be explained by the passage of time, the chances remain. Personality without registration is not so pronounced, but if it took place, forgetting about the account of a certain store is, in principle, a matter of everyday life, especially after the passage of time.
However, the details of the owner’s activity also matter: if he is a frequent guest and prefers strictly selected goods and price categories, then unusual orders, teleportations between cities and almost parallel sessions will stand out from the established image of the client;
• by the way, individual products and price categories in stores may be treated with increased attention and filters of anti-fraud systems may be adjusted accordingly. Manifests itself in the form of a more serious assessment of the client, verification, manual checks, and restrictions on delivery types. Examples are gift certificates (gifts), especially expensive or “fraudulent” items;
• AVS. Address Verification System is a verification system that checks the (personal) address used during the billing transaction with the data in the client’s bank file. Provided in the USA, CA, UK and allows you to at least identify a security risk if the addresses do not match - failure of verification means incorrect card information. In other words, transactions may be rejected due to incorrect information.
Mostly, incorrect information is the result of a method of obtaining material in which the source is the owner himself (phishing, sniffing), although loss of relevance or technical failures are also possible. You can correct the deficiency like this: find what you need in the public domain, for example, on social networks; use special material or services for searching - private ones on the forum, whitepages and analogues.
The shipping (delivery) address, in turn, is the competence of the anti-fraud system and shows: a match with the billing, and therefore with the bank file; use of blacklisted addresses and location. To verify AVS, billing is sufficient, which implies the possibility of working with different addresses.
Although in principle there is nothing supernatural in ordering to a work or alternative address, consumer goods (clothing, mass electronics, etc.) are most often purchased at home, in most cases coinciding with billing. This means that among orders to an alternative address there are relatively more fraudulent ones, for example, due to the use of intermediaries.
Moreover, the distance between addresses can also cause suspicion - after all, it’s rare for someone to move or order a new device halfway across the country. In addition, comparison is possible not only in relation to address locations, but also taking into account the IP address map... as a result, stores are wary of such orders.
It is possible to work to different addresses in this form: sending to billing with the goal of redirecting the parcel to another address during the delivery process or stopping at the post office and picking it up in person (reroute and pickup) - using dialing services, if there are no prohibitions from the store or there are chances get around them; searching for stores that ship to different addresses or can be warmed up (“I want to order a gift for a friend”);
special material with the function of changing the address (for example, enroll, also eliminates errors in billing); or avoid AVS altogether - working with digital goods, payment systems and banks where address manipulation is not required, as well as countries without AVS. Sometimes the store’s attitude towards sending to an alternative address can be found somewhere on the site pages or from support.
Possible results of placing an order, with rare exceptions, are as follows:
• confirmation. It is important to understand that confirmation is usually not final. Firstly, it can only be a notification of the creation of an application that has yet to be processed; secondly, even if processing has taken place, the material may die during delivery and the package may turn around. In a particular store, the difference is determined empirically, but in general, it’s too early to divide the bearskin;
• decline. Instant rejection on the payment page during the order placement process. Possible reasons from least to most likely: technical problems of the store, including sad statistics (“nerdiness”); The anti-fraud system does not allow you to submit an application due to lack of trust in the client; problems with the material - invalidity, balance or various restrictions on the bank’s side;
• cancel. Cancellation notification by email after placing your order. A similar description of the reasons: death of the material due to the reaction of the owner or bank; problems with the material that were not identified at the application stage; a negative response from the anti-fraud system - not only automatically, but also after manual verification by the operator or contact with the owner of the material;
• verification. For reasons of distrust, suspicion, general increased alertness or special attitude towards certain categories of goods, stores and business services (exchanges, exchangers, payment systems, etc.) may request verification of certain data.
In the case of stores, this is, in particular, a photo of the card used for payment (usually it is enough to cover everything except the last four digits of the number) or a request to contact support by phone to “clarify the details” - and in reality, to carry out verification with leading questions and information from the client’s life - “background”. The request comes by email; they rarely call on their own initiative.
