📙 A Newcomer's Fraud Dictionary 📙

[Crown1ade]

Grace

 

[Crown1ade]

Good

 

[macsam991]

A Newcomer's Fraud Dictionary
To everyone starting out in carding you might feel lost in the sauce with all the jargon and terms being thrown around. I get tons of basic questions about carding terminology in my inbox every day. So I put together this no-bullshit dictionary focused on the fundamentals. No fluff or filler - just straight facts about the key concepts and terms handpicked by yours truly. This list will help you learn the basics while avoiding the parasites and scammers in the scene. I will be updating it regularly to keep the info fresh since there are simply too many terms to list all at once. See something missing outdated or just plain wrong? Just reply to add more info. The more knowledge we share the stronger we get. Lets get it.

View attachment 6470


Online Carding
View attachment 6471​

• CC - A payment card (debit or credit) issued by banks that lets people make purchases. Contains important data like card number expiration date and security code
• CVV - The card verification value is a 3-4 digit security code found on the back of cards. Also used to refer to a credit card that includes this security code
• CCN - Credit card number without the CVV security code. Used on sites with lower security or for certain subscription services
• Fullz - Complete identity information package including name address SSN DOB and other personal details needed to verify identities. Essential for opening accounts and verifying purchases
• Proxies - Servers that forward traffic to hide real IP address. Essential for avoiding detection when making purchases and accessing sites
• Socks - Type of proxy that routes traffic through the SOCKS protocol. More secure than regular HTTP proxies.
• Residential Proxies - IP addresses from real homes and ISPs that mask location. Most effective for avoiding detection since they look like real users
• RDP - Remote desktop protocol lets you control another computer from anywhere. Used to access virtual machines for carding from clean IPs
• VPN - Virtual private network encrypts your internet traffic and hides your real IP address. Basic protection but not as good as residential proxies
• Bins - Bank identification numbers are the first 6-8 digits of a card that identify the issuing bank and card type. Different bins have different success rates and sensitivities.
• Enrolls - Cards with online banking access that can be registered to bank accounts. Requires SSN and specific BINs to sign up. Allows viewing transactions and some BINs let you change billing address
• AVS - Address verification system used by merchants for certain countries (US,CA,UK,etc) to check if billing address matches card records. Important security measure which means you need accurate billing information to process transactions.
• Visa Alerts - Notification system that sends text/email alerts for card transactions. Useful for low-value transactions that need minicode

In-Store Carding
View attachment 6472​

• Cloning - Process of copying card data onto blank cards to create physical duplicates. Requires dumps MSR and proper encoding settings
• MSR - Magnetic stripe reader device reads and writes card data to magnetic stripes. Used to create physical cloned cards from dumps
• EMV - Chip cards contain a secure microchip that makes them harder to clone than magnetic stripe cards. Most modern cards use EMV technology.
• Dipping - Dipping a cloned card multiple times to force terminal to use magstripe instead.
• NFC - Contactless payment technology in cards lets you tap to pay. Mostly used on phones with data stored digitally.
• Skimmer - Device installed on card readers to steal card data when cards are swiped. Common on ATMs and gas pumps
• POS - Point of sale terminal processes card payments at stores. Some terminals are more vulnerable to attacks than others
• ATM - Automated teller machines dispense cash and accept deposits. Popular target for skimmers and shimming devices

Antidetection
View attachment 6473​

• Antidetect - Browser software that generates unique fingerprints to appear as different users. Needed to avoid browser fingerprinting detection
• Antifraud - Security systems that detect and block fraudulent transactions. Uses AI machine learning and risk scoring to identify suspicious patterns
• Fraud Score - Numerical value assigned to transactions based on fraud likelihood. Higher scores mean higher chance of being blocked
• Fingerprint - Unique combination of browser settings and data that identifies users. Includes canvas fonts plugins and other data points that need to be spoofed
• Canvas - HTML5 feature that renders graphics. Sites use canvas fingerprinting to identify users so antidetects must randomize canvas data
• WebRTC - Web protocol that can leak real IP address even with VPN. Must be disabled or properly configured in antidetect browsers
• Leaks - Various browser features that can reveal true identity. WebRTC DNS and other leaks must be patched
• Cookies - Small text files stored by browsers that contain login sessions and preferences. Stealing cookies can bypass 2FA and access accounts without passwords

Marketplace Terms
View attachment 6474​

• Escrow - Trusted third party service holds funds until both buyer and seller complete a transaction. Protects against scams but escrow services can exit scam too
• PGP - Pretty Good Privacy encryption protects messages and files from being read by others. Essential for secure marketplace communications
• Opsec - Operational security includes all practices to stay anonymous and avoid detection. Includes using secure communications VPNs and proper opsec habits
• Drop - Shipping address that cant be traced back to you for receiving purchases. Usually abandoned houses or services
• Method - Specific technique or process for committing transactions successfully. Good methods are closely guarded and sold for high prices
• Logs - Stolen login credentials and session data from hacked accounts typically through malware. Can include banking email and shopping accounts
• Sauce - Working method that consistently generates profits. Finding reliable sauce takes trial and error
• Burner - Temporary disposable phone number or email used to register accounts. Should only be used once then discarded
• RAT - Remote access trojan malware gives hackers control of infected computers. Used to steal credentials and data
• Vendor - Seller on dark web marketplaces who offers cards dumps or fraud tools. Reputation and reviews are important
• Exit Scam - When a marketplace or vendor suddenly disappears with everyones money. Always keep minimum balance in markets
• BTC - Bitcoin cryptocurrency used for most dark web purchases. Somewhat traceable so needs to be properly mixed
• XMR - Monero cryptocurrency focuses on privacy and untraceability. Preferred over Bitcoin for maximum anonymity
• Pros - Business identities and information packages sold on marketplaces. Contains EIN numbers business credit profiles and other data needed for business fraud and applying for loans/credit cards. High credit scores most valuable for loan fraud
• CPN - Credit profile number is a nine-digit number used instead of SSN to apply for credit. Created through various methods and sold on marketplaces. Used to take out loans open credit cards and build alternate credit profiles
• Stimmys - Government stimulus payments sent during emergencies like COVID-19. Targeted using stolen identities to claim multiple payments
• CR - Credit reports showing detailed history and scores. Used to verify business credit profiles and find high-value targets
• Scans - High quality scans of ID documents bank statements and utility bills. Essential for verifying identities and passing KYC
• Slips - Checks money orders and deposit slips used for bank fraud. Quality scans needed for successful deposits

Card Stuff
View attachment 6475​

• Dump - Raw magnetic stripe data containing card details in track1/track2 format. Used to create physical cloned cards
• PIN - Personal identification number needed for debit card purchases and ATM withdrawals. Usually 4-6 digits
• Balance - Amount of money available to spend on a card. Check balance before purchasing to avoid declines
• Limit - Maximum amount that can be charged to a card. Higher limits are more valuable but attract more attention
• Issuer - Bank that issued the credit card and processes its transactions. Different issuers have different security measures
• 3DS - 3D Secure is an authentication protocol that adds an extra security layer for online card payments. Requires additional verification through bank apps or SMS codes
• VBV - Verified by Visa is Visas version of 3DS. More commonly used as general term for any 3DS verification
• MCSC - Mastercard Secure Code protection for online transactions. Similar to VBV requires additional verification
• AMEX Safe - American Express SafeKey verification system for online purchases
• Auth - Authorization code proves a transaction was approved. Different auth codes mean different things.
• Decline - Failed transaction due to insufficient funds fraud detection or other issues. Too many declines burn cards faster
• ZIP - Billing zip code must match card records for address verification. Important part of cardholder data
• DOB - Date of birth of cardholder needed for verification. Part of fullz data used to verify identity
• MMN - Mothers maiden name is a common security question for card verification. Included in quality fullz
• SSN - Social security number uniquely identifies US citizens. Critical part of fullz used for identity verification
• Checker - Tool that tests if cards are valid and active. Essential for verifying card status before use
• Auth check - Small test charge to verify card works. Usually $1-2 that gets refunded
• Simple check - Basic card check charge. Higher success rate but can give false positives
• Refund - Methods to get money back from merchants after receiving goods. Social engineering and fake tracking numbers common tactics

Banking
View attachment 6476​

• Bank Drop - Bank account opened with fake or stolen identity to receive fraudulent transfers. Needs proper setup and maintenance to avoid closure
• SWIFT - International bank transfer system used to move large amounts between banks. High value target but heavily monitored
• Wire - Bank transfer between accounts usually domestic. Faster than ACH but has higher fees and scrutiny
• ACH - Automated clearing house transfer system for US bank transactions. Takes several days but less monitored than wires. Essential for large bank fraud schemes
• Bank Logs - Stolen online banking credentials with account access. Quality logs have good balance and minimal security
• Zelle - Bank-to-bank transfer service for sending money instantly. Critical tool for bank fraud due to instant transfers and hard to reverse. Popular but risky due to verification
• Cashapp - Payment app that can link to bank accounts. Used to cash out amounts with less scrutiny
• Bank Method - Specific technique for successfully getting money from bank accounts. Methods vary by bank and account type
• Bank Login - Credentials to access online banking portals. More valuable with higher balances and business accounts
• EMT - Electronic money transfer system used by banks. Methods exist to bypass recipient verification and send to any account instantly
• Load - Process of sending stolen funds to bank accounts under fraudster control. Usually done through online banking access for later cashout
• CU - Credit union accounts with lower security than major banks. Easier targets for fraud.

