Preparing for carding. Some aspects.

[Tomcat]

The optimal type of security should look like this. An external hard drive or USB flash drive on which a virtual machine is hidden in an encrypted container. From the virtual machine you access the network, using a VPN for security and a socks5 (or shh-tunnel) for disguise. So, let's take our drive, 20 gig is enough for a start. But over time, you may run out of space. Therefore, I advise you to take, for example, an SSD of at least half a terabyte.

We encrypt the drive with the TrueCrypt we previously downloaded. After that, we transfer our Windows image from which we will work to an encrypted container. We launch the image from the virtual machine. The system language should only be Eng. The antifraud system perfectly targets you in the Ru language, flash, media. This is almost 100% unsuccessful driving. You don’t have to worry about software with Russian language, shops don’t shoot them. We install on the basis (main system) of VPN. And from it you distribute it to the virtual machine. This usually happens automatically, through a virtual adapter that is already connected.

VPN - your freedom and anonymity. NEVER neglect it. It encrypts your traffic. We went to a darknet resource without VPN enabled and voila - all this is displayed by your provider. Next is a request from law enforcement agencies, the provider fires your website visits, and then the soldering iron is in... Well, you get the idea. ALWAYS use a VPN!
Which one should I use? - Paid!

After connecting the VPN, go to Check IP, learn my real IP computer address and my location by IP - WhatLeaks.com and check whether the country of the VPN you bought matches the country displayed on the site. We took the USA and on the USA website, which means everything is OK!

1. Setting up WebRTC
WebRTC technology allows you to determine your real IP bypassing VPN, proxy and socks connections, etc. We strongly recommend that you disable WebRTC based. At the moment this can only be done reliably in Firefox.

WebRTC on a virtual machine:
A) You can also disable it, however, merch with a well-configured AF notices this fact and reduces the % of traffic of your product.
B) Configure a firewall (can be built-in or third-party, for example Commodo) so that all packets (outgoing and incoming) pass only through the proxy connection. This way your WebRTC will be the same as that of the holder (and not disabled at all). This means + to karma and more chances of successful driving.

Protection
We put the antivirus on the basis. Don’t download anything onto the base, don’t open it, don’t install it, don’t give access to your team, in short, be a pushover. If something needs to be installed, opened, checked, read, etc., THEN open a virtual machine (you can create a special virtual machine where you will have a test site for a “nuclear weapon”) and do all this there. All of the above must be done if you do not want to lose your cue balls, valuable files, become a Dedik and many other perversions.

2. Risk factors (flags/triggers/bells)
Let's say that to successfully drive in, you must become a holder. This is the MOST important thing, if suddenly you don’t understand why you can’t drive something in, then immediately think that you are doing it differently, as if the holder himself would do it.

a. IP – must match the country of the material from which you are hitting and preferably the shop should also be from the country with which you have a checkmate.

b. E-mail - firstly, it should NOT be from some @Mail.ru and other free providers, the domain of the e-mail should preferably be from the country from which you have the CC. There are also corporate emails that cannot be obtained in the same way as free emails by simply going through the registration procedure. Typically, corporate mail is issued in various companies (construction, travel agencies, online stores, etc.), a striking example of corporate mail would be directorHOLDERNAME@cocacola.com. If the shop sees that your soap matches the country of the holder with the last name and first name in the nickname, and it’s also corporate... That’s it. We enjoy: you are guaranteed maximum approval points.
P.S. “e-mail for the holder’s country” - this means that at the end after the dot there is an abbreviation indicating belonging to a particular country: .ru, .ua, .pl, .nz, uk and so on.

3. Countries with a high risk of fraudulent transactions: Russia, Ukraine, Moldova, Belarus, Philippines, Indonesia, Hong Kong, Egypt, Lebanon, Macedonia. When entering from these countries, do not be surprised if, for unknown reasons, after successful entry, they refuse to send you a pack and return the money to the card.

4. Distance between the buyer’s IP and the delivery address. I bought it from the states, but the delivery address was Russia? “Oh, so this is a gift to our client’s beloved relatives in Russia! Of course a helmet! We are not barbarians! What if grandma’s birthday is coming soon, and we don’t send her away and ruin the poor woman’s holiday.” - the MacBook store operator will think. All this banter is to make it clear in your head that this is a very important fact when deciding whether to send you a pack or not, EVEN if the drive went through.