Checks can be very different: past places of work, addresses, make of personal car, etc. You can find information in the same way as billing, but to make a call you should contact dialing services. In addition, such a request itself, depending on the store, may mean incorrect billing when placing an order.
In turn, business services adhere to the practice of “KYC” (know your customer, know your client) - legal requirements to combat money laundering, tax evasion, and other things. Based on the situation, you will have to turn to the services of dummies, verification services, drawing and selling documents.
At a minimum, you may need: SMS phone confirmation, bank account statement, photo of a document (passport or license) with special requests like “at an angle,” a personal photo along with documents, as well as proof of address - registration or a recent receipt for utility bills . At the most, up to video recordings or real-time conferences and even office visits.
Special verification methods: firstly, a request for data about a transaction, for example, the exact size of a microtransaction sent or authorized by the service ("mini-transactions"), a transaction identifier or a comment on it - used by both stores and business services. Secondly, the bank blocks the transaction until authorization through the owner’s or support contact’s email specified in the bank file.
Microtransactions are verified using enroll or calling the bank; a request for authorization through the owner’s email is, in fact, the death of the card (and outwardly no different from decline or cancel), since under normal circumstances there is no such access - but the scenario is infrequent and there is no point in getting hung up on it, and if necessary, you can try to improve the disguise, look for information to call the bank or change material.
Summarize. Details matter, and room for improvement can always be found, even when failures seem to occur for no apparent reason. The field of activity is in constant motion, and in order to always keep your finger on the pulse of events, you need to continue to experiment. That's all. Let's move on to the questions, put "?".
Serpantin666 19:58
I'll get ahead of myself again. When entering e-gift, what should be the interval between purchases? I drove in 4 Gifts for $25 each, from a non-BBB card, I did intervals of 5 minutes, but on the 5th entry there was a Decline, although after checking the card, the checker replied that it was alive
Payne 19:59
Natural. Have you ever bought something like this for yourself? This is not the most appropriate behavior.
Veles24 20:00
1.if when typing in it asks for 3DS, what should I do?
2. if the card did not go through in one store, can you try to get it into another store?
3.how to order goods for drop?
Payne 20:01
1. Described in the lecture.
2. Yes, definitely. The reuse of material will still be touched upon, although in a slightly different context.
3. Find a drop and order goods for it. Why this might not work, why it might work, what options there are regarding the material, etc. are described in the lecture.
pyokey 20:01
What is enroll?
Which warehouse intermediary do you recommend?
Payne 20:02
1. Online access to the material. Online banking. Material.
2. Warehouse? I don’t quite understand about the warehouse, but in general they are all public. You can choose yourself + there is a separate lecture.
Snork 20:02
Can you please talk about Enrolls? I understand that the topic has already been raised, but I would like more details from you.
What is this animal and what is it eaten with?
Payne 20:03
There is a separate lecture on this topic.
Stralixxx 20:03
There are 3ds cards with push notifications, how are such push notifications received?
Payne 20:03
Phishing, viruses and the like.
KimJo 20:03
1. What to do if you can’t break through BA using inexpensive methods? (and only partially comes with these cards, for example ZIP, City)
2. If you ask the store support about the possibility of sending to another address and they confirm it, can you try to send directly to the drop address?
3. What type of product is best to try to beat for training? (even if it’s cheap, but so that it’s possible to find sites with poor AF) Otherwise, you can’t even find illiquid goods from the store lists in small stores.
4. If I know the address of the real CH mail, does it make sense to register a similar one? Or is it better to take any old reg?
Payne 20:06
1. Try expensive ones, free ones from open or semi-open sources, or change the material.
2. Yes.
3. Actually illiquid. Any unpopular product, that is, not electronics or branded clothing or accessories.
4. No comparison with the real one is made. And even if it was carried out, what would it give if the mail is still incorrect, even if it is similar? Therefore, naturally, warmed mail is better.
Mr_Lotus 20:06
What is the difference between BA and enroll?
Payne 20:07
BA - bank account, bank account. Enroll - access to a card, usually a physical one.
Peter_Parker 20:07
I asked a question for the lecturer in PM and in the group, but didn’t hear an answer, so I decided to ask here.
