How Fraudsters Credit Card Fraud, and how to avoid it happening to you.

mcmentalonthemic

mcmentalonthemic

Iron
Joined
Sep 23, 2023
Posts
40
Reputation
54
READ THIS BEFORE CONTINUING:


THIS GUIDE DOES NOT PROMOTE ANY ILLEGAL ACTIONS. ALL INFORMATION SHARED IN THIS GUIDE IS PUBLICLY AVAILABLE

THIS GUIDE'S INTENT IS EDUCATION AND TO TEACH PEOPLE HOW TO "AVOID IT HAPPENING TO YOU"


--------------------
If you're a fraudster please click off this guide as it could teach you how to buy and use credit cards online, which could result in you stealing $1,000/d with very little consequence.
This is extremely bad, please click off.


Carding definition:
The act of obtaining someone else's credit card information, by either by buying it off online black markets, hacking an online store, or simply looking at someone else's card and writing down the number and exp. date. Once the card info is obtained the person doing the carding will usually have a drop point (an empty house or building) and have the items ordered with the credit card shipped there to make the whole act pretty untraceable.
----------------------------------------------
If you're financially stable, have always paid off Debt and have a good credit score you can get a good credit card with good rates, stats say that 82% of Americans over 20 have a Credit Card in their name. Unfortunately, Fraudsters are constantly trying to steal your credit card information, and you could wake up with thousands of dollars taken.

The issue is, Carding is Quick Easy, Cheap, extremely Low Risk and can be taught to a 12 year old with hyper autism.
This is how They do It.

Disclaimer for Admins:
Disclaimer: I HAVE NEVER DONE THIS. YOU SHOULD NOT DO THIS. CREDIT CARD FRAUD HURTS MILLIONS OF AMERICANS A YEAR.

ALL THE INFORMATION IN THIS "GUIDE" IS COMPLETELY PUBLIC, AND CAN BE LEARNT BY LOOKING AT DEPARTMENT OF JUSTICE PRESS RELEASES AND READING A COUPLE WIKIPEDIA PAGES OR READING SECURITY RESEARCH ARTICLES. NOTHING IN THIS GUIDE GOES AGAINST LOOKSMAX.ORG TOS NOR IS IT ILLEGAL AS I AM NOT PERSUADING ANYONE TO DO IT, I AM JUST DISPLAYING PUBLICLY AVAILABLE INFORMATION.
CREDIT CARD FRAUD IS AGAINST THE LAW A
ND CAN RESULT IN FINES FOR FIRST TIME OFFENDERS, WITH THE AVERAGE JAIL SENTENCE FOR IT BEING 28 MONTHS.
Download/screenshot this guide just incase if you're intererested.
Now that we have gotten that out of the way let's get to the good stuff.

There are multiple types of Cyber Criminals when it comes to carding.

The obtainer of Stolen credit cards, the Reseller of the Stolen CC's and then the Cyber criminal which buys them off the reseller.

We will call these Cyber criminals:
- Obtainer - the one who obtains the cards
- Reseller - The one who buys it off obtainer and sells it on a marketplace
- User - The one who buys the CCs off the marketplace and actually uses it
Many times the obtainer of the stolen credit cards sells it directly to the Cyber criminal but this is not ideal for the obtainer. Here is why:

The obtainer Usually manages to obtain the credit card details by skimming credit cards at his job (Gas station, Hotel, Convenience store [this is why you should always use contactless payment]), putting a skimmer on an ATM machine (if put in a public area like a tourist place, this can get thousands of credit cards in a single weekend, if sold for 5-10 dollars each with $6,2 average, and if 3.2k cards are collected, that is $19,840 for a sub35 dollar gadget. This is why you should always check the atms you put your card in.), or by also hacking an ecommerce site.
If the Obtainer then sells the credit card information directly to the marketplace, if the marketplace get's cracked by police, or law enforcement comissions a crypto tracing firm like Chainalysis to track the bitcoin payments, it could mean the end of the Obtainer's life as a man without a criminal record.
Even though the Obtainer can sell low tier cards for 10 dollars and GREAT cards for 50 dollars on the site, whilst only 5 dollars for low tier cards and 10 dollars for great cards if he sells it to a reseller, this is worth it as

The reseller buys in bulk, so it's gauranteed sales
The obtainer basically uses the reseller as a VPN, whichs lowers the risk he will be caught by law enforcement.

A video showing someone finding a CC Skimmer in an American 7/11



A Very famous CC skimmer video on Youtube with 24M views.
The Fraudster would have gotten thousands of CC's if this guy hadn't caught it, this is a very famous tourist destination in Italy.


This is the Credit Card Marketplace Model

Here is an Image visualizing the Credit Card marketplace model.
1743852179231

This is actually quite high level as this graph seems to depict a credit card fraudster using a botnet to mass use the credit cards. 99% of Fraudsters don't do this and use the cards manually as Carding is a very low knowledge fraud used by petty criminals the same way robbing gas stations is a very low level crime. The difference is, Carding pays much more and barely has any risk, which is why it's so dangerous:eek::eek::eek::eek:



This image shows what the model looks like for MOST fraudsters:
1743852444121



The steps the USER cybercriminal takes to committing Credit Card Fraud.

1. Setting up the laptop/Pc used.

Even though this type of fraud can be done on Mobile, most (99%+) would use in a PC environment. It's like studying, it's much easier to study on PC than Mobile.
The precautions a cyber criminal takes to commit the crime is simple. These precautions serve 2 purposes:
Privacy/Opsec
To bypass outdated security.

Privacy: It isn't ideal to use windows as Windows is a very unprivate operating system with Windows Recall taking a screenshot of your machine every 10 seconds. THIS DOES NOT MEAN THE CRIMINAL CHANGES HIS OPERATING SYSTEM. Instead he would simply insert a bootable USB in his PC which would make his computer run off the USB instead his HDD. THe only other bootable operating system other than windows from USB is BSD which nobody uses :lul: and Linux.
The most used Linux OS for this is Linux Mint as it's just a linux version of windows, very straight forward, the criminal does not have to learn any linux stuff for this.
This is not a common tactic and many Cyber Criminals just go raw with Windows but Security researchers have seen many CC criminals admit to using Linux Mint USBS.
The reason they do not use TailsOS is because TailsOS forces all connections through the TOR Network which is very slow, unideal, and all TOR IPs are public with many Ecommerce sites choosing to block them.