Spamming
View attachment 6477​

• Spam - Mass sending of unsolicited messages for fraud or scams. Used to get bank logs credit cards accounts and spread malware. Success depends on volume and avoiding detection
• Mailer - Software like AMS (Advanced Mass Sender) used for spam campaigns. Requires SMTP leads letter templates and proxy support
• SMTP - Simple Mail Transfer Protocol server that transmits emails. Private SMTP servers needed to send mass spam campaigns reliably
• Proxy - Server that forwards traffic to hide real IP address. Essential for avoiding spam detection and blacklists
• Leads - Email lists or phone number lists containing potential spam targets. Quality leads of active emails/active phones improve success rates
• Letter - Fake email template that mimics legitimate companies. Edited to trick victims into clicking phishing links
• Blast - Large spam campaign targeting many victims at once. Success needs good leads templates and sending setup
• Warmup - Process of gradually increasing spam volume to avoid detection. New IPs and domains need proper warmup
• Blacklist - List of blocked IPs and domains known for spam. Getting blacklisted stops spam campaigns
• Spamtrap - Fake email address used to detect spammers. Hitting spamtraps gets IPs blocked fast
• Cpanel - Hosting control panel used to host phishing pages. Hacked cpanels needed since legit hosts block phishing sites
• PHP Mailer - PHP script alternative to AMS tools for sending spam. Requires proper hosting and SMTP setup
  
  * Hidden text: cannot be quoted. *

General Terms​

• Opsec - Operational security includes using secure communications protecting identity and avoiding mistakes. Good opsec keeps you safe and profitable
• Resold - Cards resold on multiple marketplaces. Have high chance of being dead and blacklisted due to multiple buyers using them. Avoid unless price is very low
• KYC - Know Your Customer verification required by banks and some sites. Typically requires ID and selfie etc
• Burn - When a method stops working due to patches or detection. All methods eventually burn so diversify approaches
• Clean - Card or method that hasnt been used yet. Clean cards have highest success rates
• Hot - Flagged by fraud detection systems for suspicious activity
• Dead - Card or method that no longer works at all
• SE - Social engineering manipulates people into giving up sensitive information or access or allowing certain things to happen. Uses psychology and deception rather than technical hacks
• Fresh - New unused cards or methods with no fraud history. Best chances of success with fresh stuff
• Cashout - Process of converting stolen funds into clean cash. Many methods like purchases gift cards and bitcoin
• Linkable - Cards that can be easily added to digital payment apps like Cashapp Apple Pay or Google Pay. Often sold at premium but high risk of being fake or already linked. Many rippers pretend to sell linkables. Verify first
• Reship - Service that forwards packages to final destination. Adds layer of protection for carded goods
• Receiver - Person who receives and forwards money for commission. Takes on risk of detection
• Phishing - Creating fake websites to steal login credentials and card details. Common way to get fresh cards
• Scamshops - Online storefronts designed to steal credit card details. Spread through ads and fake deals. Look legitimate but only exist to collect card data
• Botnet - Network of compromised computers controlled remotely. Used for getting logs and DDoS attacks
• Loader - Person who specializes in sending fraudulent transfers and payment links to cash out cards/bank accounts.

Ripper Terms
View attachment 6479​

• Flash Transactions/Crypto Flashing - Fake blockchain exploit that claims to multiply cryptocurrency transactions. Scam method sold by rippers that doesnt actually work on any blockchain network. Common ripoff targeting new users
• EMV Clone - Methods that claim to enable EMV chip cloning for specific banks/BINs. Outdated scam that dont work in modern EMV systems. Commonly sold by rippers despite being useless
• WU Transfers - Western Union transfer scam where rippers claim to have exploits in WUs system. They ask for payment upfront promising to send larger amounts back through Western Union. Classic decades-old scam that never works but still commonly used to target new users
• More to be added soon...

ty

 

[zymba]

good

 

[Kaziz]

Nice info

 

[pampara0414]

d0ctrine,

 

[pampara0414]

A Newcomer's Fraud Dictionary
To everyone starting out in carding you might feel lost in the sauce with all the jargon and terms being thrown around. I get tons of basic questions about carding terminology in my inbox every day. So I put together this no-bullshit dictionary focused on the fundamentals. No fluff or filler - just straight facts about the key concepts and terms handpicked by yours truly. This list will help you learn the basics while avoiding the parasites and scammers in the scene. I will be updating it regularly to keep the info fresh since there are simply too many terms to list all at once. See something missing outdated or just plain wrong? Just reply to add more info. The more knowledge we share the stronger we get. Lets get it.

View attachment 6470


Online Carding
View attachment 6471​

• CC - A payment card (debit or credit) issued by banks that lets people make purchases. Contains important data like card number expiration date and security code
• CVV - The card verification value is a 3-4 digit security code found on the back of cards. Also used to refer to a credit card that includes this security code
• CCN - Credit card number without the CVV security code. Used on sites with lower security or for certain subscription services
• Fullz - Complete identity information package including name address SSN DOB and other personal details needed to verify identities. Essential for opening accounts and verifying purchases
• Proxies - Servers that forward traffic to hide real IP address. Essential for avoiding detection when making purchases and accessing sites
• Socks - Type of proxy that routes traffic through the SOCKS protocol. More secure than regular HTTP proxies.
• Residential Proxies - IP addresses from real homes and ISPs that mask location. Most effective for avoiding detection since they look like real users
• RDP - Remote desktop protocol lets you control another computer from anywhere. Used to access virtual machines for carding from clean IPs
• VPN - Virtual private network encrypts your internet traffic and hides your real IP address. Basic protection but not as good as residential proxies
• Bins - Bank identification numbers are the first 6-8 digits of a card that identify the issuing bank and card type. Different bins have different success rates and sensitivities.
• Enrolls - Cards with online banking access that can be registered to bank accounts. Requires SSN and specific BINs to sign up. Allows viewing transactions and some BINs let you change billing address
• AVS - Address verification system used by merchants for certain countries (US,CA,UK,etc) to check if billing address matches card records. Important security measure which means you need accurate billing information to process transactions.
• Visa Alerts - Notification system that sends text/email alerts for card transactions. Useful for low-value transactions that need minicode

In-Store Carding
View attachment 6472​

• Cloning - Process of copying card data onto blank cards to create physical duplicates. Requires dumps MSR and proper encoding settings
• MSR - Magnetic stripe reader device reads and writes card data to magnetic stripes. Used to create physical cloned cards from dumps
• EMV - Chip cards contain a secure microchip that makes them harder to clone than magnetic stripe cards. Most modern cards use EMV technology.
• Dipping - Dipping a cloned card multiple times to force terminal to use magstripe instead.
• NFC - Contactless payment technology in cards lets you tap to pay. Mostly used on phones with data stored digitally.
• Skimmer - Device installed on card readers to steal card data when cards are swiped. Common on ATMs and gas pumps
• POS - Point of sale terminal processes card payments at stores. Some terminals are more vulnerable to attacks than others
• ATM - Automated teller machines dispense cash and accept deposits. Popular target for skimmers and shimming devices

Antidetection
View attachment 6473​

• Antidetect - Browser software that generates unique fingerprints to appear as different users. Needed to avoid browser fingerprinting detection
• Antifraud - Security systems that detect and block fraudulent transactions. Uses AI machine learning and risk scoring to identify suspicious patterns
• Fraud Score - Numerical value assigned to transactions based on fraud likelihood. Higher scores mean higher chance of being blocked
• Fingerprint - Unique combination of browser settings and data that identifies users. Includes canvas fonts plugins and other data points that need to be spoofed
• Canvas - HTML5 feature that renders graphics. Sites use canvas fingerprinting to identify users so antidetects must randomize canvas data
• WebRTC - Web protocol that can leak real IP address even with VPN. Must be disabled or properly configured in antidetect browsers
• Leaks - Various browser features that can reveal true identity. WebRTC DNS and other leaks must be patched
• Cookies - Small text files stored by browsers that contain login sessions and preferences. Stealing cookies can bypass 2FA and access accounts without passwords

Marketplace Terms
View attachment 6474​

• Escrow - Trusted third party service holds funds until both buyer and seller complete a transaction. Protects against scams but escrow services can exit scam too
• PGP - Pretty Good Privacy encryption protects messages and files from being read by others. Essential for secure marketplace communications
• Opsec - Operational security includes all practices to stay anonymous and avoid detection. Includes using secure communications VPNs and proper opsec habits
• Drop - Shipping address that cant be traced back to you for receiving purchases. Usually abandoned houses or services
• Method - Specific technique or process for committing transactions successfully. Good methods are closely guarded and sold for high prices
• Logs - Stolen login credentials and session data from hacked accounts typically through malware. Can include banking email and shopping accounts
• Sauce - Working method that consistently generates profits. Finding reliable sauce takes trial and error
• Burner - Temporary disposable phone number or email used to register accounts. Should only be used once then discarded
• RAT - Remote access trojan malware gives hackers control of infected computers. Used to steal credentials and data
• Vendor - Seller on dark web marketplaces who offers cards dumps or fraud tools. Reputation and reviews are important
• Exit Scam - When a marketplace or vendor suddenly disappears with everyones money. Always keep minimum balance in markets
• BTC - Bitcoin cryptocurrency used for most dark web purchases. Somewhat traceable so needs to be properly mixed
• XMR - Monero cryptocurrency focuses on privacy and untraceability. Preferred over Bitcoin for maximum anonymity
• Pros - Business identities and information packages sold on marketplaces. Contains EIN numbers business credit profiles and other data needed for business fraud and applying for loans/credit cards. High credit scores most valuable for loan fraud
• CPN - Credit profile number is a nine-digit number used instead of SSN to apply for credit. Created through various methods and sold on marketplaces. Used to take out loans open credit cards and build alternate credit profiles
• Stimmys - Government stimulus payments sent during emergencies like COVID-19. Targeted using stolen identities to claim multiple payments
• CR - Credit reports showing detailed history and scores. Used to verify business credit profiles and find high-value targets
• Scans - High quality scans of ID documents bank statements and utility bills. Essential for verifying identities and passing KYC
• Slips - Checks money orders and deposit slips used for bank fraud. Quality scans needed for successful deposits

Card Stuff
View attachment 6475​

• Dump - Raw magnetic stripe data containing card details in track1/track2 format. Used to create physical cloned cards
• PIN - Personal identification number needed for debit card purchases and ATM withdrawals. Usually 4-6 digits
• Balance - Amount of money available to spend on a card. Check balance before purchasing to avoid declines
• Limit - Maximum amount that can be charged to a card. Higher limits are more valuable but attract more attention
• Issuer - Bank that issued the credit card and processes its transactions. Different issuers have different security measures
• 3DS - 3D Secure is an authentication protocol that adds an extra security layer for online card payments. Requires additional verification through bank apps or SMS codes
• VBV - Verified by Visa is Visas version of 3DS. More commonly used as general term for any 3DS verification
• MCSC - Mastercard Secure Code protection for online transactions. Similar to VBV requires additional verification
• AMEX Safe - American Express SafeKey verification system for online purchases
• Auth - Authorization code proves a transaction was approved. Different auth codes mean different things.
• Decline - Failed transaction due to insufficient funds fraud detection or other issues. Too many declines burn cards faster
• ZIP - Billing zip code must match card records for address verification. Important part of cardholder data
• DOB - Date of birth of cardholder needed for verification. Part of fullz data used to verify identity
• MMN - Mothers maiden name is a common security question for card verification. Included in quality fullz
• SSN - Social security number uniquely identifies US citizens. Critical part of fullz used for identity verification
• Checker - Tool that tests if cards are valid and active. Essential for verifying card status before use
• Auth check - Small test charge to verify card works. Usually $1-2 that gets refunded
• Simple check - Basic card check charge. Higher success rate but can give false positives
• Refund - Methods to get money back from merchants after receiving goods. Social engineering and fake tracking numbers common tactics