5. Check by bin. The bean determines which country you have a card and if the card does not match the IP, then... make sure everything matches).

6. Checking IP for publicity (open ports such as 1080, 8080, etc.)
You can check open ports and whether your IP is being used as a proxy at Whatleaks.com

7. Checking IP in spam lists. Check everything there. There are also paid services that have a much wider list of databases (than free ones), which have access to databases such as Maxmind, which have all the blacklist databases.

8. DNS is a computer distributed system for obtaining information about domains.
Most often used to obtain an IP address from a host name, obtain information about mail routing, serving hosts for protocols in a domain. In simple words, this is an intermediate point between your IP and the store. So it should also preferably coincide with the holder’s country. How to do it? Type into Google: “DNS of Germany\America\Australia” or take it from the Public DNS Server List website, then copy it, and then follow these instructions: Setting up DNS on a Windows computer.
The minimum you can do is install DNS from Google. To drive into some unpopular shop, this will be enough in most cases.

9. Phone. What phone number should I enter in the entry field?
Earlier I said that we must match the holder, but not in this case, or rather, not entirely. If you indicate the holder's phone number, they may call him (not necessarily, of course), but they can. So what should we do? The first thing you can do and the simplest thing is to change the last couple of digits of the phone number (not the first digits, because there is a code in the second third and fourth digits that points to a specific region, which can burn us if we change them incorrectly) . And if they call this number, it will either be inactive, or someone will say: “You are in the wrong place and will disconnect, or (worse) I don’t know what package I’m talking about.” The second thing you can do is to spam the holder’s phone number with calls so that it is always busy. And third, buy a number on Skype and indicate it as the holder’s number. In this case, if your English is OK, you can answer the call yourself, which will raise the trust to the order (just read all the information about the holder that you have just in case and ALWAYS calculate how old the holder is because They often ask how old you are, and you say: “Well, God knows, I’m from 1956, even though I have problems with my memory) or put an answering machine on it. So, if you call, the number will at least be active.

10. Information that can be accessed by a shop, bank, office, etc.
The shop can request your name and phone number from the bank. Banks may request answers to security questions (where you lived before, who you were married to, etc.). This information can be found out by breaking through the BG (back ground - all information related to the holder’s personal life). You can use the services of colleagues who provide this information for a fee, or you can enter the service yourself and find out. They may ask for SSN, DOB, MMN (mother's middle name) - we have an analogy of TIN, date of birth, mother's maiden name. Using AVS (address verification system) they can find out at what address the card is registered. This system applies to the following countries: USA; Mexico; Australia; Brazil; New Zealand; England; Canada. When entering cards from these countries, the billing address must match the information that came with the card, otherwise 99% of entries are unsuccessful.

 

[lupin6969]

Hello Tomcat I am a complete newbie when it comes to carding and have been browsing and reading this site for a few days now and still trying to figure out what is the absolute safest setup. So in order to dumb it down you are saying we need to
1) Purchase a 20 GB hard drive
2) Encrypt the drive with True Crypt
3) Purchase a VPN (How do you purchase a VPN Anonymously??)
4) Confirm VPN Location with Whatleaks.com
Have I missed anything? Am I completely wrong. Please let me know. Thanks.

 

[Tomcat]

Hello. Take your time and read this forum carefully for at least a week or two. Feel free to ask any questions. We are happy to answer them and help newbies with Strat.
1. The hard drive can be of any size. 20 gigabytes is enough. You can buy an external one for ease of use.
2. You can do without this, but it is better to do it for your anonymity and safety.
3. You can purchase a non-logging VPN by paying for it with cryptocurrency.
4. You can check your VPN for leaks using these sites -
"Services for checking anonymity, fingerprint, WebRTC, Canvas, IP, WebGL":

https://carder.market/threads/20-services-for-checking-anonymity-fingerprint-webrtc-canvas-ip-webgl-etc.150170/

When you complete these steps, you need to continue setting up the system and now you have a choice - install a virtual system or install an anti-detection browser.
You also need to choose a proxy provider. When everything is ready, you can buy CC, decide on cardable sites and start carding.