The cybercriminal would then use a VPN, The most used VPN by cybercriminals is Mullvad. This is because it's fast and cheap, and because they don't collect logs. This has been confirmed as they were raided by German law enforcement as the German Police subpeona'd them, in which Mullvad replied "we have no logs" and German police did not believe them, they raided and low and behold, they were telling the truth. Mullvad is the only VPN provider which is confirmed to not store logs on it's users, making it seen as a better tor as the IP's aren't public and it's very fast.

The cybercriminal would use the firefox extension for mullvad as the linux installation is complicated and we are assuming the cyber criminal is a 12 year old with severe autism. He would then allow the extension to be used in private windows, put in his mullvad account number then use it on an incognito window so cookies leakage doesn't happen.


Money used so far: 11 USD (6 USD on USB [lets say 32gb], 5 USD on 1 month mullvad subscription) [this is not counting the money originally spent the laptop obviously]


2. Acquisition of Stolen Card Data
The cyber Fraudster would then go on a credit card marketplace and buy Credit card information. The price would be 10 dollars for a low tier card, 50 dollars for a high tier card with high credit limit.
Let's say the criminal splurges on 2 high tiers and 1 middle-low tier, 2 $50's, 1 $20's = 120
He would buy this in various marketplaces like the RoseRed.cc site (very publicly known marketplace that you could find from scrolling through a security researcher's twitter, Public information.
Money used so far: 131 USD [Credit cards + money used in other step]

3. Card Validation ("Bin Checking" or Testing)
Using Openweb credit card information sites, Using scripts to check their validity, small test transactions. He would also check the BIN(Bank Identification Number) to group cards by bank or country.

4.Exploitation (Purchasing Goods or Services)
Multiple ways he would do this
-Buying resellable goods (phones, gift cards, game codes)
-Booking hotels/flights (for later resale or laundering)
-Subscribing to premium services (Netflix, VPNs, etc.)
-Laundering via digital assets (cryptocurrency, NFTs, etc.)


5.Monetization (Resale and Laundering)​

The criminal would then actually resell the stolen goods on platforms like eBay, Telegram, or local markets

Multiple Phones bought = 4,500 USD in product, sell it on stockx for 3,400 - 131 for money used = 3,269 USD in profit from stockX 1 week after sending the products.

Do this 3 times a week, 3,270*3 = 9810 =
1,401 per week. This is how dangerous this type of fraud is.

HOW TO PROTECT YOURSELF:

1. Watch out for phishing (fake emails, texts, and websites)


  • Don’t click random links that claim your account’s “locked” or “compromised.”
  • Double check the URL of any site before you log in or enter card info.
  • If something feels off, go directly to the company’s website instead of following the link.
  • Your bank or service provider will never ask for your full card number, CVV, or 2FA codes by email or text.



2. Avoid skimmers (devices that steal your card info at ATMs and gas pumps)


  • Before using a card reader, give it a quick tug or wiggle. If it feels loose or bulky, don’t use it.
  • Prefer chip readers or contactless over magstripe.
  • Cover your hand when entering your PIN — hidden cameras are often used with skimmers.
  • Use ATMs in well-lit, secure locations (like inside banks), not random ones in shady areas.



3. Use privacy-focused card services


  • Services like Privacy.com (US-only) or Revolut (in some countries) let you create virtual cards.
  • You can generate single-use cards or lock them to specific merchants — super handy for subscriptions or sketchy sites.
  • If the card details get leaked, you just delete it and make a new one.
  • Some banks also offer this feature in their app — worth checking.



4. General tips


  • Set up instant notifications for card transactions — that way, you know immediately if something weird happens.
  • Use strong passwords and 2FA on any accounts tied to your money.
  • Don’t store your card info on every site — the fewer places that have your data, the better.
  • Check your statements regularly. The sooner you spot something off, the easier it is to dispute.

Conclusion: Carders are bad. Plain and simple. They don’t hack the planet — they steal from regular people, ruin lives, and hide behind keyboards like cowards. Most of them rely on lazy tricks, hoping you’re not paying attention. But if you stay sharp, they don’t stand a chance.

Even if you can make 1,000s per day, it's wrong, even if it's super easy, it's wrong, even if the return on investment is like 1,000%, it's wrong, even if there is legitimately no risk, it's wrong.

Dm me on discord for any questions: @npep12

I know obtainer is not a real word btw idc

Carding is bad don't do it, protect yourself.

No, everything in Cyan is not AI generated and any comments insinuating it is will be ignored.

If this post gets taken down looksmax admins can't read.

PROTECT YOURSELVES AGAINST FRAUD.


Bump this thread.

If it gets enough bumps I may make a guide showing how EVIL people buy stuff from ecommerce sites like Amazon, then falsely refund them, essentially getting the product for free, and how YOU can avoid it happening to YOUR business.

 
Last edited:
  • +1
  • JFL
  • Love it
Reactions: Patient A, itzyaboyJJ, Cleetus Cornfield and 7 others
high iq i will be using ts
 
  • JFL
Reactions: nave123 and yex
If you're a fraudster please click off this guide as it could teach you how to buy and use credit cards online, which could result in you stealing $1,000/d with very little consequence.
This is extremely bad, please click off.
The worst part of Credit Card Fraud is it's all insured by the bank, meaning the individual victims get their money back within a week.

If you are committing CC fraud, you are hurting the big mega corp billionaire banks.:forcedsmile: Please have a heart. :)
 
  • +1
  • JFL
Reactions: nave123 and BonesmashFinalBoss
READ THIS BEFORE CONTINUING:


THIS GUIDE DOES NOT PROMOTE ANY ILLEGAL ACTIONS. ALL INFORMATION SHARED IN THIS GUIDE IS PUBLICLY AVAILABLE

THIS GUIDE'S INTENT IS EDUCATION AND TO TEACH PEOPLE HOW TO "AVOID IT HAPPENING TO YOU"


--------------------
If you're a fraudster please click off this guide as it could teach you how to buy and use credit cards online, which could result in you stealing $1,000/d with very little consequence.
This is extremely bad, please click off.


