2020-02-05 at 12:25 AM UTC
What do these guys buy exactly and how do they run the scams?
If you look on dark markets youll see like half the website is just carding dumps or whatever.
Not interested in doing it, just interested in how it works
2020-02-05 at 12:35 AM UTC
[keratinize my mild-tasting blossoming]
I can't speak to today's carding scene all that much, but back when I used to do it (roughly 17 years ago was when I stopped), it was all about buying "fulls" or "fulls with PIN", or "fulls with CVV."
This was all pre-chip days... Cards were just plastic with a magnetic strip, so you could actually recreate a full card with an magnetic writer (as log as you got a direct copy from someone skimming with a magnetic reader somewhere in the world).
But most of it was about using the 16 digit card number, first and last name, and address, to purchase things online and have them shipped to an address where you can safely retrieve said items, and then ultimately fence them on the black market.
This credit card information was typically obtained via phishing (emails linking to pages that look just like big companies' login pages, convincing them to enter their personal info, ultimately sending it to a database somewhere), or obtained via skimming (for direct card replication, something kinda different).
Nowadays, I'm not too sure how it works, but with the chip and all, I imagine that skimming is dead. Phishing and other social engineering methods are probably all that's left.
The following users say it would be alright if the author of this
post didn't die in a fire!
2020-02-05 at 12:40 AM UTC
Essentially what you do is buy 100 numbers on the darknet and use that info to order expensive name brand stuff off Amazon to drop houses and most of your time is spent coordinating getting those items and selling them for cash. Or just selling them on Amazon or eBay.
Or you can make a seller account on eBay and list brand name items and when the person makes a purchase just use the stolen credit card info to buy the item from the manufacturer and have it sent to them
2020-02-08 at 4:02 PM UTC
I'm not sure how it's done.
There is apparently a way to attack EMV. I believe it works like this...
A skimmer is place in/on the ATM. The customer inserts their card, types in their PIN, and selects the amount they wish to withdrawal. The skimmer only collects this information but allows it to go through as usual. The skimmer also has a fake bank setup on it and replicates another transaction with a future date, time, withdrawal of a specific amount, and collects the information needed to transact with the real bank. The attacker later shows up at the specific time in the future and uses that data to withdrawal the specific amount.
This would be risky if a criminal was buying this info. They would have to show up at a specific time and I believe at a specific ATM to cash out. So if they bought it from Fred, it'd be an easy bust.
2020-02-10 at 8:27 PM UTC
I do not card. I do other things.
2020-02-10 at 8:35 PM UTC
I was thinking
what if you worked at dairy queen and had a machine by the drive thru or even just jotted down the numbers on the credit cards before you gave them back to the customer?
obviously might not want to use them all at once