I would like to ask a question about entering crypto exchanges/exchanges. If you enter crypto exchanges/exchanges in the realities of this time, is it necessary to better focus on the exchanges that allow you to enter or on the banks that allow you to enter?
Payne 20:07
Second.
Peter_Parker 20:08
Are you familiar with mercuryo and have you heard how best to work with it?
merch
Payne 20:09
Do not know.
Stralixxx 20:10
these cards already come with a push and this push comes in the form of an SMS, I came across this when working with merch, but I don’t understand how others received this push
Payne 20:10
That's what he answered. Various types of interception.
BaronLuffy 20:12
Please tell me, do you know such an email verification service emailrep.io? I recently bought a pack of old registry mails, checked several of them, none of them have registered social networks, but there are mentions of these mails in some years, is this also suitable or is it necessary for the social networks to show up?
Payne 20:13
Social networks would naturally be better. This is a cumulative indicator. The more of everything, the better.
vitoscanelli 20:14
Will they post links to past lectures? I would like to consolidate the material
Payne 20:15
So they are posted on the forum within 48 hours after each lecture, starting from the first.
vitoscanelli 20:15
starting from 6 they didn’t throw (
BaronLuffy 20:15
Can you please recommend a good shop with old regs, if possible?
Payne 20:17
Vitoscanelli 7 is posted there, I checked it. She was there yesterday. It's the eighth now, it will be today or tomorrow. I don't understand what you can't find.
BaronLuffy The choice of private services is mostly independent based on reviews and reputation. We cannot vouch for third party sellers of the material.
ya8no 20:19
and if I can’t guarantee that, are there any shops that you can just pay attention to?) maybe some that were thrown into the general conf are a little strange. thank you in advance
Payne 20:19
Alas
Any other questions about the topic of the lecture?
Well, since there are no more questions, I thank everyone for their presence and wish them good luck.
Greetings. Lecture topic: “Driving in CC from A to Z”
As such, “driving in” is not too different from ordering pizza from a personal card - it’s still the same selection of goods, filling out fields on the website pages and conducting a transaction. Everything changes with the introduction of disguise into the equation: the perception of the client through the prism of anti-fraud systems takes on special importance, and in conditions of incomplete information about the owner of the material and limited actions, there is a greater chance of making a mistake.
Positive and negative features in the client’s image, prerequisites for success and failure, interpretation of results, examples and practical considerations - it is quite possible that a detailed review of the process can answer some of the pressing questions. Exploring theory is necessary to eliminate gaps in knowledge, reduce errors, or at least understand where to look for them.
Three “pillars” on which a successful transaction stands: material, disguise and client actions on the website of the store or service. Let's start by discussing the material.
• validity. Of course, it will not be possible to achieve results without live material, but formal performance is not the key to success. Multiple payment attempts, a suspicious client profile, checkers and financial pressure can accidentally ruin the material or provoke a limitation of its capabilities.
Moreover, initially live material may fall into the hands of people already limited, for example, by transaction limits, a modest balance, or other technical features. Therefore, you should not rely entirely on standard verification methods (except perhaps enroll and calling the bank), nor should you wield the material like a jackhammer;
• the balance, in turn, can be guessed to some extent using the type and level of the card: Debit, Credit; Classic, Gold, Premier, Platinum, etc. Intuition suggests that platinum credit cards often turn out to be richer than classic debit cards, but in general problems in this regard cannot be ruled out.
• VBV and analogues: MCSC for MasterCard, SafeKey for Amex, automatic processing without a password AutoVBV. During your work, you may encounter a request for an additional password for the card when conducting a transaction. Then you will have to look for non-VBV stores, change the material or, depending on the bin, change the password using various information about the owner;
• chargeback - transaction cancellation, its speed and probability. Automatic cancellation, as a rule, occurs immediately, but if the owner reacts, the time depends on his efficiency, the type of notifications about transactions (periodic statements, online access, messages, etc.) and the procedural subtleties of the bank: for example, in the case of using VBV instead of fast cancellation proceedings may be initiated;
• statistical data. The above ultimately converges at one point - the map bin. And certain bins, similar to, for example, IP addresses, due to the actions of other people, can be marked as a risk factor or even be on the blacklist of anti-fraud systems. In addition, what works today will not necessarily work tomorrow.