Banking
View attachment 6476​

• Bank Drop - Bank account opened with fake or stolen identity to receive fraudulent transfers. Needs proper setup and maintenance to avoid closure
• SWIFT - International bank transfer system used to move large amounts between banks. High value target but heavily monitored
• Wire - Bank transfer between accounts usually domestic. Faster than ACH but has higher fees and scrutiny
• ACH - Automated clearing house transfer system for US bank transactions. Takes several days but less monitored than wires. Essential for large bank fraud schemes
• Bank Logs - Stolen online banking credentials with account access. Quality logs have good balance and minimal security
• Zelle - Bank-to-bank transfer service for sending money instantly. Critical tool for bank fraud due to instant transfers and hard to reverse. Popular but risky due to verification
• Cashapp - Payment app that can link to bank accounts. Used to cash out amounts with less scrutiny
• Bank Method - Specific technique for successfully getting money from bank accounts. Methods vary by bank and account type
• Bank Login - Credentials to access online banking portals. More valuable with higher balances and business accounts
• EMT - Electronic money transfer system used by banks. Methods exist to bypass recipient verification and send to any account instantly
• Load - Process of sending stolen funds to bank accounts under fraudster control. Usually done through online banking access for later cashout
• CU - Credit union accounts with lower security than major banks. Easier targets for fraud.

Spamming
View attachment 6477​

• Spam - Mass sending of unsolicited messages for fraud or scams. Used to get bank logs credit cards accounts and spread malware. Success depends on volume and avoiding detection
• Mailer - Software like AMS (Advanced Mass Sender) used for spam campaigns. Requires SMTP leads letter templates and proxy support
• SMTP - Simple Mail Transfer Protocol server that transmits emails. Private SMTP servers needed to send mass spam campaigns reliably
• Proxy - Server that forwards traffic to hide real IP address. Essential for avoiding spam detection and blacklists
• Clientes potenciales : listas de correo electrónico o de números de teléfono que contienen posibles destinatarios de spam. Los clientes potenciales de calidad con correos electrónicos o teléfonos activos mejoran las tasas de éxito.
• Carta : Plantilla de correo electrónico falsa que imita a empresas legítimas. Editada para engañar a las víctimas y hacer que hagan clic en enlaces de phishing.
• Explosión : Una gran campaña de spam dirigida a muchas víctimas a la vez. El éxito requiere buenas plantillas de leads y una configuración de envío adecuada.
• Calentamiento : Proceso de aumento gradual del volumen de spam para evitar su detección. Las nuevas IP y dominios requieren un calentamiento adecuado.
• Lista negra : lista de IP y dominios bloqueados conocidos por spam. Estar en la lista negra detiene las campañas de spam.
• Trampa de spam : direcciones de correo electrónico falsas utilizadas para detectar spammers. Al acceder a trampas de spam, las IP se bloquean rápidamente.
• Cpanel : Panel de control de hosting utilizado para alojar páginas de phishing. Se necesitan cpaneles pirateados, ya que los proveedores legítimos bloquean los sitios de phishing.
• PHP Mailer : Alternativa de script PHP a las herramientas AMS para enviar spam. Requiere un hosting y una configuración SMTP
  
  adecuados . * Texto oculto: no se puede citar. *

Condiciones generales​

• Opsec : La seguridad operativa incluye el uso de comunicaciones seguras, la protección de la identidad y la prevención de errores. Una buena opsec le garantiza seguridad y rentabilidad.
• Revendidas : Tarjetas revendidas en múltiples mercados. Tienen una alta probabilidad de estar inactivas y en la lista negra debido a que varios compradores las usan. Evítalas a menos que el precio sea muy bajo.
• KYC (Conozca a su Cliente) es una verificación que exigen los bancos y algunos sitios web. Generalmente requiere identificación, una selfie, etc.
• Quemar : Cuando un método deja de funcionar debido a parches o detecciones. Todos los métodos eventualmente se queman, por lo que es necesario diversificar los enfoques.
• Limpio : Tarjeta o método que aún no se ha utilizado. Las tarjetas limpias tienen las tasas de éxito más altas.
• Caliente - Marcado por los sistemas de detección de fraude por actividad sospechosa
• Muerto - Carta o método que ya no funciona en absoluto
• SE - La ingeniería social manipula a las personas para que proporcionen información confidencial, accedan a ella o permitan que sucedan ciertas cosas. Utiliza la psicología y el engaño en lugar de técnicas de hacking.
• Fresco : Tarjetas o métodos nuevos sin usar y sin historial de fraude. Mayores probabilidades de éxito con productos frescos.
• Retiro : Proceso de convertir fondos robados en efectivo limpio. Existen diversos métodos, como compras con tarjetas de regalo y bitcoin.
• Vinculable : Tarjetas que se pueden agregar fácilmente a aplicaciones de pago digital como Cashapp , Apple Pay o Google Pay. Suelen venderse a precios elevados, pero existe un alto riesgo de que sean falsas o ya estén vinculadas. Muchos estafadores fingen vender tarjetas vinculables. Verifíquelo primero.
• Reenvío : Servicio que reenvía paquetes a su destino final. Ofrece mayor protección para las mercancías en cartón.
• Receptor : Persona que recibe y envía dinero a cambio de una comisión. Asume el riesgo de ser detectado.
• Phishing : creación de sitios web falsos para robar credenciales de inicio de sesión y datos de tarjetas. Una forma común de obtener tarjetas nuevas.
• Estafadores : Tiendas en línea diseñadas para robar datos de tarjetas de crédito. Se difunden mediante anuncios y ofertas falsas. Parecen legítimas, pero solo existen para recopilar datos de tarjetas.
• Botnet : Red de computadoras comprometidas, controladas remotamente. Se utiliza para obtener registros y realizar ataques DDoS.
• Cargador : Persona que se especializa en enviar transferencias fraudulentas y enlaces de pago para retirar dinero de tarjetas o cuentas bancarias.

Términos del Destripador
View attachment 6479​

• Transacciones Flash/Flashing de Criptomonedas : Exploit falso de blockchain que afirma multiplicar las transacciones de criptomonedas. Método de estafa vendido por estafadores que no funciona en ninguna red blockchain. Estafa común dirigida a nuevos usuarios.
• Clonación EMV : Métodos que afirman permitir la clonación de chips EMV para bancos o BIN específicos . Una estafa obsoleta que no funciona en los sistemas EMV modernos . Es común que los estafadores la vendan a pesar de ser inútil.
• Transferencias WU : Estafa de transferencias de Western Union donde los estafadores afirman tener vulnerabilidades en el sistema de WU. Piden el pago por adelantado y prometen enviar cantidades mayores a través de Western Union. Una estafa clásica con décadas de antigüedad que nunca funciona, pero que aún se usa comúnmente para atraer a nuevos usuarios.
• Pronto se añadirá más...

gracias

 

[decus]

A Newcomer's Fraud Dictionary
To everyone starting out in carding you might feel lost in the sauce with all the jargon and terms being thrown around. I get tons of basic questions about carding terminology in my inbox every day. So I put together this no-bullshit dictionary focused on the fundamentals. No fluff or filler - just straight facts about the key concepts and terms handpicked by yours truly. This list will help you learn the basics while avoiding the parasites and scammers in the scene. I will be updating it regularly to keep the info fresh since there are simply too many terms to list all at once. See something missing outdated or just plain wrong? Just reply to add more info. The more knowledge we share the stronger we get. Lets get it.

View attachment 6470


Online Carding
View attachment 6471​

• CC - A payment card (debit or credit) issued by banks that lets people make purchases. Contains important data like card number expiration date and security code
• CVV - The card verification value is a 3-4 digit security code found on the back of cards. Also used to refer to a credit card that includes this security code
• CCN - Credit card number without the CVV security code. Used on sites with lower security or for certain subscription services
• Fullz - Complete identity information package including name address SSN DOB and other personal details needed to verify identities. Essential for opening accounts and verifying purchases
• Proxies - Servers that forward traffic to hide real IP address. Essential for avoiding detection when making purchases and accessing sites
• Socks - Type of proxy that routes traffic through the SOCKS protocol. More secure than regular HTTP proxies.
• Residential Proxies - IP addresses from real homes and ISPs that mask location. Most effective for avoiding detection since they look like real users
• RDP - Remote desktop protocol lets you control another computer from anywhere. Used to access virtual machines for carding from clean IPs
• VPN - Virtual private network encrypts your internet traffic and hides your real IP address. Basic protection but not as good as residential proxies
• Bins - Bank identification numbers are the first 6-8 digits of a card that identify the issuing bank and card type. Different bins have different success rates and sensitivities.
• Enrolls - Cards with online banking access that can be registered to bank accounts. Requires SSN and specific BINs to sign up. Allows viewing transactions and some BINs let you change billing address
• AVS - Address verification system used by merchants for certain countries (US,CA,UK,etc) to check if billing address matches card records. Important security measure which means you need accurate billing information to process transactions.
• Visa Alerts - Notification system that sends text/email alerts for card transactions. Useful for low-value transactions that need minicode

In-Store Carding
View attachment 6472​

• Cloning - Process of copying card data onto blank cards to create physical duplicates. Requires dumps MSR and proper encoding settings
• MSR - Magnetic stripe reader device reads and writes card data to magnetic stripes. Used to create physical cloned cards from dumps
• EMV - Chip cards contain a secure microchip that makes them harder to clone than magnetic stripe cards. Most modern cards use EMV technology.
• Dipping - Dipping a cloned card multiple times to force terminal to use magstripe instead.
• NFC - Contactless payment technology in cards lets you tap to pay. Mostly used on phones with data stored digitally.
• Skimmer - Device installed on card readers to steal card data when cards are swiped. Common on ATMs and gas pumps
• POS - Point of sale terminal processes card payments at stores. Some terminals are more vulnerable to attacks than others
• ATM - Automated teller machines dispense cash and accept deposits. Popular target for skimmers and shimming devices