 

[lupin6969]

Thank you for taking the time to answer my questions I am very grateful. If you do not mind I have a few more. Please excuse my lack in expertise when it comes to certain topics I just want to be very clear and I am sure my questions will help someone else as they navigate through the process.
1) In your opinion, in the states what is the most anonymous untraceable way to purchase crypto such as bitcoin
2) What Non-Logging VPNs would you personally recommend? What sock5 proxies would you personally recommend?
3) You said above
" We encrypt the drive with the TrueCrypt we previously downloaded. After that, we transfer our Windows image from which we will work to an encrypted container. We launch the image from the virtual machine."
What do you mean by windows image? This is a term I do not understand.
4) You said above
"We put the antivirus on the basis. Don’t download anything onto the base, don’t open it, don’t install it, don’t give access to your team, in short, be a pushover. If something needs to be installed, opened, checked, read, etc., THEN open a virtual machine (you can create a special virtual machine where you will have a test site for a “nuclear weapon”) and do all this there."
What is the base? Is this a term that means the hard-drive which contains the encryption and where we will be launching the virtual machine. (I have no idea what i am talking about here just to be clear)
5) I purchased my laptop from a pawnshop using cash only and have not used it for any personal reasons just browsing on tor. However, it has connected to my home network. Is this laptop unusable because of this choice. I have the resources to purchase another laptop and I can if I need to.
6) Would you recommend working in public places with public wifi such as libraries and cafes. Obviously my back would be against a wall and I would look for cameras.
7) I intend to ask many more questions and will be active daily trying to absorb as much knowledge as I can and I humbly ask for patience and guidance. Thank you.

 

[Tomcat]

1) In your opinion, in the states what is the most anonymous untraceable way to purchase crypto such as bitcoin

Purchasing cryptocurrency such as Bitcoin is a common method, no different from other methods where you need to pay with a stolen valid card.
The most important thing is to configure the system to work, which should not leak.
To protect ourselves, first of all we must use a VPN that does not log. Similarly, we choose a proxy service that does not save traffic - a log of visits to any sites when using it. First of all, your IP address must be clean and close to the cardholder, but at the same time anonymous for you.
Also, do not forget, after purchasing cryptocurrency, to clean it and confuse your tracks using a reliable mixer.
If you need more anonymity, I recommend buying monero rather than bitcoin, as it is more difficult to track.

2) What Non-Logging VPNs would you personally recommend? What sock5 proxies would you personally recommend?

I will not recommend specific services for that matter. if you are not satisfied with their work, you were not offended and did not associate me with them. All services have different quality.
I can only suggest that you can choose a reliable VPN or a good proxy provider in this section of the forum, which contains advertising topics for proven services:

Security Services

Antidetect, VPN, Proxy/Socks5, RDP, SSH tunnels etc.

carder.market

Before paying, be sure to check with them whether the anonymity policy is followed and clarify the working conditions.

3) What do you mean by windows image? This is a term I do not understand.

It is recommended to install Windows 7, 10 or 11 as the operating system on the virtual machine.
You must create an image (a unique digital fingerprint) of your computer as a typical cardholder who uses a popular operating system in the eyes of the site’s anti-fraud system.

4) What is the base? Is this a term that means the hard-drive which contains the encryption and where we will be launching the virtual machine.

The base is the main operating system installed on the virtual machine. You can place it on an external hard drive or flash drive for ease of use. On it we can install the necessary software and programs for work.
Also, the base is an OS located on the internal hard drive of the computer. On which, instead of a VM, we can install the Anti-Detect browser.
Each carder himself chooses from which basis (base) he will work.

5) I purchased my laptop from a pawnshop using cash only and have not used it for any personal reasons just browsing on tor. However, it has connected to my home network. Is this laptop unusable because of this choice. I have the resources to purchase another laptop and I can if I need to.

Many carders are not afraid and connect their computer to their home network, but this does not provide 100% anonymity.
If you do not steal millions of dollars, then no one will track or catch you. There were no such cases.
Nevertheless, it is recommended to access the network from an Internet provider, with whom the contract is signed for a drop (dummy) or, for example, to connect to the Internet from an anonymous SIM card.

6) Would you recommend working in public places with public wifi such as libraries and cafes. Obviously my back would be against a wall and I would look for cameras.

It is not very convenient to be and work in public places. You must create a comfortable workplace. However, if you feel comfortable, you can try it.
Well, you need to think about paranoia and the fact that you will be figured out. You need to keep your vigilance and psyche in a normal state and then you will achieve success.