Carding definition:
The act of obtaining someone else's credit card information, by either by buying it off online black markets, hacking an online store, or simply looking at someone else's card and writing down the number and exp. date. Once the card info is obtained the person doing the carding will usually have a drop point (an empty house or building) and have the items ordered with the credit card shipped there to make the whole act pretty untraceable.
----------------------------------------------
If you're financially stable, have always paid off Debt and have a good credit score you can get a good credit card with good rates, stats say that 82% of Americans over 20 have a Credit Card in their name. Unfortunately, Fraudsters are constantly trying to steal your credit card information, and you could wake up with thousands of dollars taken.

The issue is, Carding is Quick Easy, Cheap, extremely Low Risk and can be taught to a 12 year old with hyper autism.
This is how They do It.

Disclaimer for Admins:
Disclaimer: I HAVE NEVER DONE THIS. YOU SHOULD NOT DO THIS. CREDIT CARD FRAUD HURTS MILLIONS OF AMERICANS A YEAR.

ALL THE INFORMATION IN THIS "GUIDE" IS COMPLETELY PUBLIC, AND CAN BE LEARNT BY LOOKING AT DEPARTMENT OF JUSTICE PRESS RELEASES AND READING A COUPLE WIKIPEDIA PAGES OR READING SECURITY RESEARCH ARTICLES. NOTHING IN THIS GUIDE GOES AGAINST LOOKSMAX.ORG TOS NOR IS IT ILLEGAL AS I AM NOT PERSUADING ANYONE TO DO IT, I AM JUST DISPLAYING PUBLICLY AVAILABLE INFORMATION.
CREDIT CARD FRAUD IS AGAINST THE LAW A
ND CAN RESULT IN FINES FOR FIRST TIME OFFENDERS, WITH THE AVERAGE JAIL SENTENCE FOR IT BEING 28 MONTHS.
Download/screenshot this guide just incase if you're intererested.
Now that we have gotten that out of the way let's get to the good stuff.

There are multiple types of Cyber Criminals when it comes to carding.

The obtainer of Stolen credit cards, the Reseller of the Stolen CC's and then the Cyber criminal which buys them off the reseller.

We will call these Cyber criminals:
- Obtainer - the one who obtains the cards
- Reseller - The one who buys it off obtainer and sells it on a marketplace
- User - The one who buys the CCs off the marketplace and actually uses it
Many times the obtainer of the stolen credit cards sells it directly to the Cyber criminal but this is not ideal for the obtainer. Here is why:

The obtainer Usually manages to obtain the credit card details by skimming credit cards at his job (Gas station, Hotel, Convenience store [this is why you should always use contactless payment]), putting a skimmer on an ATM machine (if put in a public area like a tourist place, this can get thousands of credit cards in a single weekend, if sold for 5-10 dollars each with $6,2 average, and if 3.2k cards are collected, that is $19,840 for a sub35 dollar gadget. This is why you should always check the atms you put your card in.), or by also hacking an ecommerce site.
If the Obtainer then sells the credit card information directly to the marketplace, if the marketplace get's cracked by police, or law enforcement comissions a crypto tracing firm like Chainalysis to track the bitcoin payments, it could mean the end of the Obtainer's life as a man without a criminal record.
Even though the Obtainer can sell low tier cards for 10 dollars and GREAT cards for 50 dollars on the site, whilst only 5 dollars for low tier cards and 10 dollars for great cards if he sells it to a reseller, this is worth it as

The reseller buys in bulk, so it's gauranteed sales
The obtainer basically uses the reseller as a VPN, whichs lowers the risk he will be caught by law enforcement.

A video showing someone finding a CC Skimmer in an American 7/11
View attachment 3620649


A Very famous CC skimmer video on Youtube with 24M views.
The Fraudster would have gotten thousands of CC's if this guy hadn't caught it, this is a very famous tourist destination in Italy.
View attachment 3620651

This is the Credit Card Marketplace Model

Here is an Image visualizing the Credit Card marketplace model.
View attachment 3620616

This is actually quite high level as this graph seems to depict a credit card fraudster using a botnet to mass use the credit cards. 99% of Fraudsters don't do this and use the cards manually as Carding is a very low knowledge fraud used by petty criminals the same way robbing gas stations is a very low level crime. The difference is, Carding pays much more and barely has any risk, which is why it's so dangerous:eek::eek::eek::eek:



This image shows what the model looks like for MOST fraudsters:
View attachment 3620623


The steps the USER cybercriminal takes to committing Credit Card Fraud.

1. Setting up the laptop/Pc used.

Even though this type of fraud can be done on Mobile, most (99%+) would use in a PC environment. It's like studying, it's much easier to study on PC than Mobile.
The precautions a cyber criminal takes to commit the crime is simple. These precautions serve 2 purposes:
Privacy/Opsec
To bypass outdated security.

Privacy: It isn't ideal to use windows as Windows is a very unprivate operating system with Windows Recall taking a screenshot of your machine every 10 seconds. THIS DOES NOT MEAN THE CRIMINAL CHANGES HIS OPERATING SYSTEM. Instead he would simply insert a bootable USB in his PC which would make his computer run off the USB instead his HDD. THe only other bootable operating system other than windows from USB is BSD which nobody uses :lul: and Linux.
The most used Linux OS for this is Linux Mint as it's just a linux version of windows, very straight forward, the criminal does not have to learn any linux stuff for this.
This is not a common tactic and many Cyber Criminals just go raw with Windows but Security researchers have seen many CC criminals admit to using Linux Mint USBS.
The reason they do not use TailsOS is because TailsOS forces all connections through the TOR Network which is very slow, unideal, and all TOR IPs are public with many Ecommerce sites choosing to block them.

The cybercriminal would then use a VPN, The most used VPN by cybercriminals is Mullvad. This is because it's fast and cheap, and because they don't collect logs. This has been confirmed as they were raided by German law enforcement as the German Police subpeona'd them, in which Mullvad replied "we have no logs" and German police did not believe them, they raided and low and behold, they were telling the truth. Mullvad is the only VPN provider which is confirmed to not store logs on it's users, making it seen as a better tor as the IP's aren't public and it's very fast.

The cybercriminal would use the firefox extension for mullvad as the linux installation is complicated and we are assuming the cyber criminal is a 12 year old with severe autism. He would then allow the extension to be used in private windows, put in his mullvad account number then use it on an incognito window so cookies leakage doesn't happen.