Antidetection
View attachment 6473​

• Antidetect - Browser software that generates unique fingerprints to appear as different users. Needed to avoid browser fingerprinting detection
• Antifraud - Security systems that detect and block fraudulent transactions. Uses AI machine learning and risk scoring to identify suspicious patterns
• Fraud Score - Numerical value assigned to transactions based on fraud likelihood. Higher scores mean higher chance of being blocked
• Fingerprint - Unique combination of browser settings and data that identifies users. Includes canvas fonts plugins and other data points that need to be spoofed
• Canvas - HTML5 feature that renders graphics. Sites use canvas fingerprinting to identify users so antidetects must randomize canvas data
• WebRTC - Web protocol that can leak real IP address even with VPN. Must be disabled or properly configured in antidetect browsers
• Leaks - Various browser features that can reveal true identity. WebRTC DNS and other leaks must be patched
• Cookies - Small text files stored by browsers that contain login sessions and preferences. Stealing cookies can bypass 2FA and access accounts without passwords

Marketplace Terms
View attachment 6474​

• Escrow - Trusted third party service holds funds until both buyer and seller complete a transaction. Protects against scams but escrow services can exit scam too
• PGP - Pretty Good Privacy encryption protects messages and files from being read by others. Essential for secure marketplace communications
• Opsec - Operational security includes all practices to stay anonymous and avoid detection. Includes using secure communications VPNs and proper opsec habits
• Drop - Shipping address that cant be traced back to you for receiving purchases. Usually abandoned houses or services
• Method - Specific technique or process for committing transactions successfully. Good methods are closely guarded and sold for high prices
• Logs - Stolen login credentials and session data from hacked accounts typically through malware. Can include banking email and shopping accounts
• Sauce - Working method that consistently generates profits. Finding reliable sauce takes trial and error
• Burner - Temporary disposable phone number or email used to register accounts. Should only be used once then discarded
• RAT - Remote access trojan malware gives hackers control of infected computers. Used to steal credentials and data
• Vendor - Seller on dark web marketplaces who offers cards dumps or fraud tools. Reputation and reviews are important
• Exit Scam - When a marketplace or vendor suddenly disappears with everyones money. Always keep minimum balance in markets
• BTC - Bitcoin cryptocurrency used for most dark web purchases. Somewhat traceable so needs to be properly mixed
• XMR - Monero cryptocurrency focuses on privacy and untraceability. Preferred over Bitcoin for maximum anonymity
• Pros - Business identities and information packages sold on marketplaces. Contains EIN numbers business credit profiles and other data needed for business fraud and applying for loans/credit cards. High credit scores most valuable for loan fraud
• CPN - Credit profile number is a nine-digit number used instead of SSN to apply for credit. Created through various methods and sold on marketplaces. Used to take out loans open credit cards and build alternate credit profiles
• Stimmys - Government stimulus payments sent during emergencies like COVID-19. Targeted using stolen identities to claim multiple payments
• CR - Credit reports showing detailed history and scores. Used to verify business credit profiles and find high-value targets
• Scans - High quality scans of ID documents bank statements and utility bills. Essential for verifying identities and passing KYC
• Slips - Checks money orders and deposit slips used for bank fraud. Quality scans needed for successful deposits

Card Stuff
View attachment 6475​

• Dump - Raw magnetic stripe data containing card details in track1/track2 format. Used to create physical cloned cards
• PIN - Personal identification number needed for debit card purchases and ATM withdrawals. Usually 4-6 digits
• Balance - Amount of money available to spend on a card. Check balance before purchasing to avoid declines
• Limit - Maximum amount that can be charged to a card. Higher limits are more valuable but attract more attention
• Issuer - Bank that issued the credit card and processes its transactions. Different issuers have different security measures
• 3DS - 3D Secure is an authentication protocol that adds an extra security layer for online card payments. Requires additional verification through bank apps or SMS codes
• VBV - Verified by Visa is Visas version of 3DS. More commonly used as general term for any 3DS verification
• MCSC - Mastercard Secure Code protection for online transactions. Similar to VBV requires additional verification
• AMEX Safe - American Express SafeKey verification system for online purchases
• Auth - Authorization code proves a transaction was approved. Different auth codes mean different things.
• Decline - Failed transaction due to insufficient funds fraud detection or other issues. Too many declines burn cards faster
• ZIP - Billing zip code must match card records for address verification. Important part of cardholder data
• DOB - Date of birth of cardholder needed for verification. Part of fullz data used to verify identity
• MMN - Mothers maiden name is a common security question for card verification. Included in quality fullz
• SSN - Social security number uniquely identifies US citizens. Critical part of fullz used for identity verification
• Checker - Tool that tests if cards are valid and active. Essential for verifying card status before use
• Auth check - Small test charge to verify card works. Usually $1-2 that gets refunded
• Simple check - Basic card check charge. Higher success rate but can give false positives
• Refund - Methods to get money back from merchants after receiving goods. Social engineering and fake tracking numbers common tactics

Banking
View attachment 6476​

• Bank Drop - Bank account opened with fake or stolen identity to receive fraudulent transfers. Needs proper setup and maintenance to avoid closure
• SWIFT - International bank transfer system used to move large amounts between banks. High value target but heavily monitored
• Wire - Bank transfer between accounts usually domestic. Faster than ACH but has higher fees and scrutiny
• ACH - Automated clearing house transfer system for US bank transactions. Takes several days but less monitored than wires. Essential for large bank fraud schemes
• Bank Logs - Stolen online banking credentials with account access. Quality logs have good balance and minimal security
• Zelle - Bank-to-bank transfer service for sending money instantly. Critical tool for bank fraud due to instant transfers and hard to reverse. Popular but risky due to verification
• Cashapp - Payment app that can link to bank accounts. Used to cash out amounts with less scrutiny
• Bank Method - Specific technique for successfully getting money from bank accounts. Methods vary by bank and account type
• Bank Login - Credentials to access online banking portals. More valuable with higher balances and business accounts
• EMT - Electronic money transfer system used by banks. Methods exist to bypass recipient verification and send to any account instantly
• Load - Process of sending stolen funds to bank accounts under fraudster control. Usually done through online banking access for later cashout
• CU - Credit union accounts with lower security than major banks. Easier targets for fraud.

Spamming
View attachment 6477​

• Spam - Mass sending of unsolicited messages for fraud or scams. Used to get bank logs credit cards accounts and spread malware. Success depends on volume and avoiding detection
• Mailer - Software like AMS (Advanced Mass Sender) used for spam campaigns. Requires SMTP leads letter templates and proxy support
• SMTP - Simple Mail Transfer Protocol server that transmits emails. Private SMTP servers needed to send mass spam campaigns reliably
• Proxy - Server that forwards traffic to hide real IP address. Essential for avoiding spam detection and blacklists
• Leads - Email lists or phone number lists containing potential spam targets. Quality leads of active emails/active phones improve success rates
• Letter - Fake email template that mimics legitimate companies. Edited to trick victims into clicking phishing links
• Blast - Large spam campaign targeting many victims at once. Success needs good leads templates and sending setup
• Warmup - Process of gradually increasing spam volume to avoid detection. New IPs and domains need proper warmup
• Blacklist - List of blocked IPs and domains known for spam. Getting blacklisted stops spam campaigns
• Spamtrap - Fake email address used to detect spammers. Hitting spamtraps gets IPs blocked fast
• Cpanel - Hosting control panel used to host phishing pages. Hacked cpanels needed since legit hosts block phishing sites
• PHP Mailer - PHP script alternative to AMS tools for sending spam. Requires proper hosting and SMTP setup
  
  * Hidden text: cannot be quoted. *

General Terms​

• Opsec - Operational security includes using secure communications protecting identity and avoiding mistakes. Good opsec keeps you safe and profitable
• Resold - Cards resold on multiple marketplaces. Have high chance of being dead and blacklisted due to multiple buyers using them. Avoid unless price is very low
• KYC - Know Your Customer verification required by banks and some sites. Typically requires ID and selfie etc
• Burn - When a method stops working due to patches or detection. All methods eventually burn so diversify approaches
• Clean - Card or method that hasnt been used yet. Clean cards have highest success rates
• Hot - Flagged by fraud detection systems for suspicious activity
• Dead - Card or method that no longer works at all
• SE - Social engineering manipulates people into giving up sensitive information or access or allowing certain things to happen. Uses psychology and deception rather than technical hacks
• Fresh - New unused cards or methods with no fraud history. Best chances of success with fresh stuff
• Cashout - Process of converting stolen funds into clean cash. Many methods like purchases gift cards and bitcoin
• Linkable - Cards that can be easily added to digital payment apps like Cashapp Apple Pay or Google Pay. Often sold at premium but high risk of being fake or already linked. Many rippers pretend to sell linkables. Verify first
• Reship - Service that forwards packages to final destination. Adds layer of protection for carded goods
• Receiver - Person who receives and forwards money for commission. Takes on risk of detection
• Phishing - Creating fake websites to steal login credentials and card details. Common way to get fresh cards
• Scamshops - Online storefronts designed to steal credit card details. Spread through ads and fake deals. Look legitimate but only exist to collect card data
• Botnet - Network of compromised computers controlled remotely. Used for getting logs and DDoS attacks
• Loader - Person who specializes in sending fraudulent transfers and payment links to cash out cards/bank accounts.

Ripper Terms
View attachment 6479​

• Flash Transactions/Crypto Flashing - Fake blockchain exploit that claims to multiply cryptocurrency transactions. Scam method sold by rippers that doesnt actually work on any blockchain network. Common ripoff targeting new users
• EMV Clone - Methods that claim to enable EMV chip cloning for specific banks/BINs. Outdated scam that dont work in modern EMV systems. Commonly sold by rippers despite being useless
• WU Transfers - Western Union transfer scam where rippers claim to have exploits in WUs system. They ask for payment upfront promising to send larger amounts back through Western Union. Classic decades-old scam that never works but still commonly used to target new users
• More to be added soon...

nice

 

[decus]

A Newcomer's Fraud Dictionary
To everyone starting out in carding you might feel lost in the sauce with all the jargon and terms being thrown around. I get tons of basic questions about carding terminology in my inbox every day. So I put together this no-bullshit dictionary focused on the fundamentals. No fluff or filler - just straight facts about the key concepts and terms handpicked by yours truly. This list will help you learn the basics while avoiding the parasites and scammers in the scene. I will be updating it regularly to keep the info fresh since there are simply too many terms to list all at once. See something missing outdated or just plain wrong? Just reply to add more info. The more knowledge we share the stronger we get. Lets get it.