Also, if the bank is sensitive, its information about the client can play a role: for example, over the past months the owner of the material has been satisfying only household needs to pay bills or groceries, and then one day he lost his temper and tried to order fake Rolexes on the Internet. It is very likely that if you do not block the card, then at least the bank can suspend the transaction.
The second “whale” is camouflage. If previous lectures described general discussions regarding the characteristics of the IP address, device fingerprints, system and browser data, then here some specific aspects of the topics raised in the context of practice will be presented. However, it is important to understand: this is an addition, not a change in principles.
• Firstly, the distance between the zip codes (ZIP) of the IP address and the material. Based on the idea that the content owner is more likely to transact from a personal IP address, it is reasonable to expect a relationship between increased distance and decreased transaction rates from alternate IP addresses. Although this is situational (for example, if billing changes), under normal circumstances it cannot be ignored.
This means that if the material index is “12345”, the best choice would be the same – “12345”, or the closest available: “1234*”, “123**”. In most cases, the location of the IP address is found out when visiting anonymity verification sites, but in reality their information may differ radically from the stores’ own opinion about the client due to differences in databases.
Therefore, information needs to be checked on different sites, and if the store leaves hints in the form of automatically filling out part of the client’s data (for example, zip code, city and state) - of course, when setting up masking and choosing material, his opinion is preferable;
• Secondly, the store experience. The characteristics of orders and fingerprints of different clients within the same anti-fraud system can be compared with each other. If the client's assessment on many points coincides with fraudulent precedents (or, conversely, with honest ones), the result of the transaction may change accordingly. Relatively speaking, on average in a hospital it is better to be as healthy as possible.
This also means that due to the detection of similar indicators in different orders, the use of several disguises by one client will become obvious (multi-accounting), and experience tends to grow over time - increasing recognition and sampling for comparison leads to the need to develop after anti-fraud systems. Sometimes you need to change your approach;
• thirdly, the session. This includes the client’s actions before visiting the store: registration of social networks and general surfing. Anti-fraud systems are capable of both checking social networks registered to the client’s email address (Facebook, LinkedIn, Google, Instagram, etc.) and establishing the fact of their authorization in the browser - https://browserleaks.com/social - demonstration.
The completeness of accounts with photos and information is not automatically checked, and the very presence of registration already plays in favor of the image of a normal client. At the same time, depending on the anti-fraud system, the age of the email, the dates of its first appearance on social networks and specific activity can significantly increase the credibility of the email.
Another detail that has a positive effect on the client’s portrait is the imitation of the behavior of an ordinary person. For example, a conscious search for goods or services, interaction with contextual advertising, reading popular media and other actions appropriate to disguise as the owner of the material can play along with large analytical companies and advertising managers.
The latter will collect information about the user, then, perhaps, through a chain of analytics and advertising, it will reach popular sites, thus reinforcing the illusion. Strictly speaking, this will allow you to kill two birds with one stone: filling the cookie and imitating the behavior of the average client, a hamster user, so to speak. Of course, surfing is carried out with prepared camouflage.
The third “pillar” is the client’s actions on the website of the store or service. Although we will talk about some universal patterns of behavior, it is extremely important to understand that there is no one solution to all problems or a “formula for success”. Depending on the anti-fraud system, the store, human factors and general financial or technical trends, any rule can be broken.
• the way the customer enters the store. Statistics are collected to analyze marketing effectiveness and evaluate customers. Surely at least once there has been a survey about how exactly the client found the service - proof that they are interested in this.
Some examples: browser home page > store; various search engines > store; social networks, advertising on other sites, coupon or cashback services, email newsletters > store. Let’s assume that if, in percentage terms, the “through a search engine” method has more problematic transactions than the “from the mailing list” method, it is logical that the latter may have more trust;
• suspicious behavior. It's like when a person is asked to behave naturally, and he turns into a twitchy robot... Actions can manifest themselves as follows: copy-paste, surfing speed, chaotic switching between tabs (for example, to use a translator), lightning-fast filling of fields, amazing awareness " new" client about all the functions and products of the store.
