More

    How To Do Carding – Part 4.1 | How Account Fraud Happens

    This is the fourth part of How to Do Carding Series. You can find about Part -1 (Introduction) and Part 2- (How does carding works here). In our previous part we talk about how does  carding works. So in this part we will talk about how account fraud happens. So, without any delay let’s start our topic.

    Do you dream of carding thousands of dollars worth of computer hardware on Newegg? It’s doable, but not easy. You have to follow the right steps. I carded a $10,000 gaming rig in under 2 weeks using platinum cards by following that guide, so I’m in position to tell you how.

    First thing, check the balance of your credit card. Now, before going crazy, remember this rule of thumb: Do not use card checkers! They burn the card very quick. Let me explain.

    Every transaction automatically gets a fraud score between 0 and 999. The system used to evaluate transactions is the same used by the big 4 banks and is called Fair Issac. Transactions having a fraud score over 300 will hit manual review by an agent, who will decide if they contact the cardholder or just let it though. Scores over 500 with auto-decline, block the card, and an agent will contact the cardholder. Some banks have different criterias, but things that can affect the fraud score are:

    •  Comparison with the usual spending pattern of the cardholder
    •  Location of the charge
    •  Amount
    • Risk factor of the associated merchant

    For example, a $20 charge in the cardholder’s local Walmart will not trigger anything, but a large purchase of $2000 on Newegg.com will have a high fraud score and probably auto-decline if the cardholder rarely makes online purchases.

    So how is this relevant?

    A small card-not-present charge followed by a big charge will make the fraud score very high, because they assume you are testing the card. If they see a small $1 charge, then a few minutes later a large purchase online, they will auto-decline the card and your plan will likely fail.

    There are much better ways to check if a card works. The best way is to call the bank’s toll-free number and use the automated prompts. This brings no danger, however use Spooftel to spoof your number to display the cardholder’s number. Once you do that, you are ready to call the issuing bank’s number and check how much is left on the card. Let’s get to it.

    Call the bank using your burner phone and have in hand the following information, according to the bank. The automated prompt will give you access to the transaction list, balance, and a few other options. Here is the information for the biggest 4 banks:

    Chase Bank – 1-800-432-3117

    •  Full card number
    •  Zip code

    Note: If you correctly spoofed the phone number, you will only be asked for the last 4 digits of the card, otherwise you will be asked for the full card number.

    Citibank – 1-800-627-3999

    •  Full card number
    •  Last 4 digits of SSN

    Bank of America – 1-888-421-2110

    •  Full card number
    •  Zip code

    Capital One – 1-800-955-7070

    • Full card number
    •  Last 4 digits of SSN

    If, for any bank, you enter the card number and the system immediately transfers you to an agent without additional questions, it means the account is closed and the card is burnt. No need to waste time on this one, just hang up and use another card. The agent will only tell you the same thing, and you will look dumb.

    It’s always a good practice to take note of the last transactions and amounts, just in case you get asked for them later. Listen to them and write them down, I recommend up to 8 transactions for maximum safety.

    So you have the balance and the available credit line now. Nice! So you know how much you can spend online. Before you go crazy though, there is one more obstacle you need to be aware of: many sites like Newegg or TigerDirect refuse to ship to an address that is not on file with the bank. And chances are that your cardholder does not reside at your drop address. Here is how we will solve this problem, introducing the Account Take-Over fraud, also known as ATO.

    ATO is the process in which a fraudster (you) calls the bank to make whatever changes he wants to the account, without the cardholder knowing. This involves speaking with a customer service agent and using social engineering. Before you even think about pressing 0 to speak to an agent, make sure you have, at the very least, the following information in hand:

    •  Full card number, expiration date, CCV code
    •  Full billing address of the cardholder (and county)
    •  Date of birth (and write down the age too, not just the DOB)
    •  SSN
    •  MMN (Mother Maiden Name)
    •  Employer name (facultative, if possible, try to find it on Facebook)
    •  Car make and model (facultative, if possible, try to do a Google StreetView on the CH’s house)
    • House size and value (facultative, if possible find it in realestate.com as this is public information)
    •  Driver’s license number, expiration, state (facultative)
    •  Previous addresses
    •  Background report

    In case you do not have the MMN, try to guess using common last names in the background report. If you really cannot find it, sometimes it is possible to get around it with other questions. Once you have this information in hand, study it, try to remember it. Remember, you are the cardholder, the card is yours, and you are confident, just like when you call your own bank for a legitimate request.

    When you call the bank, you will be usually asked for 3 security tokens. Those tokens can be, but are not limited to: DOB, SSN, Address, CCV code, cellphone, MMN. If you fail 1 token, you will be asked 2 more. At this point, 2 things can happen:

    1.  You did it correctly, so the agent will listen to you and will do whatever request you have to do on the CH’s account, and no flags will be raised.
    2.  The agent suspects an ATO is occuring, and transfers you do the securiy department. This is called the Verid department, and you will be asked 2 OoW (Out of Wallet) questions. Those are multiple-choice questions based on the cardholder’s credit history and public records. They can be easy or tricks, it’s random every time it happens. If you fail those, they will tell you that they can’t help you and will suggest you show up in person at your bank. They will also ring the cardholder. So if you fail this one, forget this card, it’s burnt to a crisp.

    The first thing you want to do on the account is change the billing phone number. Only that. Do nothing else, as making too many changes will raise a red flag on the account. Call to change the main billing number and let the card sit still for at least 5 days.

    All right, are you ready?

    Relax, sit in your favorite couch, call the bank, listen to the prompts, and press 0. The message goes on, this call may be recorded for quality purposes.

    This section is getting too long we will post another part of this post in next article so be updated 🙂

    Recent Articles

    How to use TOR as VPN | TOR VPN | 2020 | Protect your identity online

    Yes, you heard it right, use Tor as a VPN, i.e. TOR VPN. It may sound weird, but you can use TOR as a...

    Get 5k$ Amazon Credit For Free | 2020 | 100% Working Method

    Amazon Credit For Free - If you are running web and application servers in the cloud or deliver static and dynamic files quickly around...

    How to remove region code to backup DVD easily | 2020

    I love travel around the world and my friends the same as me. Of course, our every travelling finished with some special souvenir took...

    How to Get Free Personal Tutor| Tutor.com | 2020

    Like our recent article about Free Udemy Course, Mango Language, Lynda , this method to get own free personal tutor via tutor.com is also Library...

    How To Get Paid Udemy Courses For FREE | 2020 (100% Legal Method) |

    If you are the kind of person that enjoy learning alone or learning in screen then probably you have heard about Udemy and most...

    Related Stories

    1 Comment

    Stay on op - Ge the daily news in your inbox