View attachment 6470


Online Carding
View attachment 6471​

• CC - A payment card (debit or credit) issued by banks that lets people make purchases. Contains important data like card number expiration date and security code
• CVV - The card verification value is a 3-4 digit security code found on the back of cards. Also used to refer to a credit card that includes this security code
• CCN - Credit card number without the CVV security code. Used on sites with lower security or for certain subscription services
• Fullz - Complete identity information package including name address SSN DOB and other personal details needed to verify identities. Essential for opening accounts and verifying purchases
• Proxies - Servers that forward traffic to hide real IP address. Essential for avoiding detection when making purchases and accessing sites
• Socks - Type of proxy that routes traffic through the SOCKS protocol. More secure than regular HTTP proxies.
• Residential Proxies - IP addresses from real homes and ISPs that mask location. Most effective for avoiding detection since they look like real users
• RDP - Remote desktop protocol lets you control another computer from anywhere. Used to access virtual machines for carding from clean IPs
• VPN - Virtual private network encrypts your internet traffic and hides your real IP address. Basic protection but not as good as residential proxies
• Bins - Bank identification numbers are the first 6-8 digits of a card that identify the issuing bank and card type. Different bins have different success rates and sensitivities.
• Enrolls - Cards with online banking access that can be registered to bank accounts. Requires SSN and specific BINs to sign up. Allows viewing transactions and some BINs let you change billing address
• AVS - Address verification system used by merchants for certain countries (US,CA,UK,etc) to check if billing address matches card records. Important security measure which means you need accurate billing information to process transactions.
• Visa Alerts - Notification system that sends text/email alerts for card transactions. Useful for low-value transactions that need minicode

In-Store Carding
View attachment 6472​

• Cloning - Process of copying card data onto blank cards to create physical duplicates. Requires dumps MSR and proper encoding settings
• MSR - Magnetic stripe reader device reads and writes card data to magnetic stripes. Used to create physical cloned cards from dumps
• EMV - Chip cards contain a secure microchip that makes them harder to clone than magnetic stripe cards. Most modern cards use EMV technology.
• Dipping - Dipping a cloned card multiple times to force terminal to use magstripe instead.
• NFC - Contactless payment technology in cards lets you tap to pay. Mostly used on phones with data stored digitally.
• Skimmer - Device installed on card readers to steal card data when cards are swiped. Common on ATMs and gas pumps
• POS - Point of sale terminal processes card payments at stores. Some terminals are more vulnerable to attacks than others
• ATM - Automated teller machines dispense cash and accept deposits. Popular target for skimmers and shimming devices

Antidetection
View attachment 6473​

• Antidetect - Browser software that generates unique fingerprints to appear as different users. Needed to avoid browser fingerprinting detection
• Antifraud - Security systems that detect and block fraudulent transactions. Uses AI machine learning and risk scoring to identify suspicious patterns
• Fraud Score - Numerical value assigned to transactions based on fraud likelihood. Higher scores mean higher chance of being blocked
• Fingerprint - Unique combination of browser settings and data that identifies users. Includes canvas fonts plugins and other data points that need to be spoofed
• Canvas - HTML5 feature that renders graphics. Sites use canvas fingerprinting to identify users so antidetects must randomize canvas data
• WebRTC - Web protocol that can leak real IP address even with VPN. Must be disabled or properly configured in antidetect browsers
• Leaks - Various browser features that can reveal true identity. WebRTC DNS and other leaks must be patched
• Cookies - Small text files stored by browsers that contain login sessions and preferences. Stealing cookies can bypass 2FA and access accounts without passwords

Marketplace Terms
View attachment 6474​

• Escrow - Trusted third party service holds funds until both buyer and seller complete a transaction. Protects against scams but escrow services can exit scam too
• PGP - Pretty Good Privacy encryption protects messages and files from being read by others. Essential for secure marketplace communications
• Opsec - Operational security includes all practices to stay anonymous and avoid detection. Includes using secure communications VPNs and proper opsec habits
• Drop - Shipping address that cant be traced back to you for receiving purchases. Usually abandoned houses or services
• Method - Specific technique or process for committing transactions successfully. Good methods are closely guarded and sold for high prices
• Logs - Stolen login credentials and session data from hacked accounts typically through malware. Can include banking email and shopping accounts
• Sauce - Working method that consistently generates profits. Finding reliable sauce takes trial and error
• Burner - Temporary disposable phone number or email used to register accounts. Should only be used once then discarded
• RAT - Remote access trojan malware gives hackers control of infected computers. Used to steal credentials and data
• Vendor - Seller on dark web marketplaces who offers cards dumps or fraud tools. Reputation and reviews are important
• Exit Scam - When a marketplace or vendor suddenly disappears with everyones money. Always keep minimum balance in markets
• BTC - Bitcoin cryptocurrency used for most dark web purchases. Somewhat traceable so needs to be properly mixed
• XMR - Monero cryptocurrency focuses on privacy and untraceability. Preferred over Bitcoin for maximum anonymity
• Pros - Business identities and information packages sold on marketplaces. Contains EIN numbers business credit profiles and other data needed for business fraud and applying for loans/credit cards. High credit scores most valuable for loan fraud
• CPN - Credit profile number is a nine-digit number used instead of SSN to apply for credit. Created through various methods and sold on marketplaces. Used to take out loans open credit cards and build alternate credit profiles
• Stimmys - Government stimulus payments sent during emergencies like COVID-19. Targeted using stolen identities to claim multiple payments
• CR - Credit reports showing detailed history and scores. Used to verify business credit profiles and find high-value targets
• Scans - High quality scans of ID documents bank statements and utility bills. Essential for verifying identities and passing KYC
• Slips - Checks money orders and deposit slips used for bank fraud. Quality scans needed for successful deposits

Card Stuff
View attachment 6475​

• Dump - Raw magnetic stripe data containing card details in track1/track2 format. Used to create physical cloned cards
• PIN - Personal identification number needed for debit card purchases and ATM withdrawals. Usually 4-6 digits
• Balance - Amount of money available to spend on a card. Check balance before purchasing to avoid declines
• Limit - Maximum amount that can be charged to a card. Higher limits are more valuable but attract more attention
• Issuer - Bank that issued the credit card and processes its transactions. Different issuers have different security measures
• 3DS - 3D Secure is an authentication protocol that adds an extra security layer for online card payments. Requires additional verification through bank apps or SMS codes
• VBV - Verified by Visa is Visas version of 3DS. More commonly used as general term for any 3DS verification
• MCSC - Mastercard Secure Code protection for online transactions. Similar to VBV requires additional verification
• AMEX Safe - American Express SafeKey verification system for online purchases
• Auth - Authorization code proves a transaction was approved. Different auth codes mean different things.
• Decline - Failed transaction due to insufficient funds fraud detection or other issues. Too many declines burn cards faster
• ZIP - Billing zip code must match card records for address verification. Important part of cardholder data
• DOB - Date of birth of cardholder needed for verification. Part of fullz data used to verify identity
• MMN - Mothers maiden name is a common security question for card verification. Included in quality fullz
• SSN - Social security number uniquely identifies US citizens. Critical part of fullz used for identity verification
• Checker - Tool that tests if cards are valid and active. Essential for verifying card status before use
• Auth check - Small test charge to verify card works. Usually $1-2 that gets refunded
• Simple check - Basic card check charge. Higher success rate but can give false positives
• Refund - Methods to get money back from merchants after receiving goods. Social engineering and fake tracking numbers common tactics

Banking
View attachment 6476​

• Bank Drop - Bank account opened with fake or stolen identity to receive fraudulent transfers. Needs proper setup and maintenance to avoid closure
• SWIFT - International bank transfer system used to move large amounts between banks. High value target but heavily monitored
• Wire - Bank transfer between accounts usually domestic. Faster than ACH but has higher fees and scrutiny
• ACH - Automated clearing house transfer system for US bank transactions. Takes several days but less monitored than wires. Essential for large bank fraud schemes
• Bank Logs - Stolen online banking credentials with account access. Quality logs have good balance and minimal security
• Zelle - Bank-to-bank transfer service for sending money instantly. Critical tool for bank fraud due to instant transfers and hard to reverse. Popular but risky due to verification
• Cashapp - Payment app that can link to bank accounts. Used to cash out amounts with less scrutiny
• Bank Method - Specific technique for successfully getting money from bank accounts. Methods vary by bank and account type
• Bank Login - Credentials to access online banking portals. More valuable with higher balances and business accounts
• EMT - Electronic money transfer system used by banks. Methods exist to bypass recipient verification and send to any account instantly
• Load - Process of sending stolen funds to bank accounts under fraudster control. Usually done through online banking access for later cashout
• CU - Credit union accounts with lower security than major banks. Easier targets for fraud.