Money used so far: 11 USD (6 USD on USB [lets say 32gb], 5 USD on 1 month mullvad subscription) [this is not counting the money originally spent the laptop obviously]


2. Acquisition of Stolen Card Data
The cyber Fraudster would then go on a credit card marketplace and buy Credit card information. The price would be 10 dollars for a low tier card, 50 dollars for a high tier card with high credit limit.
Let's say the criminal splurges on 2 high tiers and 1 middle-low tier, 2 $50's, 1 $20's = 120
He would buy this in various marketplaces like the RoseRed.cc site (very publicly known marketplace that you could find from scrolling through a security researcher's twitter, Public information.
Money used so far: 131 USD [Credit cards + money used in other step]

3. Card Validation ("Bin Checking" or Testing)
Using Openweb credit card information sites, Using scripts to check their validity, small test transactions. He would also check the BIN(Bank Identification Number) to group cards by bank or country.

4.Exploitation (Purchasing Goods or Services)
Multiple ways he would do this
-Buying resellable goods (phones, gift cards, game codes)
-Booking hotels/flights (for later resale or laundering)
-Subscribing to premium services (Netflix, VPNs, etc.)
-Laundering via digital assets (cryptocurrency, NFTs, etc.)


5.Monetization (Resale and Laundering)​

The criminal would then actually resell the stolen goods on platforms like eBay, Telegram, or local markets

Multiple Phones bought = 4,500 USD in product, sell it on stockx for 3,400 - 131 for money used = 3,269 USD in profit from stockX 1 week after sending the products.

Do this 3 times a week, 3,270*3 = 9810 =
1,401 per week. This is how dangerous this type of fraud is.

HOW TO PROTECT YOURSELF:

1. Watch out for phishing (fake emails, texts, and websites)


  • Don’t click random links that claim your account’s “locked” or “compromised.”
  • Double check the URL of any site before you log in or enter card info.
  • If something feels off, go directly to the company’s website instead of following the link.
  • Your bank or service provider will never ask for your full card number, CVV, or 2FA codes by email or text.



2. Avoid skimmers (devices that steal your card info at ATMs and gas pumps)


  • Before using a card reader, give it a quick tug or wiggle. If it feels loose or bulky, don’t use it.
  • Prefer chip readers or contactless over magstripe.
  • Cover your hand when entering your PIN — hidden cameras are often used with skimmers.
  • Use ATMs in well-lit, secure locations (like inside banks), not random ones in shady areas.



3. Use privacy-focused card services


  • Services like Privacy.com (US-only) or Revolut (in some countries) let you create virtual cards.
  • You can generate single-use cards or lock them to specific merchants — super handy for subscriptions or sketchy sites.
  • If the card details get leaked, you just delete it and make a new one.
  • Some banks also offer this feature in their app — worth checking.



4. General tips


  • Set up instant notifications for card transactions — that way, you know immediately if something weird happens.
  • Use strong passwords and 2FA on any accounts tied to your money.
  • Don’t store your card info on every site — the fewer places that have your data, the better.
  • Check your statements regularly. The sooner you spot something off, the easier it is to dispute.

Conclusion: Carders are bad. Plain and simple. They don’t hack the planet — they steal from regular people, ruin lives, and hide behind keyboards like cowards. Most of them rely on lazy tricks, hoping you’re not paying attention. But if you stay sharp, they don’t stand a chance.

Even if you can make 1,000s per day, it's wrong, even if it's super easy, it's wrong, even if the return on investment is like 1,000%, it's wrong, even if there is legitimately no risk, it's wrong.

Dm me on discord for any questions: @npep12

I know obtainer is not a real word btw idc

Carding is bad don't do it, protect yourself.

No, everything in Cyan is not AI generated and any comments insinuating it is will be ignored.

If this post gets taken down looksmax admins can't read.

PROTECT YOURSELVES AGAINST FRAUD.

Bump this thread.

If it gets enough bumps I may make a guide showing how EVIL people buy stuff from ecommerce sites like Amazon, then falsely refund them, essentially getting the product for free, and how YOU can avoid it happening to YOUR business.


water
 
READ THIS BEFORE CONTINUING:


THIS GUIDE DOES NOT PROMOTE ANY ILLEGAL ACTIONS. ALL INFORMATION SHARED IN THIS GUIDE IS PUBLICLY AVAILABLE

THIS GUIDE'S INTENT IS EDUCATION AND TO TEACH PEOPLE HOW TO "AVOID IT HAPPENING TO YOU"


--------------------
If you're a fraudster please click off this guide as it could teach you how to buy and use credit cards online, which could result in you stealing $1,000/d with very little consequence.
This is extremely bad, please click off.


Carding definition:
The act of obtaining someone else's credit card information, by either by buying it off online black markets, hacking an online store, or simply looking at someone else's card and writing down the number and exp. date. Once the card info is obtained the person doing the carding will usually have a drop point (an empty house or building) and have the items ordered with the credit card shipped there to make the whole act pretty untraceable.
----------------------------------------------
If you're financially stable, have always paid off Debt and have a good credit score you can get a good credit card with good rates, stats say that 82% of Americans over 20 have a Credit Card in their name. Unfortunately, Fraudsters are constantly trying to steal your credit card information, and you could wake up with thousands of dollars taken.

The issue is, Carding is Quick Easy, Cheap, extremely Low Risk and can be taught to a 12 year old with hyper autism.
This is how They do It.

Disclaimer for Admins:
Disclaimer: I HAVE NEVER DONE THIS. YOU SHOULD NOT DO THIS. CREDIT CARD FRAUD HURTS MILLIONS OF AMERICANS A YEAR.

ALL THE INFORMATION IN THIS "GUIDE" IS COMPLETELY PUBLIC, AND CAN BE LEARNT BY LOOKING AT DEPARTMENT OF JUSTICE PRESS RELEASES AND READING A COUPLE WIKIPEDIA PAGES OR READING SECURITY RESEARCH ARTICLES. NOTHING IN THIS GUIDE GOES AGAINST LOOKSMAX.ORG TOS NOR IS IT ILLEGAL AS I AM NOT PERSUADING ANYONE TO DO IT, I AM JUST DISPLAYING PUBLICLY AVAILABLE INFORMATION.
CREDIT CARD FRAUD IS AGAINST THE LAW A
ND CAN RESULT IN FINES FOR FIRST TIME OFFENDERS, WITH THE AVERAGE JAIL SENTENCE FOR IT BEING 28 MONTHS.
Download/screenshot this guide just incase if you're intererested.
Now that we have gotten that out of the way let's get to the good stuff.