7) I intend to ask many more questions and will be active daily trying to absorb as much knowledge as I can and I humbly ask for patience and guidance. Thank you.

Please ask any questions and in any quantity. We must help each other. I will be happy to answer all questions and hope that the information I shared will really help you get started with carding in 2024.

 

[lupin6969]

For question 1, You say "To protect ourselves, first of all we must use a VPN that does not log. Similarly, we choose a proxy service that does not save traffic - a log of visits to any sites when using it.". I understand this but my question perhaps is so elementary that it is difficult to understand. How can I use a VPN and a Proxy to buy crypto anonymously when to subscribe to these services you need crypto in the first place. I understand this is a very basic question but I truly need clarity. This is the plan i constructed to buy crypto anonymously for the VPN and Proxy, please tell me issues with this plan and if it is truly anonymous.
1) Purchase bitcoin on Trust Wallet or Cash App with my real identity
2) Send Bitcoin to an online wallet (You recommended online wallets in a different thread for beginners)
3) Use a reliable bitcoin mixer to mix the bitcoin
4) Using Tor go to LocalMonero and exchange bitcoin for XMR

I understand the first step is to have a reliable non-logging VPN and a reliable proxy. However, I simply do not posses enough knowledge of acquiring the crypto in a anonymous way to subscribe for these services. I guess I am asking a step by step to buy crypto anonymously here in the states. I am in step 0 and need help before moving unto the next stages. Thanks.

 

[Tomcat]

You have indicated a good chain for purchasing cryptocurrency, I agree with you and you can act.
However, I advise you to buy BTC through a cryptomat.

Crypto ATMs exist for the anonymous purchase of bitcoin. From an anonymity point of view, Bitcoin ATM is one of the most convenient options. They are very common in the USA, less common in Europe.
Cryptocurrency ATMs operate with cash, meaning it is impossible to track a transaction made in this way. To search for a crypto ATM in your country, you can use the service coinatmradar.com or similar.

How to anonymously buy bitcoin cryptocurrency?
It is necessary to use services that do not require identity verification (KYC). These include exchangers, some exchanges and p2p exchanges, Telegram bots, Payeer payment system, etc.

What exchanges are there without verification where you can buy bitcoin?
For example, Bybit, OKX, YoBit, Payeer Exchange and others. Some of them allow you to make transactions only with cryptocurrencies without verifying your identity, but not with fiat money.

Is identity verification required in bitcoin exchangers?
No, most services do not require this.

What payment systems allow you to work anonymously with the BTC cryptocurrency?
Payeer (up to withdrawal 999 USD per day).

How to anonymously buy bitcoin cryptocurrency using a p2p exchange?
Such platforms (not all) make it possible to exchange cryptocurrency for fiat without confirming your identity or vice versa, interacting directly with other users.

How to anonymously top up a bitcoin wallet?
Decentralized BTC wallets are anonymous by default. You need to copy the wallet address generated by it and paste it when transferring funds from any of the above platforms.

How to ensure absolute anonymity?
Even if the service does not require verification, but you used a personalized card or wallet for the purchase, then this operation is no longer completely anonymous. You can maintain confidentiality only by using exclusively decentralized blockchain services (wallets, exchanges) and bitcoin mixers for anonymization.

Where to store BTC after purchase to keep it safe?
In offline wallets, for example. Electrum, Exodus, including hardware (SafePal, Ledger, etc.).

How to anonymously buy bitcoin from a card?
Exchangers make it possible to buy without verification, but you must understand that there will be no complete anonymity - all card transactions are controlled by the bank.

How to cash out bitcoin anonymously?
Withdrawals to a bank card will not be confidential. Options - exchange for cash through exchangers, withdrawal to Payeer, receiving cash from a cryptomat.

How to create an anonymous bitcoin wallet?
You need to download a non-custodial crypto wallet application, for example, Bitcoin Core or Trust Wallet, generate a seed phrase and private key, and ensure their secure storage.

You can also find people on the forums who, when meeting in person, will replenish your wallet for cash.

How to anonymously receive and cash out cryptocurrency is described in this post:

https://carder.market/threads/ways-to-spend-cashout-bitcoin.150233/post-684837

 

[lupin6969]

I have looked up a couple Bitcoin ATM's nearby and for small purchases for 1,000 and below they require SMS verification. What should I do about this? I guess a burner phone perhaps. Sorry foolish question. Also don't most bitcoin ATMs have cameras? How do you bypass this? Do you wear masks, hats etc? Also I am curious about bitcoin mixers, how illegal are they and how do they function?