Or in an incorrect delay - a break between the first visit or registration and the completion of the transaction. You need to not break off at the last moment before ordering, having already linked the material, so that a week later you can continue from the same place, but copy the adequate behavior of people: registration, studying the assortment, viewing photos, choosing, comparing, organic return to the store.
Or in the ordering method. Firstly, in most cases, orders are placed with a registration or "guest". On the one hand, the account will be considered recent, not to mention the fact that there is a possibility that the owner of the material from his account in the store. On the other hand, the fact of registration itself can add loyalty, and a “guest” is, in a sense, a new, unverified client.
In other words, one or another opinion about the client cannot be avoided; one must strive to improve the overall perception. Secondly, indicators in the payment process: time from registration or linking of material to the transaction, changes in personal data, number of payment attempts, promotional codes used, cart filling or “buy now” - all this to some extent produces an impression of the client.
Many payment attempts and different cards will cast a shadow, and a promotional code for subscribing to the email newsletter can contribute to the result. In practice, you just need to look like a normal client and not stand out too much. Typing is okay, copy-pasting your own name is not.
It is worth noting separately: some stores allow you to place an order by calling the store - “order by phone”. It happens that a client, due to technical problems with the site, turns directly to support, which independently fills out all the data. The anti-fraud system does not evaluate fingerprints, but the method itself is expensive and suspicious.
In general, behavioral features are variable and the entire warming up scenario can be attributed to them. It is useful to understand the following: “holders” are not an abstract term, but real, ordinary people. One will put VBV, the other will not; the third will scour dozens of sites before purchasing or, on the contrary, immediately place an order;
• the owner of the material may have already completed transactions in a particular store. Most likely, his transactions will create a contradiction in the fingerprints associated with the material, remembered by the anti-fraud system. In this case, how much the chance of selling the material in the same store decreases depends on the activity of the owner and the presence of registration.
If orders were placed without registration or long enough ago that changes can be explained by the passage of time, the chances remain. Personality without registration is not so pronounced, but if it took place, forgetting about the account of a certain store is, in principle, a matter of everyday life, especially after the passage of time.
However, the details of the owner’s activity also matter: if he is a frequent guest and prefers strictly selected goods and price categories, then unusual orders, teleportations between cities and almost parallel sessions will stand out from the established image of the client;
• by the way, individual products and price categories in stores may be treated with increased attention and filters of anti-fraud systems may be adjusted accordingly. Manifests itself in the form of a more serious assessment of the client, verification, manual checks, and restrictions on delivery types. Examples are gift certificates (gifts), especially expensive or “fraudulent” items;
• AVS. Address Verification System is a verification system that checks the (personal) address used during the billing transaction with the data in the client’s bank file. Provided in the USA, CA, UK and allows you to at least identify a security risk if the addresses do not match - failure of verification means incorrect card information. In other words, transactions may be rejected due to incorrect information.
Mostly, incorrect information is the result of a method of obtaining material in which the source is the owner himself (phishing, sniffing), although loss of relevance or technical failures are also possible. You can correct the deficiency like this: find what you need in the public domain, for example, on social networks; use special material or services for searching - private ones on the forum, whitepages and analogues.
The shipping (delivery) address, in turn, is the competence of the anti-fraud system and shows: a match with the billing, and therefore with the bank file; use of blacklisted addresses and location. To verify AVS, billing is sufficient, which implies the possibility of working with different addresses.
Although in principle there is nothing supernatural in ordering to a work or alternative address, consumer goods (clothing, mass electronics, etc.) are most often purchased at home, in most cases coinciding with billing. This means that among orders to an alternative address there are relatively more fraudulent ones, for example, due to the use of intermediaries.
Moreover, the distance between addresses can also cause suspicion - after all, it’s rare for someone to move or order a new device halfway across the country. In addition, comparison is possible not only in relation to address locations, but also taking into account the IP address map... as a result, stores are wary of such orders.