There are multiple types of Cyber Criminals when it comes to carding.

The obtainer of Stolen credit cards, the Reseller of the Stolen CC's and then the Cyber criminal which buys them off the reseller.

We will call these Cyber criminals:
- Obtainer - the one who obtains the cards
- Reseller - The one who buys it off obtainer and sells it on a marketplace
- User - The one who buys the CCs off the marketplace and actually uses it
Many times the obtainer of the stolen credit cards sells it directly to the Cyber criminal but this is not ideal for the obtainer. Here is why:

The obtainer Usually manages to obtain the credit card details by skimming credit cards at his job (Gas station, Hotel, Convenience store [this is why you should always use contactless payment]), putting a skimmer on an ATM machine (if put in a public area like a tourist place, this can get thousands of credit cards in a single weekend, if sold for 5-10 dollars each with $6,2 average, and if 3.2k cards are collected, that is $19,840 for a sub35 dollar gadget. This is why you should always check the atms you put your card in.), or by also hacking an ecommerce site.
If the Obtainer then sells the credit card information directly to the marketplace, if the marketplace get's cracked by police, or law enforcement comissions a crypto tracing firm like Chainalysis to track the bitcoin payments, it could mean the end of the Obtainer's life as a man without a criminal record.
Even though the Obtainer can sell low tier cards for 10 dollars and GREAT cards for 50 dollars on the site, whilst only 5 dollars for low tier cards and 10 dollars for great cards if he sells it to a reseller, this is worth it as

The reseller buys in bulk, so it's gauranteed sales
The obtainer basically uses the reseller as a VPN, whichs lowers the risk he will be caught by law enforcement.

A video showing someone finding a CC Skimmer in an American 7/11
View attachment 3620649


A Very famous CC skimmer video on Youtube with 24M views.
The Fraudster would have gotten thousands of CC's if this guy hadn't caught it, this is a very famous tourist destination in Italy.
View attachment 3620651

This is the Credit Card Marketplace Model

Here is an Image visualizing the Credit Card marketplace model.
View attachment 3620616

This is actually quite high level as this graph seems to depict a credit card fraudster using a botnet to mass use the credit cards. 99% of Fraudsters don't do this and use the cards manually as Carding is a very low knowledge fraud used by petty criminals the same way robbing gas stations is a very low level crime. The difference is, Carding pays much more and barely has any risk, which is why it's so dangerous:eek::eek::eek::eek:



This image shows what the model looks like for MOST fraudsters:
View attachment 3620623


The steps the USER cybercriminal takes to committing Credit Card Fraud.

1. Setting up the laptop/Pc used.

Even though this type of fraud can be done on Mobile, most (99%+) would use in a PC environment. It's like studying, it's much easier to study on PC than Mobile.
The precautions a cyber criminal takes to commit the crime is simple. These precautions serve 2 purposes:
Privacy/Opsec
To bypass outdated security.

Privacy: It isn't ideal to use windows as Windows is a very unprivate operating system with Windows Recall taking a screenshot of your machine every 10 seconds. THIS DOES NOT MEAN THE CRIMINAL CHANGES HIS OPERATING SYSTEM. Instead he would simply insert a bootable USB in his PC which would make his computer run off the USB instead his HDD. THe only other bootable operating system other than windows from USB is BSD which nobody uses :lul: and Linux.
The most used Linux OS for this is Linux Mint as it's just a linux version of windows, very straight forward, the criminal does not have to learn any linux stuff for this.
This is not a common tactic and many Cyber Criminals just go raw with Windows but Security researchers have seen many CC criminals admit to using Linux Mint USBS.
The reason they do not use TailsOS is because TailsOS forces all connections through the TOR Network which is very slow, unideal, and all TOR IPs are public with many Ecommerce sites choosing to block them.

The cybercriminal would then use a VPN, The most used VPN by cybercriminals is Mullvad. This is because it's fast and cheap, and because they don't collect logs. This has been confirmed as they were raided by German law enforcement as the German Police subpeona'd them, in which Mullvad replied "we have no logs" and German police did not believe them, they raided and low and behold, they were telling the truth. Mullvad is the only VPN provider which is confirmed to not store logs on it's users, making it seen as a better tor as the IP's aren't public and it's very fast.

The cybercriminal would use the firefox extension for mullvad as the linux installation is complicated and we are assuming the cyber criminal is a 12 year old with severe autism. He would then allow the extension to be used in private windows, put in his mullvad account number then use it on an incognito window so cookies leakage doesn't happen.


Money used so far: 11 USD (6 USD on USB [lets say 32gb], 5 USD on 1 month mullvad subscription) [this is not counting the money originally spent the laptop obviously]


2. Acquisition of Stolen Card Data
The cyber Fraudster would then go on a credit card marketplace and buy Credit card information. The price would be 10 dollars for a low tier card, 50 dollars for a high tier card with high credit limit.
Let's say the criminal splurges on 2 high tiers and 1 middle-low tier, 2 $50's, 1 $20's = 120
He would buy this in various marketplaces like the RoseRed.cc site (very publicly known marketplace that you could find from scrolling through a security researcher's twitter, Public information.
Money used so far: 131 USD [Credit cards + money used in other step]

3. Card Validation ("Bin Checking" or Testing)
Using Openweb credit card information sites, Using scripts to check their validity, small test transactions. He would also check the BIN(Bank Identification Number) to group cards by bank or country.

4.Exploitation (Purchasing Goods or Services)
Multiple ways he would do this
-Buying resellable goods (phones, gift cards, game codes)
-Booking hotels/flights (for later resale or laundering)
-Subscribing to premium services (Netflix, VPNs, etc.)
-Laundering via digital assets (cryptocurrency, NFTs, etc.)


5.Monetization (Resale and Laundering)​

The criminal would then actually resell the stolen goods on platforms like eBay, Telegram, or local markets

Multiple Phones bought = 4,500 USD in product, sell it on stockx for 3,400 - 131 for money used = 3,269 USD in profit from stockX 1 week after sending the products.

Do this 3 times a week, 3,270*3 = 9810 =
1,401 per week. This is how dangerous this type of fraud is.

HOW TO PROTECT YOURSELF:

1. Watch out for phishing (fake emails, texts, and websites)


  • Don’t click random links that claim your account’s “locked” or “compromised.”
  • Double check the URL of any site before you log in or enter card info.
  • If something feels off, go directly to the company’s website instead of following the link.
  • Your bank or service provider will never ask for your full card number, CVV, or 2FA codes by email or text.