 

[Tomcat]

To confirm via SMS, we can use a special phone for work, into which we will insert an anonymous SIM card issued to a drop (a front person).

A phone with Internet access is always needed, as it is much better to practice carding from a phone. The number of successful card payments is much higher since it is easier to bypass the site’s Anti-fraud protection.
An Antidetect browser with a proxy is installed on the phone and you can work.

I always take precautions when purchasing Bitcoin from an ATM. I do this with a Covid mask and a baseball cap covering my face. You can also wear black glasses.

Video cameras are installed both on the street and in the ATM itself, but their video recordings are stored from 3 days to 1 month (maximum 3 months). In such a period, it is unlikely that anyone will be able to identify you. This is very labor-intensive work. In addition, there are not a single case known when the identity of a carder or another fraudster was established using an ATM.

Do not use cards of the country in which you live for carding; it will be almost impossible to find you.

All Bitcoin transactions are recorded in a public ledger (blockchain). This system is completely transparent, which eliminates the possibility of corruption on the network, and it is peer-to-peer, which means that the authorities or other structures cannot control it. However, the transparency of the system can also be a disadvantage for cryptocurrency owners who want to maximize their anonymity. For this purpose, special services have been developed - Bitcoin mixers, which allow you to maintain confidentiality when managing your financial assets.

A cryptocurrency mixer is a tool for increasing the anonymity of transactions in blockchain networks. When a user sends a transaction through it, the mixer breaks it into many small particles, and then mixes it with other people’s transactions in such a way that not a single “piece” of the original transaction remains in the transfer of a particular user. Having done this, the mixer sends the transaction in parts to the final wallet specified by the user. You can make such a transfer either to another person or to yourself in order to receive “clean” bitcoins.

The user can further split the transaction into several separate amounts to hide the actual amount sent. Distributing funds among multiple wallets makes it impossible to trace the connection between the sender and the recipient. Mixers charge a commission of 0.5–3% of the transaction amount for their services.

There are isolated cases where, with large turnovers and cryptocurrency laundering, the owners of the mixers were prosecuted, but the clients were not touched, apparently they could not figure it out or did not want to prosecute them.

 

[lupin6969]

"To confirm via SMS, we can use a special phone for work, into which we will insert an anonymous SIM card issued to a dropa (a front person)." What do you mean by drop person and what do you mean by anonymous SIM card. Will going to a grocery store and purchasing a burner phone with cash not suffice?

"A phone with Internet access is always needed, as it is much better to practice carding from a phone. The number of successful card payments is much higher since it is easier to bypass the site’s Anti-fraud protection. An Antidetect browser with a proxy is installed on the phone and you can work."
Okay, this is new information I was always under the assumption most carding was done behind a PC or computer. Interesting.

 

[Tomcat]

A drop is a deceived fake person for whom we can draw up an agreement with an Internet provider, apply for a card in a bank with online access for personal purposes, or register an agreement with a telephone operator for his personal data, and take the SIM card for ourselves.

The most important thing is that the drop does not know you personally and cannot identify you. If detected, the drop will have problems, and you will remain clean and safe.

If you sell a disposable phone with a SIM card that will work, then you can do without drop services.

Every day more and more people are shopping online using their phone. Therefore, cardable sites and stores adapt to mobile traffic.

Also, many carders work on a computer or laptop on which they install a mobile phone emulator. Everyone chooses what they like best.

 

[KeepTrying]

The optimal type of security should look like this. An external hard drive or USB flash drive on which a virtual machine is hidden in an encrypted container. From the virtual machine you access the network, using a VPN for security and a socks5 (or shh-tunnel) for disguise. So, let's take our drive, 20 gig is enough for a start. But over time, you may run out of space. Therefore, I advise you to take, for example, an SSD of at least half a terabyte.

We encrypt the drive with the TrueCrypt we previously downloaded. After that, we transfer our Windows image from which we will work to an encrypted container. We launch the image from the virtual machine. The system language should only be Eng. The antifraud system perfectly targets you in the Ru language, flash, media. This is almost 100% unsuccessful driving. You don’t have to worry about software with Russian language, shops don’t shoot them. We install on the basis (main system) of VPN. And from it you distribute it to the virtual machine. This usually happens automatically, through a virtual adapter that is already connected.