It is possible to work to different addresses in this form: sending to billing with the goal of redirecting the parcel to another address during the delivery process or stopping at the post office and picking it up in person (reroute and pickup) - using dialing services, if there are no prohibitions from the store or there are chances get around them; searching for stores that ship to different addresses or can be warmed up (“I want to order a gift for a friend”);
special material with the function of changing the address (for example, enroll, also eliminates errors in billing); or avoid AVS altogether - working with digital goods, payment systems and banks where address manipulation is not required, as well as countries without AVS. Sometimes the store’s attitude towards sending to an alternative address can be found somewhere on the site pages or from support.
Possible results of placing an order, with rare exceptions, are as follows:
• confirmation. It is important to understand that confirmation is usually not final. Firstly, it can only be a notification of the creation of an application that has yet to be processed; secondly, even if processing has taken place, the material may die during delivery and the package may turn around. In a particular store, the difference is determined empirically, but in general, it’s too early to divide the bearskin;
• decline. Instant rejection on the payment page during the order placement process. Possible reasons from least to most likely: technical problems of the store, including sad statistics (“nerdiness”); The anti-fraud system does not allow you to submit an application due to lack of trust in the client; problems with the material - invalidity, balance or various restrictions on the bank’s side;
• cancel. Cancellation notification by email after placing your order. A similar description of the reasons: death of the material due to the reaction of the owner or bank; problems with the material that were not identified at the application stage; a negative response from the anti-fraud system - not only automatically, but also after manual verification by the operator or contact with the owner of the material;
• verification. For reasons of distrust, suspicion, general increased alertness or special attitude towards certain categories of goods, stores and business services (exchanges, exchangers, payment systems, etc.) may request verification of certain data.
In the case of stores, this is, in particular, a photo of the card used for payment (usually it is enough to cover everything except the last four digits of the number) or a request to contact support by phone to “clarify the details” - and in reality, to carry out verification with leading questions and information from the client’s life - “background”. The request comes by email; they rarely call on their own initiative.
Checks can be very different: past places of work, addresses, make of personal car, etc. You can find information in the same way as billing, but to make a call you should contact dialing services. In addition, such a request itself, depending on the store, may mean incorrect billing when placing an order.
In turn, business services adhere to the practice of “KYC” (know your customer, know your client) - legal requirements to combat money laundering, tax evasion, and other things. Based on the situation, you will have to turn to the services of dummies, verification services, drawing and selling documents.
At a minimum, you may need: SMS phone confirmation, bank account statement, photo of a document (passport or license) with special requests like “at an angle,” a personal photo along with documents, as well as proof of address - registration or a recent receipt for utility bills . At the most, up to video recordings or real-time conferences and even office visits.
Special verification methods: firstly, a request for data about a transaction, for example, the exact size of a microtransaction sent or authorized by the service ("mini-transactions"), a transaction identifier or a comment on it - used by both stores and business services. Secondly, the bank blocks the transaction until authorization through the owner’s or support contact’s email specified in the bank file.
Microtransactions are verified using enroll or calling the bank; a request for authorization through the owner’s email is, in fact, the death of the card (and outwardly no different from decline or cancel), since under normal circumstances there is no such access - but the scenario is infrequent and there is no point in getting hung up on it, and if necessary, you can try to improve the disguise, look for information to call the bank or change material.
Summarize. Details matter, and room for improvement can always be found, even when failures seem to occur for no apparent reason. The field of activity is in constant motion, and in order to always keep your finger on the pulse of events, you need to continue to experiment. That's all. Let's move on to the questions, put "?".
Serpantin666 19:58
I'll get ahead of myself again. When entering e-gift, what should be the interval between purchases? I drove in 4 Gifts for $25 each, from a non-BBB card, I did intervals of 5 minutes, but on the 5th entry there was a Decline, although after checking the card, the checker replied that it was alive
Payne 19:59
Natural. Have you ever bought something like this for yourself? This is not the most appropriate behavior.