2. Avoid skimmers (devices that steal your card info at ATMs and gas pumps)


  • Before using a card reader, give it a quick tug or wiggle. If it feels loose or bulky, don’t use it.
  • Prefer chip readers or contactless over magstripe.
  • Cover your hand when entering your PIN — hidden cameras are often used with skimmers.
  • Use ATMs in well-lit, secure locations (like inside banks), not random ones in shady areas.



3. Use privacy-focused card services


  • Services like Privacy.com (US-only) or Revolut (in some countries) let you create virtual cards.
  • You can generate single-use cards or lock them to specific merchants — super handy for subscriptions or sketchy sites.
  • If the card details get leaked, you just delete it and make a new one.
  • Some banks also offer this feature in their app — worth checking.



4. General tips


  • Set up instant notifications for card transactions — that way, you know immediately if something weird happens.
  • Use strong passwords and 2FA on any accounts tied to your money.
  • Don’t store your card info on every site — the fewer places that have your data, the better.
  • Check your statements regularly. The sooner you spot something off, the easier it is to dispute.

Conclusion: Carders are bad. Plain and simple. They don’t hack the planet — they steal from regular people, ruin lives, and hide behind keyboards like cowards. Most of them rely on lazy tricks, hoping you’re not paying attention. But if you stay sharp, they don’t stand a chance.

Even if you can make 1,000s per day, it's wrong, even if it's super easy, it's wrong, even if the return on investment is like 1,000%, it's wrong, even if there is legitimately no risk, it's wrong.

Dm me on discord for any questions: @npep12

I know obtainer is not a real word btw idc

Carding is bad don't do it, protect yourself.

No, everything in Cyan is not AI generated and any comments insinuating it is will be ignored.

If this post gets taken down looksmax admins can't read.

PROTECT YOURSELVES AGAINST FRAUD.

Bump this thread.

If it gets enough bumps I may make a guide showing how EVIL people buy stuff from ecommerce sites like Amazon, then falsely refund them, essentially getting the product for free, and how YOU can avoid it happening to YOUR business.


he clearly said vienna not italy idiot:feelshaha:
 
Why are you giving out sauce just like this? You gotta be a fed or sum cuz tf :lul:
 
  • JFL
Reactions: itzyaboyJJ, LLcel and mcmentalonthemic
nga really think people still card in 2025 :lul: jfl if ur getting ur atr skimmed at an indian owned gas station.
Literally all statistics say Carding fraud is the highest it's ever been in 2025.
Yes, even since the "Golden Age" in 2008.

Estimated 40 Billion dollars will be stolen in 2025 and 45 Billion in 2026 https://merchantcostconsulting.com/lower-credit-card-processing-fees/credit-card-fraud-statistics/

You're just mad I spoke the truth, you ain't getting LL bud, maybe when you're 35+ when you're aged and expired 🤔
 
  • JFL
Reactions: LLcel
Literally all statistics say Carding fraud is the highest it's ever been in 2025.
Yes, even since the "Golden Age" in 2008.

Estimated 40 Billion dollars will be stolen in 2025 and 45 Billion in 2026 https://merchantcostconsulting.com/lower-credit-card-processing-fees/credit-card-fraud-statistics/

You're just mad I spoke the truth, you ain't getting LL bud, maybe when you're 35+ when you're aged and expired 🤔
how do i tell u gang :ogre:. if i dont grow 2 more inches im getting LL in the next 4 years :forcedsmile::forcedsmile: im sorry ur too broke to comprehend that and too dumb that u got ur cc logged not my problem monke man
 
  • JFL
Reactions: mcmentalonthemic
how do i tell u gang :ogre:. if i dont grow 2 more inches im getting LL in the next 4 years :forcedsmile::forcedsmile: im sorry ur too broke to comprehend that and too dumb that u got ur cc logged not my problem monke man
Wow this is really embarrassing for you.. Nigga thinks this is really a how to avoid getting your card stolen guide :lul: I want to see your face when you actually read my post and realise your mistake

Incoming "Ofc I didn't read it it's shit" or a variation

Also just accept you're not going to grow, nigga made his account in 2023 and is still coping. When you left your first Reply I checked ur profile and saw u were on an aromasin for heightmaxxing thread. Just lol. Accept it's over. InshAllah you go disabled by a turkish butcher claiming LL surgeon
 
Last edited:
  • JFL
Reactions: LLcel
Wow this is really embarrassing for you.. Nigga thinks this is really a how to avoid getting your card stolen guide :lul: I want to see your face when you actually read my post and realise your mistake

Incoming "Ofc I didn't read it it's shit" or a variation

Also just accept you're not going to grow, nigga made his account in 2023 and is still coping. When you left your first Reply I checked ur profile and saw u were on an aromasin for heightmaxxing thread. Just lol. Accept it's over. InshAllah you go disabled by a turkish butcher claiming LL surgeon
dnr ur org post obv but atleast this reply made me laugh and +dopamine so i respect u for that. i never took aromasin i ordered it and ended up throwing it away bc of all the sides and my plates were alr closed. funny enough im turkish myself but since im a parentcel i will go to Paley not some kebab maker :lul::lul:. once i heightmog u on top of everything else then it will truly have begun.

edit: i used to card when i was 14-15 shit is useless and a terrible tradeoff. ik how all that type of fraud functions cs i was in the comm myself, its too niche to have an affect on u and if u cant convince ur bank to chargeback thats a non NT problem bucko.
 
dnr ur org post obv but atleast this reply made me laugh and +dopamine so i respect u for that. i never took aromasin i ordered it and ended up throwing it away bc of all the sides and my plates were alr closed. funny enough im turkish myself but since im a parentcel i will go to Paley not some kebab maker :lul::lul:. once i heightmog u on top of everything else then it will truly have begun.

edit: i used to card when i was 14-15 shit is useless and a terrible tradeoff. ik how all that type of fraud functions cs i was in the comm myself, its too niche to have an affect on u and if u cant convince ur bank to chargeback thats a non NT problem bucko.
Mums life you don't have money for paley
Paley is an Israeli anyways he sells his client list to Mossad so Mossad can use it as blackmail if one of his clients turn influential
"Comm" so you were with 13-17 year old virgins in a discord voice chat, wow so experienced, proud of you bud
 