VPN - your freedom and anonymity. NEVER neglect it. It encrypts your traffic. We went to a darknet resource without VPN enabled and voila - all this is displayed by your provider. Next is a request from law enforcement agencies, the provider fires your website visits, and then the soldering iron is in... Well, you get the idea. ALWAYS use a VPN!
Which one should I use? - Paid!

After connecting the VPN, go to Check IP, learn my real IP computer address and my location by IP - WhatLeaks.com and check whether the country of the VPN you bought matches the country displayed on the site. We took the USA and on the USA website, which means everything is OK!

1. Setting up WebRTC
WebRTC technology allows you to determine your real IP bypassing VPN, proxy and socks connections, etc. We strongly recommend that you disable WebRTC based. At the moment this can only be done reliably in Firefox.

WebRTC on a virtual machine:
A) You can also disable it, however, merch with a well-configured AF notices this fact and reduces the % of traffic of your product.
B) Configure a firewall (can be built-in or third-party, for example Commodo) so that all packets (outgoing and incoming) pass only through the proxy connection. This way your WebRTC will be the same as that of the holder (and not disabled at all). This means + to karma and more chances of successful driving.

Protection
We put the antivirus on the basis. Don’t download anything onto the base, don’t open it, don’t install it, don’t give access to your team, in short, be a pushover. If something needs to be installed, opened, checked, read, etc., THEN open a virtual machine (you can create a special virtual machine where you will have a test site for a “nuclear weapon”) and do all this there. All of the above must be done if you do not want to lose your cue balls, valuable files, become a Dedik and many other perversions.

2. Risk factors (flags/triggers/bells)
Let's say that to successfully drive in, you must become a holder. This is the MOST important thing, if suddenly you don’t understand why you can’t drive something in, then immediately think that you are doing it differently, as if the holder himself would do it.

a. IP – must match the country of the material from which you are hitting and preferably the shop should also be from the country with which you have a checkmate.

b. E-mail - firstly, it should NOT be from some @Mail.ru and other free providers, the domain of the e-mail should preferably be from the country from which you have the CC. There are also corporate emails that cannot be obtained in the same way as free emails by simply going through the registration procedure. Typically, corporate mail is issued in various companies (construction, travel agencies, online stores, etc.), a striking example of corporate mail would be directorHOLDERNAME@cocacola.com. If the shop sees that your soap matches the country of the holder with the last name and first name in the nickname, and it’s also corporate... That’s it. We enjoy: you are guaranteed maximum approval points.
P.S. “e-mail for the holder’s country” - this means that at the end after the dot there is an abbreviation indicating belonging to a particular country: .ru, .ua, .pl, .nz, uk and so on.

3. Countries with a high risk of fraudulent transactions: Russia, Ukraine, Moldova, Belarus, Philippines, Indonesia, Hong Kong, Egypt, Lebanon, Macedonia. When entering from these countries, do not be surprised if, for unknown reasons, after successful entry, they refuse to send you a pack and return the money to the card.

4. Distance between the buyer’s IP and the delivery address. I bought it from the states, but the delivery address was Russia? “Oh, so this is a gift to our client’s beloved relatives in Russia! Of course a helmet! We are not barbarians! What if grandma’s birthday is coming soon, and we don’t send her away and ruin the poor woman’s holiday.” - the MacBook store operator will think. All this banter is to make it clear in your head that this is a very important fact when deciding whether to send you a pack or not, EVEN if the drive went through.

5. Check by bin. The bean determines which country you have a card and if the card does not match the IP, then... make sure everything matches).

6. Checking IP for publicity (open ports such as 1080, 8080, etc.)
You can check open ports and whether your IP is being used as a proxy at Whatleaks.com

7. Checking IP in spam lists. Check everything there. There are also paid services that have a much wider list of databases (than free ones), which have access to databases such as Maxmind, which have all the blacklist databases.

8. DNS is a computer distributed system for obtaining information about domains.
Most often used to obtain an IP address from a host name, obtain information about mail routing, serving hosts for protocols in a domain. In simple words, this is an intermediate point between your IP and the store. So it should also preferably coincide with the holder’s country. How to do it? Type into Google: “DNS of Germany\America\Australia” or take it from the Public DNS Server List website, then copy it, and then follow these instructions: Setting up DNS on a Windows computer.
The minimum you can do is install DNS from Google. To drive into some unpopular shop, this will be enough in most cases.