Veles24 20:00
1.if when typing in it asks for 3DS, what should I do?
2. if the card did not go through in one store, can you try to get it into another store?
3.how to order goods for drop?
Payne 20:01
1. Described in the lecture.
2. Yes, definitely. The reuse of material will still be touched upon, although in a slightly different context.
3. Find a drop and order goods for it. Why this might not work, why it might work, what options there are regarding the material, etc. are described in the lecture.
pyokey 20:01
What is enroll?
Which warehouse intermediary do you recommend?
Payne 20:02
1. Online access to the material. Online banking. Material.
2. Warehouse? I don’t quite understand about the warehouse, but in general they are all public. You can choose yourself + there is a separate lecture.
Snork 20:02
Can you please talk about Enrolls? I understand that the topic has already been raised, but I would like more details from you.
What is this animal and what is it eaten with?
Payne 20:03
There is a separate lecture on this topic.
Stralixxx 20:03
There are 3ds cards with push notifications, how are such push notifications received?
Payne 20:03
Phishing, viruses and the like.
KimJo 20:03
1. What to do if you can’t break through BA using inexpensive methods? (and only partially comes with these cards, for example ZIP, City)
2. If you ask the store support about the possibility of sending to another address and they confirm it, can you try to send directly to the drop address?
3. What type of product is best to try to beat for training? (even if it’s cheap, but so that it’s possible to find sites with poor AF) Otherwise, you can’t even find illiquid goods from the store lists in small stores.
4. If I know the address of the real CH mail, does it make sense to register a similar one? Or is it better to take any old reg?
Payne 20:06
1. Try expensive ones, free ones from open or semi-open sources, or change the material.
2. Yes.
3. Actually illiquid. Any unpopular product, that is, not electronics or branded clothing or accessories.
4. No comparison with the real one is made. And even if it was carried out, what would it give if the mail is still incorrect, even if it is similar? Therefore, naturally, warmed mail is better.
Mr_Lotus 20:06
What is the difference between BA and enroll?
Payne 20:07
BA - bank account, bank account. Enroll - access to a card, usually a physical one.
Peter_Parker 20:07
I asked a question for the lecturer in PM and in the group, but didn’t hear an answer, so I decided to ask here.
I would like to ask a question about entering crypto exchanges/exchanges. If you enter crypto exchanges/exchanges in the realities of this time, is it necessary to better focus on the exchanges that allow you to enter or on the banks that allow you to enter?
Payne 20:07
Second.
Peter_Parker 20:08
Are you familiar with mercuryo and have you heard how best to work with it?
merch
Payne 20:09
Do not know.
Stralixxx 20:10
these cards already come with a push and this push comes in the form of an SMS, I came across this when working with merch, but I don’t understand how others received this push
Payne 20:10
That's what he answered. Various types of interception.
BaronLuffy 20:12
Please tell me, do you know such an email verification service emailrep.io? I recently bought a pack of old registry mails, checked several of them, none of them have registered social networks, but there are mentions of these mails in some years, is this also suitable or is it necessary for the social networks to show up?
Payne 20:13
Social networks would naturally be better. This is a cumulative indicator. The more of everything, the better.
vitoscanelli 20:14
Will they post links to past lectures? I would like to consolidate the material
Payne 20:15
So they are posted on the forum within 48 hours after each lecture, starting from the first.
vitoscanelli 20:15
starting from 6 they didn’t throw (
BaronLuffy 20:15
Can you please recommend a good shop with old regs, if possible?
Payne 20:17
Vitoscanelli 7 is posted there, I checked it. She was there yesterday. It's the eighth now, it will be today or tomorrow. I don't understand what you can't find.
BaronLuffy The choice of private services is mostly independent based on reviews and reputation. We cannot vouch for third party sellers of the material.
ya8no 20:19
and if I can’t guarantee that, are there any shops that you can just pay attention to?) maybe some that were thrown into the general conf are a little strange. thank you in advance
Payne 20:19
Alas
Any other questions about the topic of the lecture?
Well, since there are no more questions, I thank everyone for their presence and wish them good luck.
