Home Miscellaneous What is Carding? And How to prevent it?

What is Carding? And How to prevent it?



Disclaimer: Remember my intention is just to spread awareness about carding. I am not responsible if any damage you cause after this. This is just for educational purpose only.

Acronyms used:
BIN: Bank Identification Number
CC: Credit Card
CCN: Credit Card Number
CVV/CVV2: Credit Verification Value (Card Security Code)
SSN: Social Security Number
DOB: Date Of Birth
VBV: Verified by Visa
MCSC: MasterCard Secure Code
VPN: Virtual Private Network



What is Carding?

Carding is a term generally used for payment based frauds as well as other related fraud services. For carding, the attackers first gather the victims Personal Informations like Name, Address, Credit Cards, Birthdate, email, and other related information. And Use those Credit Cards to buy kinds of stuff for them while charging the other person. In this article, I will give an overview of it. Remember, carding is extremely outlaw, and may not be tried underneath any circumstances. The reason for writing this article is to spread awareness about carding so that you can stay safe from these frauds.


carding by carder


Carding Method and Necessary tools

Now we will discuss various tools and method the carder uses to perform carding. In this, process the carder tries his best to become the person (whose Card he is using) and uses the victim’s location, browser, cookie, etc or at least fake his information to hide.

Here are the tools a carder generally uses:

  • Computer: Of course for carding, a computer is needed. Because carding in mobile is less secure and risky.
  • SOCKS5: SOCKS5 stands for SOCKet Secure. It is an Internet protocol that exchanges network packets between a client and server through a proxy server so that his real IP gets hidden and the proxy IP get reflected. Here, the Carder uses the exact location (country/city) of the cardholder. So that the transaction seems genuine upon verification.
  • MAC Changer: MAC Changer is a MAC address changing tool. MAC stands for Media Access Control. MAC is responsible for the transmission of data packets to and from the network interface card. It is a unique address of every Network Interface Card (NIC) of a computer. A MAC changer allows you to Spoof the MAC address of NIC instantly. It is required to keep the Carder safe and anonymous.
  • Cleaner:
    It is a kind of tool which helps in clearing your browsing history, cookies, and other temporary files, etc. A Carder uses this to be safe. Because the cookies and other temp files may contain information about you which can get you caught. Alternatively, One can use a newly install browser to avoid this.
  • Virtual Machine: A virtual machine is a Software Program which lets you to separately install another OS over your existing OS. This is generally done to hide the carder’s machine information & make it harder to trace him.
  • RDP (Remote Desktop Protocol): RDP allows one computer to connect to another computer within the network and lets one perform tasks remotely. This protocol was developed by Microsoft. Here, the carder uses it to connect to a remote computer residing in the card holder’s geolocation. It is generally done to bypass transaction verifications. Also, to keep him anonymous and safe. It can be achieved using VPN but VPN doesn’t go through several verifications and has a tendency of tracing back.
  • Credit card (CC):
    The carder collects Credit Card information of the victims in various ways. He uses Phishing sites, RAT’s, Scamming. Credit Cards are even available to buy online. Credit cards are generally in the following format:CC Number |Exp Date| CVV2 code | Name on the Card | Address | City | State | Country | Zipcode | Phone|e.g.:Note: these are randomly taken just for demonstration.4562188209191342 | 11 | 2019 | 612 | MIKE JOHNSON |2556 Bell Street | New York| NY| 10003|Sometimes:  4562188209191342 | 11 | 2019 |


Types of Credit Card:

Carding credit cards

There are different types of credit cards. And each Credit card company starts their credit card number with a unique MII(Major Industry Identifier) number to identify the different types of cards. The next 5 digits, along with the first one, make up the Issuer Identification Number (IIN) or BIN(Bank Identification Number). These are used to identify the banks or organizations issuing the card. The next 9 digits, is used to identify a particular account in the bank/organization. And the last digit is usually a checksum.

MII for different types of cards:

American Express (AMEX Card) – 3
Visa Card – 4
Master Card – 5
Discover (Disco) – 6

Some terms related to CC/ Carding

1. BIN: It stands for as Bank Identification Number (BIN). It is the first 6-digit number of a Credit Card. e.g.: 451504.

2. VBV, NON-VBV, and MSC:
VBV (Verified by Visa) – It is extra level protection is added by Visa to protect the Cards from fraud like OTP verification, SSN, DOB. They use a 3-D secure protocol to verify the transactions and prevent fraudsters.

3. NON-VBV (Not Verified by Visa) – It doesn’t have the extra level of protection. So it’s easy to bypass the process and has a higher success rate.

4. MSC (MasterCard Secure Code) – It is also an extra security measure provided by MasterCard for their cards.

5. CC live/dead:
It means whether the card is live(available for payments/have money) or dead(blocked). For a higher success rate is necessary if the CC is Live/Dead. There are many CC Checkers but most of them kill the card.

6. Drop: It is the address provided by the Carder to ship the item. Shipping to the same country/city to that of the CC has a higher rate of success carding. So a carder tries to ship it to a drop and then ship back to him. It is safe and has a lower chance of getting caught. There are many dropping services who will receive the product and send them to you.

7. Bill=ship/Bill=CC/Ship=your Address :

BILL=SHIP (Billing address = shipping address). Here the Billing address and Shipping address must be the same for success carding. The carder keeps both addresses the same.

Bill=CC address, Ship=drop

Here, while carding, the carder uses credit cardholder address as the billing address, and shipping address will be his address.


How to do Carding?

Now we will discuss the process, how carding is actually done.

1. First get all things ready like email, CC info, socks, and other things we have discussed above ready.

Note: Get/make an email address matching the name with the CC holder. Some of CC’s sellers provide email access. If you don’t have then create one.

2. Connect RDP to the geolocation of CC holder.
If you don’t have any RDP no problem. Follow the next steps. If you have to go to step 6.

3. Change the MAC Address.

4. Run Cleaner app like CCleaner and clean all the temp data, cookies, etc. or use a freshly installed browser.

5. Setup up Socks. Remember to choose matching socks to that of the CC holder’s country/city. It is very much important. Also, check that the socks IP you are using is not blacklisted.

Get socks: www.vip72.com – premium socks have a high success rate.
Check with www.check2ip.com – check if socks IP is blacklisted.

6. Open the shopping website you want to card.

7. Register a fresh account. With the matching email and name, address to that of the CC.

8. Select any item you want.
Note: Price should be not much higher for successful carding. Cause the card must have that much money.

9. Goto to the Checkout page. Enter the Billing and Shipping address and enter the CC info for payment.

Note: Never copy-paste the information. Most of the shopping site implements detector to detect such activity or else you order will fail.

10. If everything goes right you order will be placed successfully and Shipped.

Go get your order. Most carders arrange fake ids for verification. You can get such stuff on the internet. But I am not going through that kind of stuff.


How to stay safe?

1. Never install apps from unauthorized providers. As they may contain keyloggers and RAT which can leak your private data like, CC, Personal Info, etc.

2. Try changing your Credit Cards PIN frequently.

3. Do not make transactional activities from public/unknown systems.

4. Try using virtual Keyboards for entering private data.

5. Do not share your credit card with anyone else.

There are many measures you can take to prevent such kind of frauds. I have shared every possible step I can share in detail in the article. Remember my intent is just to spread awareness about carding. Carding is highly illegal and I warn you not to involve in such activities or else you will be in serious trouble. Be smart and stay safe.


You may also like:



Please enter your comment!
Please enter your name here