9. Phone. What phone number should I enter in the entry field?
Earlier I said that we must match the holder, but not in this case, or rather, not entirely. If you indicate the holder's phone number, they may call him (not necessarily, of course), but they can. So what should we do? The first thing you can do and the simplest thing is to change the last couple of digits of the phone number (not the first digits, because there is a code in the second third and fourth digits that points to a specific region, which can burn us if we change them incorrectly) . And if they call this number, it will either be inactive, or someone will say: “You are in the wrong place and will disconnect, or (worse) I don’t know what package I’m talking about.” The second thing you can do is to spam the holder’s phone number with calls so that it is always busy. And third, buy a number on Skype and indicate it as the holder’s number. In this case, if your English is OK, you can answer the call yourself, which will raise the trust to the order (just read all the information about the holder that you have just in case and ALWAYS calculate how old the holder is because They often ask how old you are, and you say: “Well, God knows, I’m from 1956, even though I have problems with my memory) or put an answering machine on it. So, if you call, the number will at least be active.

10. Information that can be accessed by a shop, bank, office, etc.
The shop can request your name and phone number from the bank. Banks may request answers to security questions (where you lived before, who you were married to, etc.). This information can be found out by breaking through the BG (back ground - all information related to the holder’s personal life). You can use the services of colleagues who provide this information for a fee, or you can enter the service yourself and find out. They may ask for SSN, DOB, MMN (mother's middle name) - we have an analogy of TIN, date of birth, mother's maiden name. Using AVS (address verification system) they can find out at what address the card is registered. This system applies to the following countries: USA; Mexico; Australia; Brazil; New Zealand; England; Canada. When entering cards from these countries, the billing address must match the information that came with the card, otherwise 99% of entries are unsuccessful.

1. How can you truly be anonymous? For example, to gain some security, buying a VPN to run on your VM (or on your host) or a proxy to use on your anti-detection browser requires payment. Initially, you're forced to use your real information. You can't use a stolen credit card to buy any of the above because to buy that card you need to be anonymous, which requires either: a) paying for a VPN, or b) using an anti-detection browser with a paid proxy.

Question number 1: So Can you really be anonymous? What I see is buying a large amount of Bitcoin using your legitimate credit card information, running it through a mixer, and then using the clean Bitcoin to buy the above and start with carding. Am I correct, or is there another approach that does not require such a large investment to even start off with carding?

WebRTC on a virtual machine: A) You can also disable it, however, merchants with a well-configured AF notice this fact and reduce the percentage of traffic of your product. B) Configure a firewall (can be built-in or third-party, for example, Comodo) so that all packets (outgoing and incoming) pass only through the proxy connection. This way, your WebRTC will be the same as that of the holder (and not disabled at all). This means positive karma and more chances of successful driving.

1. IF WebRTC is relevant also for someone who will use an anti-detect browser, please answer the following:
   a) Do you also need to disable WebRTC on an anti-detect browser IF it comes with that option? b) Do we enable the cookies notification from Chrome when we first log in on the anti-detect browser? Do we choose something other than Chrome?
2. About the anti-detect browser, I am from Europe. I want to set up shops, pay those shops with credit cards, and cash out. I've read some of your guides and news about carding, etc., and I wanted to ask you about the fingerprint that we make on the anti-detect browser.
   a) Can't the anti-fraud system see that we are using an anti-detect browser? Can't it see that our cookies are 15 minutes to 1 hour old? Isn't that bad? b) I've read about inserting a custom fingerprint of the card owner, and I wonder how that is achieved. Do you mean by warming up the store or the card, or how?
3. For someone who wants to do what I do (from Europe, setting up shops, paying those shops with credit cards, and cashing out), what kind of credit card needs to be bought specifically?

(After you answer this question, I want to ask you a huge question about setting up the shop and in-depth questions that I have even after reading most of the forums regarding this subject.)

I am waiting for your response. It is crucial for me to get answers to these questions so I can move on.