Spamming
View attachment 6477​

• Spam - Mass sending of unsolicited messages for fraud or scams. Used to get bank logs credit cards accounts and spread malware. Success depends on volume and avoiding detection
• Mailer - Software like AMS (Advanced Mass Sender) used for spam campaigns. Requires SMTP leads letter templates and proxy support
• SMTP - Simple Mail Transfer Protocol server that transmits emails. Private SMTP servers needed to send mass spam campaigns reliably
• Proxy - Server that forwards traffic to hide real IP address. Essential for avoiding spam detection and blacklists
• Leads - Email lists or phone number lists containing potential spam targets. Quality leads of active emails/active phones improve success rates
• Letter - Fake email template that mimics legitimate companies. Edited to trick victims into clicking phishing links
• Blast - Large spam campaign targeting many victims at once. Success needs good leads templates and sending setup
• Warmup - Process of gradually increasing spam volume to avoid detection. New IPs and domains need proper warmup
• Blacklist - List of blocked IPs and domains known for spam. Getting blacklisted stops spam campaigns
• Spamtrap - Fake email address used to detect spammers. Hitting spamtraps gets IPs blocked fast
• Cpanel - Hosting control panel used to host phishing pages. Hacked cpanels needed since legit hosts block phishing sites
• PHP Mailer - PHP script alternative to AMS tools for sending spam. Requires proper hosting and SMTP setup
  
  * Hidden text: cannot be quoted. *

General Terms​

• Opsec - Operational security includes using secure communications protecting identity and avoiding mistakes. Good opsec keeps you safe and profitable
• Resold - Cards resold on multiple marketplaces. Have high chance of being dead and blacklisted due to multiple buyers using them. Avoid unless price is very low
• KYC - Know Your Customer verification required by banks and some sites. Typically requires ID and selfie etc
• Burn - When a method stops working due to patches or detection. All methods eventually burn so diversify approaches
• Clean - Card or method that hasnt been used yet. Clean cards have highest success rates
• Hot - Flagged by fraud detection systems for suspicious activity
• Dead - Card or method that no longer works at all
• SE - Social engineering manipulates people into giving up sensitive information or access or allowing certain things to happen. Uses psychology and deception rather than technical hacks
• Fresh - New unused cards or methods with no fraud history. Best chances of success with fresh stuff
• Cashout - Process of converting stolen funds into clean cash. Many methods like purchases gift cards and bitcoin
• Linkable - Cards that can be easily added to digital payment apps like Cashapp Apple Pay or Google Pay. Often sold at premium but high risk of being fake or already linked. Many rippers pretend to sell linkables. Verify first
• Reship - Service that forwards packages to final destination. Adds layer of protection for carded goods
• Receiver - Person who receives and forwards money for commission. Takes on risk of detection
• Phishing - Creating fake websites to steal login credentials and card details. Common way to get fresh cards
• Scamshops - Online storefronts designed to steal credit card details. Spread through ads and fake deals. Look legitimate but only exist to collect card data
• Botnet - Network of compromised computers controlled remotely. Used for getting logs and DDoS attacks
• Loader - Person who specializes in sending fraudulent transfers and payment links to cash out cards/bank accounts.

Ripper Terms
View attachment 6479​

• Flash Transactions/Crypto Flashing - Fake blockchain exploit that claims to multiply cryptocurrency transactions. Scam method sold by rippers that doesnt actually work on any blockchain network. Common ripoff targeting new users
• EMV Clone - Methods that claim to enable EMV chip cloning for specific banks/BINs. Outdated scam that dont work in modern EMV systems. Commonly sold by rippers despite being useless
• WU Transfers - Western Union transfer scam where rippers claim to have exploits in WUs system. They ask for payment upfront promising to send larger amounts back through Western Union. Classic decades-old scam that never works but still commonly used to target new users
• More to be added soon...

king

 

[fujiko]

A Newcomer's Fraud Dictionary
To everyone starting out in carding you might feel lost in the sauce with all the jargon and terms being thrown around. I get tons of basic questions about carding terminology in my inbox every day. So I put together this no-bullshit dictionary focused on the fundamentals. No fluff or filler - just straight facts about the key concepts and terms handpicked by yours truly. This list will help you learn the basics while avoiding the parasites and scammers in the scene. I will be updating it regularly to keep the info fresh since there are simply too many terms to list all at once. See something missing outdated or just plain wrong? Just reply to add more info. The more knowledge we share the stronger we get. Lets get it.

View attachment 6470


Online Carding
View attachment 6471​

• CC - A payment card (debit or credit) issued by banks that lets people make purchases. Contains important data like card number expiration date and security code
• CVV - The card verification value is a 3-4 digit security code found on the back of cards. Also used to refer to a credit card that includes this security code
• CCN - Credit card number without the CVV security code. Used on sites with lower security or for certain subscription services
• Fullz - Complete identity information package including name address SSN DOB and other personal details needed to verify identities. Essential for opening accounts and verifying purchases
• Proxies - Servers that forward traffic to hide real IP address. Essential for avoiding detection when making purchases and accessing sites
• Socks - Type of proxy that routes traffic through the SOCKS protocol. More secure than regular HTTP proxies.
• Residential Proxies - IP addresses from real homes and ISPs that mask location. Most effective for avoiding detection since they look like real users
• RDP - Remote desktop protocol lets you control another computer from anywhere. Used to access virtual machines for carding from clean IPs
• VPN - Virtual private network encrypts your internet traffic and hides your real IP address. Basic protection but not as good as residential proxies
• Bins - Bank identification numbers are the first 6-8 digits of a card that identify the issuing bank and card type. Different bins have different success rates and sensitivities.
• Enrolls - Cards with online banking access that can be registered to bank accounts. Requires SSN and specific BINs to sign up. Allows viewing transactions and some BINs let you change billing address
• AVS - Address verification system used by merchants for certain countries (US,CA,UK,etc) to check if billing address matches card records. Important security measure which means you need accurate billing information to process transactions.
• Visa Alerts - Notification system that sends text/email alerts for card transactions. Useful for low-value transactions that need minicode

In-Store Carding
View attachment 6472​

• Cloning - Process of copying card data onto blank cards to create physical duplicates. Requires dumps MSR and proper encoding settings
• MSR - Magnetic stripe reader device reads and writes card data to magnetic stripes. Used to create physical cloned cards from dumps
• EMV - Chip cards contain a secure microchip that makes them harder to clone than magnetic stripe cards. Most modern cards use EMV technology.
• Dipping - Dipping a cloned card multiple times to force terminal to use magstripe instead.
• NFC - Contactless payment technology in cards lets you tap to pay. Mostly used on phones with data stored digitally.
• Skimmer - Device installed on card readers to steal card data when cards are swiped. Common on ATMs and gas pumps
• POS - Point of sale terminal processes card payments at stores. Some terminals are more vulnerable to attacks than others
• ATM - Automated teller machines dispense cash and accept deposits. Popular target for skimmers and shimming devices

Antidetection
View attachment 6473​

• Antidetect - Browser software that generates unique fingerprints to appear as different users. Needed to avoid browser fingerprinting detection
• Antifraud - Security systems that detect and block fraudulent transactions. Uses AI machine learning and risk scoring to identify suspicious patterns
• Fraud Score - Numerical value assigned to transactions based on fraud likelihood. Higher scores mean higher chance of being blocked
• Fingerprint - Unique combination of browser settings and data that identifies users. Includes canvas fonts plugins and other data points that need to be spoofed
• Canvas - HTML5 feature that renders graphics. Sites use canvas fingerprinting to identify users so antidetects must randomize canvas data
• WebRTC - Web protocol that can leak real IP address even with VPN. Must be disabled or properly configured in antidetect browsers
• Leaks - Various browser features that can reveal true identity. WebRTC DNS and other leaks must be patched
• Cookies - Small text files stored by browsers that contain login sessions and preferences. Stealing cookies can bypass 2FA and access accounts without passwords

Marketplace Terms
View attachment 6474​

• Escrow - Trusted third party service holds funds until both buyer and seller complete a transaction. Protects against scams but escrow services can exit scam too
• PGP - Pretty Good Privacy encryption protects messages and files from being read by others. Essential for secure marketplace communications
• Opsec - Operational security includes all practices to stay anonymous and avoid detection. Includes using secure communications VPNs and proper opsec habits
• Drop - Shipping address that cant be traced back to you for receiving purchases. Usually abandoned houses or services
• Method - Specific technique or process for committing transactions successfully. Good methods are closely guarded and sold for high prices
• Logs - Stolen login credentials and session data from hacked accounts typically through malware. Can include banking email and shopping accounts
• Sauce - Working method that consistently generates profits. Finding reliable sauce takes trial and error
• Burner - Temporary disposable phone number or email used to register accounts. Should only be used once then discarded
• RAT - Remote access trojan malware gives hackers control of infected computers. Used to steal credentials and data
• Vendor - Seller on dark web marketplaces who offers cards dumps or fraud tools. Reputation and reviews are important
• Exit Scam - When a marketplace or vendor suddenly disappears with everyones money. Always keep minimum balance in markets
• BTC - Bitcoin cryptocurrency used for most dark web purchases. Somewhat traceable so needs to be properly mixed
• XMR - Monero cryptocurrency focuses on privacy and untraceability. Preferred over Bitcoin for maximum anonymity
• Pros - Business identities and information packages sold on marketplaces. Contains EIN numbers business credit profiles and other data needed for business fraud and applying for loans/credit cards. High credit scores most valuable for loan fraud
• CPN - Credit profile number is a nine-digit number used instead of SSN to apply for credit. Created through various methods and sold on marketplaces. Used to take out loans open credit cards and build alternate credit profiles
• Stimmys - Government stimulus payments sent during emergencies like COVID-19. Targeted using stolen identities to claim multiple payments
• CR - Credit reports showing detailed history and scores. Used to verify business credit profiles and find high-value targets
• Scans - High quality scans of ID documents bank statements and utility bills. Essential for verifying identities and passing KYC
• Slips - Checks money orders and deposit slips used for bank fraud. Quality scans needed for successful deposits

Card Stuff
View attachment 6475​

• Dump - Raw magnetic stripe data containing card details in track1/track2 format. Used to create physical cloned cards
• PIN - Personal identification number needed for debit card purchases and ATM withdrawals. Usually 4-6 digits
• Balance - Amount of money available to spend on a card. Check balance before purchasing to avoid declines
• Limit - Maximum amount that can be charged to a card. Higher limits are more valuable but attract more attention
• Issuer - Bank that issued the credit card and processes its transactions. Different issuers have different security measures
• 3DS - 3D Secure is an authentication protocol that adds an extra security layer for online card payments. Requires additional verification through bank apps or SMS codes
• VBV - Verified by Visa is Visas version of 3DS. More commonly used as general term for any 3DS verification
• MCSC - Mastercard Secure Code protection for online transactions. Similar to VBV requires additional verification
• AMEX Safe - American Express SafeKey verification system for online purchases
• Auth - Authorization code proves a transaction was approved. Different auth codes mean different things.
• Decline - Failed transaction due to insufficient funds fraud detection or other issues. Too many declines burn cards faster
• ZIP - Billing zip code must match card records for address verification. Important part of cardholder data
• DOB - Date of birth of cardholder needed for verification. Part of fullz data used to verify identity
• MMN - Mothers maiden name is a common security question for card verification. Included in quality fullz
• SSN - Social security number uniquely identifies US citizens. Critical part of fullz used for identity verification
• Checker - Tool that tests if cards are valid and active. Essential for verifying card status before use
• Auth check - Small test charge to verify card works. Usually $1-2 that gets refunded
• Simple check - Basic card check charge. Higher success rate but can give false positives
• Refund - Methods to get money back from merchants after receiving goods. Social engineering and fake tracking numbers common tactics