  • JFL
Reactions: LLcel
Mums life you don't have money for paley
Paley is an Israeli anyways he sells his client list to Mossad so Mossad can use it as blackmail if one of his clients turn influential
"Comm" so you were with 13-17 year old virgins in a discord voice chat, wow so experienced, proud of you bud
no buddy i wasnt in a "dc" call idc whether u believe me or not, logs ccs refunds they're all in the same boat in my mind i thought it was just a phase every kid dabbled in when they were tryna "get rich quick". and yes i dont have money but luckily my parents do :Comfy:, as for the paley shit i did read he knew how to speak hebrew and the vril edits instantly started playing in my head but i dont see why the dude would care to blackmail u for something i dont care to admit myself anyway. its not that life changing in my eyes and id rather risk that than crippling myself in india. interesting take tho :feelsgood:
 
no buddy i wasnt in a "dc" call idc whether u believe me or not, logs ccs refunds they're all in the same boat in my mind i thought it was just a phase every kid dabbled in when they were tryna "get rich quick". and yes i dont have money but luckily my parents do :Comfy:, as for the paley shit i did read he knew how to speak hebrew and the vril edits instantly started playing in my head but i dont see why the dude would care to blackmail u for something i dont care to admit myself anyway. its not that life changing in my eyes and id rather risk that than crippling myself in india. interesting take tho :feelsgood:
dnr tbh
 
do u have tele i have looksmaxxing advice
 
READ THIS BEFORE CONTINUING:


THIS GUIDE DOES NOT PROMOTE ANY ILLEGAL ACTIONS. ALL INFORMATION SHARED IN THIS GUIDE IS PUBLICLY AVAILABLE

THIS GUIDE'S INTENT IS EDUCATION AND TO TEACH PEOPLE HOW TO "AVOID IT HAPPENING TO YOU"


--------------------
If you're a fraudster please click off this guide as it could teach you how to buy and use credit cards online, which could result in you stealing $1,000/d with very little consequence.
This is extremely bad, please click off.


Carding definition:
The act of obtaining someone else's credit card information, by either by buying it off online black markets, hacking an online store, or simply looking at someone else's card and writing down the number and exp. date. Once the card info is obtained the person doing the carding will usually have a drop point (an empty house or building) and have the items ordered with the credit card shipped there to make the whole act pretty untraceable.
----------------------------------------------
If you're financially stable, have always paid off Debt and have a good credit score you can get a good credit card with good rates, stats say that 82% of Americans over 20 have a Credit Card in their name. Unfortunately, Fraudsters are constantly trying to steal your credit card information, and you could wake up with thousands of dollars taken.

The issue is, Carding is Quick Easy, Cheap, extremely Low Risk and can be taught to a 12 year old with hyper autism.
This is how They do It.

Disclaimer for Admins:
Disclaimer: I HAVE NEVER DONE THIS. YOU SHOULD NOT DO THIS. CREDIT CARD FRAUD HURTS MILLIONS OF AMERICANS A YEAR.

ALL THE INFORMATION IN THIS "GUIDE" IS COMPLETELY PUBLIC, AND CAN BE LEARNT BY LOOKING AT DEPARTMENT OF JUSTICE PRESS RELEASES AND READING A COUPLE WIKIPEDIA PAGES OR READING SECURITY RESEARCH ARTICLES. NOTHING IN THIS GUIDE GOES AGAINST LOOKSMAX.ORG TOS NOR IS IT ILLEGAL AS I AM NOT PERSUADING ANYONE TO DO IT, I AM JUST DISPLAYING PUBLICLY AVAILABLE INFORMATION.
CREDIT CARD FRAUD IS AGAINST THE LAW A
ND CAN RESULT IN FINES FOR FIRST TIME OFFENDERS, WITH THE AVERAGE JAIL SENTENCE FOR IT BEING 28 MONTHS.
Download/screenshot this guide just incase if you're intererested.
Now that we have gotten that out of the way let's get to the good stuff.

There are multiple types of Cyber Criminals when it comes to carding.

The obtainer of Stolen credit cards, the Reseller of the Stolen CC's and then the Cyber criminal which buys them off the reseller.

We will call these Cyber criminals:
- Obtainer - the one who obtains the cards
- Reseller - The one who buys it off obtainer and sells it on a marketplace
- User - The one who buys the CCs off the marketplace and actually uses it
Many times the obtainer of the stolen credit cards sells it directly to the Cyber criminal but this is not ideal for the obtainer. Here is why:

The obtainer Usually manages to obtain the credit card details by skimming credit cards at his job (Gas station, Hotel, Convenience store [this is why you should always use contactless payment]), putting a skimmer on an ATM machine (if put in a public area like a tourist place, this can get thousands of credit cards in a single weekend, if sold for 5-10 dollars each with $6,2 average, and if 3.2k cards are collected, that is $19,840 for a sub35 dollar gadget. This is why you should always check the atms you put your card in.), or by also hacking an ecommerce site.
If the Obtainer then sells the credit card information directly to the marketplace, if the marketplace get's cracked by police, or law enforcement comissions a crypto tracing firm like Chainalysis to track the bitcoin payments, it could mean the end of the Obtainer's life as a man without a criminal record.
Even though the Obtainer can sell low tier cards for 10 dollars and GREAT cards for 50 dollars on the site, whilst only 5 dollars for low tier cards and 10 dollars for great cards if he sells it to a reseller, this is worth it as

The reseller buys in bulk, so it's gauranteed sales
The obtainer basically uses the reseller as a VPN, whichs lowers the risk he will be caught by law enforcement.

A video showing someone finding a CC Skimmer in an American 7/11
View attachment 3620649


A Very famous CC skimmer video on Youtube with 24M views.
The Fraudster would have gotten thousands of CC's if this guy hadn't caught it, this is a very famous tourist destination in Italy.
View attachment 3620651

This is the Credit Card Marketplace Model

Here is an Image visualizing the Credit Card marketplace model.
View attachment 3620616

This is actually quite high level as this graph seems to depict a credit card fraudster using a botnet to mass use the credit cards. 99% of Fraudsters don't do this and use the cards manually as Carding is a very low knowledge fraud used by petty criminals the same way robbing gas stations is a very low level crime. The difference is, Carding pays much more and barely has any risk, which is why it's so dangerous:eek::eek::eek::eek:



This image shows what the model looks like for MOST fraudsters:
View attachment 3620623


The steps the USER cybercriminal takes to committing Credit Card Fraud.