 

[Carding Forum]

In order to start carding, some investments are required, first we must buy a VPN, live CC and private residential proxies suitable for it. Antidetect can be used free of charge. We buy all materials for work using cryptocurrency. In order to get this cryptocurrency, do not use your personal CC. You must buy cryptocurrency through a Bitcoin ATM or an anonymous exchanger that operates in your city by paying in cash.
After receiving the cryptocurrency, it is not necessary to mix it in a mixer, since in the mixer we launder only the cryptocurrency received from carding.

WebRTC can be disabled in an Anti-detect browser, but it is better to use a substitution, since the site’s anti-fraud system will immediately notice that you are working with WebRTC disabled and will add fraud points to your account.

A strong Anti-fraud system can notice that you have fresh cookies, so you can import a set of old cookies into the anti-fraud browser.

When creating a new profile (new session) in the Anti-Detect browser, we can set the digital fingerprint of the cardholder's browser (if you know it).

For work, you can buy any cards depending on the payment gateway (merchant) into which you will enter the card. If it is 3D Secure, then we buy a card with Non-VbV bin or Non-MCSC bin. If you are going to work with 2D Secure, then we can buy any VbV card.

Please ask questions.

 

[KeepTrying]

In order to start carding, some investments are required, first we must buy a VPN, live CC and private residential proxies suitable for it. Antidetect can be used free of charge. We buy all materials for work using cryptocurrency. In order to get this cryptocurrency, do not use your personal CC. You must buy cryptocurrency through a Bitcoin ATM or an anonymous exchanger that operates in your city by paying in cash.
After receiving the cryptocurrency, it is not necessary to mix it in a mixer, since in the mixer we launder only the cryptocurrency received from carding.

WebRTC can be disabled in an Anti-detect browser, but it is better to use a substitution, since the site’s anti-fraud system will immediately notice that you are working with WebRTC disabled and will add fraud points to your account.

A strong Anti-fraud system can notice that you have fresh cookies, so you can import a set of old cookies into the anti-fraud browser.

When creating a new profile (new session) in the Anti-Detect browser, we can set the digital fingerprint of the cardholder's browser (if you know it).

For work, you can buy any cards depending on the payment gateway (merchant) into which you will enter the card. If it is 3D Secure, then we buy a card with Non-VbV bin or Non-MCSC bin. If you are going to work with 2D Secure, then we can buy any VbV card.

Please ask questions.

Thanks for replying, i thought ill get notifications but i just noticed that i have to turn on ''watch mode'' for that.
My questions are:

WebRTC can be disabled in an Anti-detect browser, but it is better to use a substitution

1) What is a substitution? Is it the method you describe about digital fingerprint?

We have a cc here. ( I am stating that I am not responsible for any information shared. This is a hypothetical example, and this image is fake. If it matches a real credit card, it is not my responsibility. This is for educational purposes)
2) So , is this the digital print or the cookies? If not, what is it?

If you are going to work with 2D Secure, then we can buy any VbV card.

Can you explain how do i know if the merchant uses 2D or 3D with an up to date working method?
And i just realised how IMPORTANT is inserting owners fingerprint and cookies. VERY.
Thanks for answering my questions in advance Teacher.

 

[Carding Forum]

In some anti-detect browsers, you can enable “WebRTC substitution (spoofing)”. I recommend doing this, as it is better than disabling WebRTC.
The picture shows cookies, we can import them into the anti-detect browser.
Typically, CCs are sold without a digital fingerprint, and when creating a profile (session) in an anti-detect browser, we can assign any digital fingerprint of the browser and system.
How to know if a website got 2ds or 3ds payment gateway

 

[KeepTrying]

In some anti-detect browsers, you can enable “WebRTC substitution (spoofing)”. I recommend doing this, as it is better than disabling WebRTC.
The picture shows cookies, we can import them into the anti-detect browser.
Typically, CCs are sold without a digital fingerprint, and when creating a profile (session) in an anti-detect browser, we can assign any digital fingerprint of the browser and system.
How to know if a website got 2ds or 3ds payment gateway

Cookies and fingerprints are different things, or is a cookie part of the fingerprint?
Also, what anti-detect do you recommend for 2024?
Thanks in advance.

 

[Carding Forum]

A digital fingerprint and cookies are two different things, but when creating a new profile (new session) in the anti-detect browser, we can create a unique digital fingerprint of the system and import cookies (if you bought an account along with them).
You can try "Linken Sphere 9 Evolution" or the free "GoLogin".