Banking
View attachment 6476​

• Bank Drop - Bank account opened with fake or stolen identity to receive fraudulent transfers. Needs proper setup and maintenance to avoid closure
• SWIFT - International bank transfer system used to move large amounts between banks. High value target but heavily monitored
• Wire - Bank transfer between accounts usually domestic. Faster than ACH but has higher fees and scrutiny
• ACH - Automated clearing house transfer system for US bank transactions. Takes several days but less monitored than wires. Essential for large bank fraud schemes
• Bank Logs - Stolen online banking credentials with account access. Quality logs have good balance and minimal security
• Zelle - Bank-to-bank transfer service for sending money instantly. Critical tool for bank fraud due to instant transfers and hard to reverse. Popular but risky due to verification
• Cashapp - Payment app that can link to bank accounts. Used to cash out amounts with less scrutiny
• Bank Method - Specific technique for successfully getting money from bank accounts. Methods vary by bank and account type
• Bank Login - Credentials to access online banking portals. More valuable with higher balances and business accounts
• EMT - Electronic money transfer system used by banks. Methods exist to bypass recipient verification and send to any account instantly
• Load - Process of sending stolen funds to bank accounts under fraudster control. Usually done through online banking access for later cashout
• CU - Credit union accounts with lower security than major banks. Easier targets for fraud.

Spamming
View attachment 6477​

• Spam - Mass sending of unsolicited messages for fraud or scams. Used to get bank logs credit cards accounts and spread malware. Success depends on volume and avoiding detection
• Mailer - Software like AMS (Advanced Mass Sender) used for spam campaigns. Requires SMTP leads letter templates and proxy support
• SMTP - Simple Mail Transfer Protocol server that transmits emails. Private SMTP servers needed to send mass spam campaigns reliably
• Proxy - Server that forwards traffic to hide real IP address. Essential for avoiding spam detection and blacklists
• Leads - Email lists or phone number lists containing potential spam targets. Quality leads of active emails/active phones improve success rates
• Letter - Fake email template that mimics legitimate companies. Edited to trick victims into clicking phishing links
• Blast - Large spam campaign targeting many victims at once. Success needs good leads templates and sending setup
• Warmup - Process of gradually increasing spam volume to avoid detection. New IPs and domains need proper warmup
• Blacklist - List of blocked IPs and domains known for spam. Getting blacklisted stops spam campaigns
• Spamtrap - Fake email address used to detect spammers. Hitting spamtraps gets IPs blocked fast
• Cpanel - Hosting control panel used to host phishing pages. Hacked cpanels needed since legit hosts block phishing sites
• PHP Mailer - PHP script alternative to AMS tools for sending spam. Requires proper hosting and SMTP setup
  
  * Hidden text: cannot be quoted. *

General Terms​

• Opsec - Operational security includes using secure communications protecting identity and avoiding mistakes. Good opsec keeps you safe and profitable
• Resold - Cards resold on multiple marketplaces. Have high chance of being dead and blacklisted due to multiple buyers using them. Avoid unless price is very low
• KYC - Know Your Customer verification required by banks and some sites. Typically requires ID and selfie etc
• Burn - When a method stops working due to patches or detection. All methods eventually burn so diversify approaches
• Clean - Card or method that hasnt been used yet. Clean cards have highest success rates
• Hot - Flagged by fraud detection systems for suspicious activity
• Dead - Card or method that no longer works at all
• SE - Social engineering manipulates people into giving up sensitive information or access or allowing certain things to happen. Uses psychology and deception rather than technical hacks
• Fresh - New unused cards or methods with no fraud history. Best chances of success with fresh stuff
• Cashout - Process of converting stolen funds into clean cash. Many methods like purchases gift cards and bitcoin
• Linkable - Cards that can be easily added to digital payment apps like Cashapp Apple Pay or Google Pay. Often sold at premium but high risk of being fake or already linked. Many rippers pretend to sell linkables. Verify first
• Reship - Service that forwards packages to final destination. Adds layer of protection for carded goods
• Receiver - Person who receives and forwards money for commission. Takes on risk of detection
• Phishing - Creating fake websites to steal login credentials and card details. Common way to get fresh cards
• Scamshops - Online storefronts designed to steal credit card details. Spread through ads and fake deals. Look legitimate but only exist to collect card data
• Botnet - Network of compromised computers controlled remotely. Used for getting logs and DDoS attacks
• Loader - Person who specializes in sending fraudulent transfers and payment links to cash out cards/bank accounts.

Ripper Terms
View attachment 6479​

• Flash Transactions/Crypto Flashing - Fake blockchain exploit that claims to multiply cryptocurrency transactions. Scam method sold by rippers that doesnt actually work on any blockchain network. Common ripoff targeting new users
• EMV Clone - Methods that claim to enable EMV chip cloning for specific banks/BINs. Outdated scam that dont work in modern EMV systems. Commonly sold by rippers despite being useless
• WU Transfers - Western Union transfer scam where rippers claim to have exploits in WUs system. They ask for payment upfront promising to send larger amounts back through Western Union. Classic decades-old scam that never works but still commonly used to target new users
• More to be added soon...

Excellent

 

[wotadob158]

Thanks for sharing this to us!

 

[Cigr111]

thank you for the info

 

[yu5231]

ok good

 

[zxc5955]

新手诈骗词典
对于刚开始接触梳理行业的人来说，面对琳琅满目的专业术语和术语，你可能会感到不知所措。我每天都会收到大量关于梳理术语的基本问题。因此，我整理了这本实用的词典，专注于基础知识。没有空谈或填充，只有由我亲自挑选的关键概念和术语的直白事实。这份词典将帮助你学习基础知识，同时避开行业中的“寄生虫”和骗子。我会定期更新，以保持信息的新鲜度，因为术语太多，无法一次性全部列出。发现有什么缺失、过时或完全错误的地方？请回复以添加更多信息。我们分享的知识越多，我们就越强大。让我们一起努力吧！

View attachment 6470


在线梳理
View attachment 6471​

• CC - 银行发行的支付卡（借记卡或信用卡），用于购物。包含卡号、有效期和安全码等重要数据。
• CVV - 信用卡验证码，是位于信用卡背面的 3-4 位安全码。也用于指包含此安全码的信用卡。
• CCN - 不含CVV安全码的信用卡号。用于安全性较低的网站或某些订阅服务
• Fullz - 完整的身份信息包，包括姓名、地址、社会安全号码 、出生日期以及其他验证身份所需的个人信息。开户和验证购买信息必不可少。
• 代理- 用于转发流量以隐藏真实 IP 地址的服务器。对于在购物和访问网站时避免被检测到至关重要。
• Socks -通过 SOCKS 协议路由流量的代理类型。比常规 HTTP代理更安全。
• 住宅代理- 来自真实住宅和 ISP 的 IP 地址，可隐藏位置。由于它们看起来像真实用户，因此是规避检测最有效的方法
• RDP - 远程桌面协议，让你可以从任何地方控制另一台计算机。用于从干净的 IP 地址访问虚拟机进行审计。
• VPN - 虚拟专用网络加密您的互联网流量并隐藏您的真实 IP 地址。提供基本的保护，但不如住宅代理有效。
• 卡号- 银行识别码是卡片的前 6-8 位数字，用于识别发卡银行和卡片类型。不同的卡号成功率和敏感度有所不同。
• 注册- 可注册银行账户的在线银行卡。注册需要SSN和特定BIN 。允许查看交易记录，部分BIN允许更改账单地址
• AVS - 某些国家/地区（美国、加拿大、英国等）商家使用的地址验证系统，用于检查账单地址是否与银行卡记录相符。这是一项重要的安全措施，这意味着您需要准确的账单信息才能处理交易。
• Visa Alerts - 发送短信/邮件提醒的银行卡交易通知系统。适用于需要小额支付代码的小额交易。

店内梳理
View attachment 6472​

• 克隆- 将卡片数据复制到空白卡片上，创建实体副本的过程。需要转储 MSR 数据并进行正确的编码设置。
• MSR - 磁条读取设备，用于读取卡片数据并将其写入磁条。用于从转储中创建实体卡克隆。
• EMV - 芯片卡内含安全微芯片，比磁条卡更难被克隆。大多数现代银行卡都采用 EMV 技术。
• 刷卡- 多次刷克隆卡以强制终端使用磁条。
• NFC - 卡片式非接触式支付技术，让您轻触即可付款。主要用于以数字方式存储数据的手机。
• 盗刷器- 安装在读卡器上，用于在刷卡时窃取卡片数据的装置。常见于ATM 机和加油站。
• POS终端（销售点终端）负责处理商店的信用卡支付。有些终端比其他终端更容易受到攻击。
• ATM - 自动取款机，用于提取现金和接受存款。是盗刷器和垫片装置的常见目标。

反检测
View attachment 6473​

• Antidetect - 浏览器软件，可生成独特的指纹，以显示不同的用户身份。用于规避浏览器指纹检测
• 反欺诈- 检测并阻止欺诈交易的安全系统。使用人工智能机器学习和风险评分来识别可疑模式
• 欺诈评分- 根据欺诈可能性分配给交易的数值。评分越高，被阻止的可能性就越大。
• 指纹- 浏览器设置和数据的独特组合，用于识别用户。包括画布字体插件和其他需要伪造的数据点。
• Canvas - 用于渲染图形的 HTML5 功能。网站使用 Canvas 指纹识别来识别用户，因此反检测系统必须对 Canvas 数据进行随机化处理。
• WebRTC - 即使使用VPN，也可能泄露真实 IP 地址的 Web 协议。必须在反检测浏览器中禁用或正确配置。
• 泄漏- 各种浏览器功能可能泄露真实身份。WebRTC DNS 和其他泄漏必须修补
• Cookies——浏览器存储的小型文本文件，其中包含登录会话和偏好设置。窃取 Cookie 可以绕过双重身份验证 (2FA)，无需密码即可访问账户。