1. Setting up the laptop/Pc used.

Even though this type of fraud can be done on Mobile, most (99%+) would use in a PC environment. It's like studying, it's much easier to study on PC than Mobile.
The precautions a cyber criminal takes to commit the crime is simple. These precautions serve 2 purposes:
Privacy/Opsec
To bypass outdated security.

Privacy: It isn't ideal to use windows as Windows is a very unprivate operating system with Windows Recall taking a screenshot of your machine every 10 seconds. THIS DOES NOT MEAN THE CRIMINAL CHANGES HIS OPERATING SYSTEM. Instead he would simply insert a bootable USB in his PC which would make his computer run off the USB instead his HDD. THe only other bootable operating system other than windows from USB is BSD which nobody uses :lul: and Linux.
The most used Linux OS for this is Linux Mint as it's just a linux version of windows, very straight forward, the criminal does not have to learn any linux stuff for this.
This is not a common tactic and many Cyber Criminals just go raw with Windows but Security researchers have seen many CC criminals admit to using Linux Mint USBS.
The reason they do not use TailsOS is because TailsOS forces all connections through the TOR Network which is very slow, unideal, and all TOR IPs are public with many Ecommerce sites choosing to block them.

The cybercriminal would then use a VPN, The most used VPN by cybercriminals is Mullvad. This is because it's fast and cheap, and because they don't collect logs. This has been confirmed as they were raided by German law enforcement as the German Police subpeona'd them, in which Mullvad replied "we have no logs" and German police did not believe them, they raided and low and behold, they were telling the truth. Mullvad is the only VPN provider which is confirmed to not store logs on it's users, making it seen as a better tor as the IP's aren't public and it's very fast.

The cybercriminal would use the firefox extension for mullvad as the linux installation is complicated and we are assuming the cyber criminal is a 12 year old with severe autism. He would then allow the extension to be used in private windows, put in his mullvad account number then use it on an incognito window so cookies leakage doesn't happen.


Money used so far: 11 USD (6 USD on USB [lets say 32gb], 5 USD on 1 month mullvad subscription) [this is not counting the money originally spent the laptop obviously]


2. Acquisition of Stolen Card Data
The cyber Fraudster would then go on a credit card marketplace and buy Credit card information. The price would be 10 dollars for a low tier card, 50 dollars for a high tier card with high credit limit.
Let's say the criminal splurges on 2 high tiers and 1 middle-low tier, 2 $50's, 1 $20's = 120
He would buy this in various marketplaces like the RoseRed.cc site (very publicly known marketplace that you could find from scrolling through a security researcher's twitter, Public information.
Money used so far: 131 USD [Credit cards + money used in other step]

3. Card Validation ("Bin Checking" or Testing)
Using Openweb credit card information sites, Using scripts to check their validity, small test transactions. He would also check the BIN(Bank Identification Number) to group cards by bank or country.

4.Exploitation (Purchasing Goods or Services)
Multiple ways he would do this
-Buying resellable goods (phones, gift cards, game codes)
-Booking hotels/flights (for later resale or laundering)
-Subscribing to premium services (Netflix, VPNs, etc.)
-Laundering via digital assets (cryptocurrency, NFTs, etc.)


5.Monetization (Resale and Laundering)​

The criminal would then actually resell the stolen goods on platforms like eBay, Telegram, or local markets

Multiple Phones bought = 4,500 USD in product, sell it on stockx for 3,400 - 131 for money used = 3,269 USD in profit from stockX 1 week after sending the products.

Do this 3 times a week, 3,270*3 = 9810 =
1,401 per week. This is how dangerous this type of fraud is.

HOW TO PROTECT YOURSELF:

1. Watch out for phishing (fake emails, texts, and websites)


  • Don’t click random links that claim your account’s “locked” or “compromised.”
  • Double check the URL of any site before you log in or enter card info.
  • If something feels off, go directly to the company’s website instead of following the link.
  • Your bank or service provider will never ask for your full card number, CVV, or 2FA codes by email or text.



2. Avoid skimmers (devices that steal your card info at ATMs and gas pumps)


  • Before using a card reader, give it a quick tug or wiggle. If it feels loose or bulky, don’t use it.
  • Prefer chip readers or contactless over magstripe.
  • Cover your hand when entering your PIN — hidden cameras are often used with skimmers.
  • Use ATMs in well-lit, secure locations (like inside banks), not random ones in shady areas.



3. Use privacy-focused card services


  • Services like Privacy.com (US-only) or Revolut (in some countries) let you create virtual cards.
  • You can generate single-use cards or lock them to specific merchants — super handy for subscriptions or sketchy sites.
  • If the card details get leaked, you just delete it and make a new one.
  • Some banks also offer this feature in their app — worth checking.



4. General tips


  • Set up instant notifications for card transactions — that way, you know immediately if something weird happens.
  • Use strong passwords and 2FA on any accounts tied to your money.
  • Don’t store your card info on every site — the fewer places that have your data, the better.
  • Check your statements regularly. The sooner you spot something off, the easier it is to dispute.

Conclusion: Carders are bad. Plain and simple. They don’t hack the planet — they steal from regular people, ruin lives, and hide behind keyboards like cowards. Most of them rely on lazy tricks, hoping you’re not paying attention. But if you stay sharp, they don’t stand a chance.

Even if you can make 1,000s per day, it's wrong, even if it's super easy, it's wrong, even if the return on investment is like 1,000%, it's wrong, even if there is legitimately no risk, it's wrong.

Dm me on discord for any questions: @npep12

I know obtainer is not a real word btw idc

Carding is bad don't do it, protect yourself.

No, everything in Cyan is not AI generated and any comments insinuating it is will be ignored.

If this post gets taken down looksmax admins can't read.

PROTECT YOURSELVES AGAINST FRAUD.

Bump this thread.

If it gets enough bumps I may make a guide showing how EVIL people buy stuff from ecommerce sites like Amazon, then falsely refund them, essentially getting the product for free, and how YOU can avoid it happening to YOUR business.


sent u a disc message @griddyforatiddy pls respond jfl
 

Users who are viewing this thread

  • mcmentalonthemic
  • tonka T
  • ChiChi
Back
Top