市场条款
View attachment 6474​

• 托管- 值得信赖的第三方服务机构会保管资金，直至买卖双方完成交易。托管服务可以防范诈骗，但也可能引发欺诈。
• PGP - Pretty Good Privacy 加密保护信息和文件不被他人读取。对于安全的市场通信至关重要
• 运营安全- 运营安全涵盖所有保持匿名和避免被发现的实践。包括使用安全通信VPN和养成良好的运营安全习惯。
• Drop - 无法追踪到您接收购买商品的送货地址。通常是废弃的房屋或服务
• 方法- 成功提交交易的特定技术或流程。好的方法受到严密保护，并以高价出售。
• 日志- 被黑客入侵账户后，通常通过恶意软件窃取的登录凭证和会话数据。可能包括银行邮箱和购物账户
• 酱汁——持续创造利润的工作方法。找到可靠的酱汁需要不断尝试
• Burner - 用于注册账户的临时电话号码或邮箱。一次性使用，之后丢弃。
• RAT - 远程访问木马恶意软件，可让黑客控制受感染的计算机。用于窃取凭证和数据
• 供应商- 暗网市场上提供卡牌转储或欺诈工具的卖家。信誉和评论很重要
• 退出骗局- 指市场或卖家突然卷走所有人的钱财而消失。务必在市场中保持最低余额。
• BTC - 比特币加密货币，用于大多数暗网购物。具有一定的可追踪性，因此需要进行适当的混合。
• XMR - 门罗币加密货币，注重隐私性和不可追踪性。相比比特币，其匿名性更高。
• 优点- 在市场上出售商业身份和信息包。包含雇主识别号 (EIN)、企业信用档案以及其他用于商业欺诈和申请贷款/信用卡的数据。高信用评分对贷款欺诈最有价值。
• CPN（信用档案编号）是一个九位数的号码，用于代替社会安全号码（SSN）申请信用。该号码可通过多种方式创建，并在市场上出售。用于贷款、开办信用卡以及建立其他信用档案。
• Stimmys - 在 COVID-19 等紧急情况下发放的政府纾困金。有人利用被盗身份骗取多笔款项
• CR - 信用报告，显示详细的历史记录和评分。用于验证企业信用状况并寻找高价值目标
• 扫描件- 身份证件、银行对账单和水电费账单的高质量扫描件。对于验证身份和通过KYC至关重要
• 存根- 检查用于银行欺诈的汇票和存款单。成功存款需要高质量的扫描

卡片材料
View attachment 6475​

• 转储- 包含磁道1/磁道2格式的卡片详细信息的原始磁条数据。用于创建实体克隆卡。
• PIN 码- 借记卡消费和ATM取款所需的个人识别码。通常为 4-6 位数字
• 余额- 卡内可用金额。购买前请检查余额，以免被拒。
• 限额- 一张卡可充值的最高金额。限额越高，价值越高，但也越受关注。
• 发卡机构- 发行信用卡并处理其交易的银行。不同的发卡机构有不同的安全措施
• 3DS - 3D Secure 是一种身份验证协议，为在线银行卡支付增加了额外的安全保障。需要通过银行应用程序或短信验证码进行额外验证
• VBV - Visa 验证，是 Visa 的3DS版本。通常用作3DS验证的统称。
• MCSC - 万事达卡安全码，用于在线交易保护。与VBV类似，需要额外验证
• AMEX Safe - 美国运通 SafeKey 在线购物验证系统
• 授权码- 授权码用于证明交易已获批准。不同的授权码代表不同的含义。
• 拒绝- 由于资金不足、欺诈检测或其他问题导致交易失败。拒绝次数过多会更快烧卡
• 邮政编码- 账单邮编必须与信用卡记录一致，以便进行地址验证。这是持卡人数据的重要组成部分
• DOB - 持卡人出生日期，用于验证。fullz 数据的一部分，用于验证身份
• MMN - 母亲的娘家姓是用于信用卡验证的常见安全问题。包含在优质fullz中
• SSN - 社会安全号码，唯一标识美国公民。fullz 中用于身份验证的关键部分
• 检查器- 用于测试卡片是否有效和活跃的工具。在使用前验证卡片状态至关重要
• 授权检查- 收取小额测试费用，用于验证卡是否有效。通常为 1-2 美元，可退款
• 简单检查- 基本信用卡检查费用。成功率较高，但可能出现误报
• 退款- 收到商品后从商家处退款的方法。社交工程和虚假追踪号是常见的伎俩

银行业
View attachment 6476​

• 银行转账- 使用虚假或被盗身份开设的银行账户，用于接收欺诈性转账。需要妥善设置和维护，以免账户被关闭。
• SWIFT - 用于银行间大额资金转移的国际银行转账系统。目标价值高，但受到严格监控。
• 电汇- 通常在国内账户之间进行的银行转账。比ACH更快，但费用更高，审查也更严格。
• ACH - 美国银行交易的自动清算系统。耗时数天，但监控程度低于电汇。对于大型银行欺诈计划至关重要。
• 银行日志- 窃取可访问账户的网上银行凭证。优质日志通常平衡性良好，但安全性较低
• Zelle - 银行间即时转账服务。由于转账即时且难以撤销，Zelle 是银行欺诈的关键工具。Zelle 受欢迎，但需要验证，风险较高。
• Cashapp - 可关联银行账户的支付应用。用于在审查较少的情况下提现。
• 银行取钱方法- 成功从银行账户取钱的具体技巧。取钱方法因银行和账户类型而异。
• 银行登录- 访问网上银行门户的凭证。余额越高，商业账户的价值就越大
• EMT - 银行使用的电子汇款系统。存在绕过收款人验证并立即汇款至任何账户的方法。
• 加载- 将窃取的资金转入诈骗分子控制的银行账户的过程。通常通过网上银行进行，以便日后提取现金。
• CU - 信用合作社账户安全性低于大型银行，更容易成为欺诈目标。

垃圾邮件
View attachment 6477​

• 垃圾邮件- 大量发送未经请求的诈骗或诈骗信息。用于获取银行信用卡账户日志并传播恶意软件。成功与否取决于数量和避免被检测到。
• 邮件程序- 类似 AMS（高级群发程序）的软件，用于垃圾邮件活动。需要SMTP邮件模板和代理支持
• SMTP - 用于传输电子邮件的简单邮件传输协议服务器。需要私人SMTP服务器来可靠地发送大量垃圾邮件
• 代理服务器- 用于转发流量以隐藏真实 IP 地址的服务器。对于规避垃圾邮件检测和黑名单至关重要。
• 线索- 包含潜在垃圾邮件目标的电子邮件列表或电话号码列表。活跃电子邮件/活跃电话的优质线索可提高成功率
• 信件- 模仿合法公司的虚假电子邮件模板。经过编辑，诱骗受害者点击钓鱼链接
• Blast - 大规模垃圾邮件攻击活动，一次性针对大量受害者。成功的关键在于良好的潜在客户模板和发送设置。
• 预热- 逐步增加垃圾邮件数量以避免被发现的过程。新的 IP 和域名需要适当的预热
• 黑名单- 列出已知垃圾邮件的被屏蔽 IP 和域名。加入黑名单可以阻止垃圾邮件活动
• 垃圾邮件陷阱- 用于检测垃圾邮件发送者的虚假电子邮件地址。触发垃圾邮件陷阱会导致 IP 地址被快速屏蔽
• Cpanel - 用于托管钓鱼页面的主机控制面板。由于合法主机会屏蔽钓鱼网站，因此需要破解 cpanel。
• PHP Mailer - 一个可以替代 AMS 垃圾邮件发送工具的 PHP 脚本。需要合适的主机和SMTP设置
  
  * 隐藏文本：无法引用。*

一般条款​

• 运营安全- 运营安全包括使用安全通信、保护身份和避免错误。良好的运营安全保障您的安全和盈利。
• 转售- 卡牌在多个市场转售。由于多个买家同时使用，卡牌很可能被停售并被列入黑名单。除非价格非常低，否则避免购买。
• KYC - 银行和一些网站要求的“了解你的客户”验证。通常需要身份证件和自拍照等。
• 失效- 当一种方法由于补丁或检测而失效时。所有方法最终都会失效，因此应采取多样化的方法
• 干净- 尚未使用过的卡牌或方法。干净的卡牌成功率最高。
• 热门- 被欺诈检测系统标记为可疑活动
• 失效- 卡牌或方法不再起作用
• SE - 社会工程学，即操纵人们交出敏感信息或访问权限，或允许某些事情发生。它利用心理学和欺骗手段，而非技术手段。
• 新鲜- 全新未使用过的卡或方法，且无欺诈记录。新鲜事物的成功率最高
• 提现- 将窃取的资金转换为干净现金的过程。方法多种多样，例如购买礼品卡和比特币
• 可链接卡- 可轻松添加到Cashapp、 Apple Pay 或 Google Pay 等数字支付应用的卡。这类卡通常以高价出售，但假卡或已链接卡的风险很高。许多盗版者会假装出售可链接卡。请先验证
• 转运- 将包裹转运至最终目的地的服务。为卡片货物增加一层保护
• 收款人- 收取并转交佣金的人。承担被发现的风险
• 网络钓鱼- 创建虚假网站窃取登录凭证和银行卡信息。这是获取新卡的常见方法
• 诈骗商店- 旨在窃取信用卡信息的在线商店。通过广告和虚假交易进行传播。看似合法，但实际目的只是为了收集信用卡数据
• 僵尸网络- 远程控制的受感染计算机网络。用于获取日志和 DDoS 攻击
• 加载者——专门向现金卡/银行账户发送欺诈性转账和付款链接的人。

开膛手条款
View attachment 6479​

• 闪电交易/加密闪购- 虚假的区块链漏洞，声称可以增加加密货币交易数量。这是一种由盗号者兜售的诈骗手段，实际上在任何区块链网络上都行不通。这是一种常见的针对新用户的诈骗手段。
• EMV 芯片克隆- 声称可以为特定银行/ BIN启用EMV芯片克隆的方法。过时的骗局，在现代EMV系统中行不通。尽管毫无用处，但盗刷者仍然经常出售。
• WU 转账- 西联汇款诈骗，攻击者声称自己掌握了 WU 系统的漏洞。他们要求预付款，并承诺通过西联汇款汇回更多金额。这种经典的骗局已有数十年历史，从未得逞，但仍常被用来攻击新用户。
• 即将添加更多内容...

nnice

 

[njnjnja]

Sweet

yes