Spartanzv 2

(3:06:51 PM) Attempting to start a private conversation with
spartanz1@exploit.im...
(3:07:10 PM) spartanz1: Hey, OTR?
(3:07:16 PM) tarzan333@jabberzac.org/jabberzac.org: yep
(3:07:21 PM) Attempting to start a private conversation with
spartanz1@exploit.im/Psi+...
(3:07:26 PM) spartanz1@exploit.im has not been authenticated yet. You should
authenticate this buddy.
[Image] (3:07:26 PM) Unverified conversation with spartanz1@exploit.im/Psi+
started. Your client is not logging this conversation.
(3:08:04 PM) spartanz1: Yeap, now is good. Perfect timing, btw. I mean 2 PM
(3:08:16 PM) tarzan333@jabberzac.org/jabberzac.org: cool
(3:08:20 PM) spartanz1: So before we begin tell me please everything do you
know about carding to understand where to start
(3:08:36 PM) tarzan333@jabberzac.org/jabberzac.org: yeah well so far ive
carded a bit
(3:08:42 PM) tarzan333@jabberzac.org/jabberzac.org: i use open air vpn
(3:08:48 PM) tarzan333@jabberzac.org/jabberzac.org: get my socks from
5socks.net
(3:08:52 PM) tarzan333@jabberzac.org/jabberzac.org: use anti detect
(3:08:58 PM) tarzan333@jabberzac.org/jabberzac.org: i have a fair few bank
accoutns already
(3:09:09 PM) tarzan333@jabberzac.org/jabberzac.org: some european. cambodian.
thai. australian
(3:09:12 PM) tarzan333@jabberzac.org/jabberzac.org: some in my name some not
(3:09:29 PM) tarzan333@jabberzac.org/jabberzac.org: have a few cash out
methods of my own...plus alot of the shit u can buy on the net
[Image] (3:09:56 PM) The privacy status of the current conversation is now:
Private
(3:11:19 PM) spartanz1: Hmm, got it. So you aren't a beginner in the direct
meaning of the word? Let me know if i should begin with basics or to skip
some things you may already know. Anyways, it won't be bad to recap. Btw, all
these bank acc's you opened in person or online?
(3:11:52 PM) tarzan333@jabberzac.org/jabberzac.org: yeah well id rather start
from the beginning. If im well aware of what you are saying ill stop u there
bought it from alphabay. its for every country in europe has its own national
transfer. put in an acc number. a reference number. and it goes there after
two days.
(3:13:57 PM) tarzan333@jabberzac.org/jabberzac.org: and i also have anon card
(3:14:01 PM) tarzan333@jabberzac.org/jabberzac.org: which is to a PL bank
account
(3:15:07 PM) spartanz1: Got it. Btw, i don't recommend to use acc's in your
name for cashout, when we can open bank accs online in US and without using
our identity. About this we will speak later. Anon PL card is good for
cashing out BTC, for most serious things they are blacklisted
(3:16:05 PM) tarzan333@jabberzac.org/jabberzac.org: ah ok good to know. my
last one was blocked. Can u use them at paypal anymore or has that finished
(3:17:25 PM) spartanz1: Okay, so i'll start with basics and will increase the
difficulty gradually. I guess you saw the structure of the lessons in my
listing, so first 2 ones are more related to stuff carding, but contain
things that can be applied to virtual carding too.
3 months ago when i tried, it worked for PP

(3:18:44 PM) tarzan333@jabberzac.org/jabberzac.org: cool. Yes i am very keen
on carding items. not to sure about drops etc in thailand
(3:19:08 PM) spartanz1: Everything can be done online
(3:19:25 PM) tarzan333@jabberzac.org/jabberzac.org: i dont want to be over
confident. but nobody really gives a shit here. i have a empty apartment next
door i always thought about delivering to there
(3:19:44 PM) spartanz1: I mean getting item shipped in US (done online), and
after reshipped to you in thai
(3:19:52 PM) tarzan333@jabberzac.org/jabberzac.org: so whatever u think is a
good option. i take the mail for that neighbor anyway and have his key
(3:20:03 PM) tarzan333@jabberzac.org/jabberzac.org: thats a good idea too
yeah sure
(3:20:23 PM) tarzan333@jabberzac.org/jabberzac.org: i suppose half the fight
is having the right contacts which im sure you have
(3:21:10 PM) spartanz1: Yeap, so i'll begin
(3:23:46 PM) spartanz1: How all this works?
Let s say you opened a credit/debit card and want to buy something on
internet with your card. First, you introduce all card details into secure
page of shop. Most shops can t see those details, because they are encrypted
and if they could see this, it will affect people privacy and safety. After
you introduced info into payment gateway (secure page), transaction must be
authorized by bank. This is done automatically in some seconds, and if
everything is ok, money goes to merchant account. A merchant account is a
type of bank account that allows businesses to accept payments by cards,
typically debit or credit cards.
(3:24:33 PM) spartanz1: From merchant account, shop will get money to it s
bank account. Entire process takes about a few days, depends on merchant
account. So shop doesn t get money right away after you made payment, like
many people use to think
(3:26:07 PM) spartanz1: "chargeback" - term used for debiting a merchant's
bank account with the amount of a transaction that had previously been
credited. Return of money to card holder. Usually occurs when card holder see
some transactions which he hadn t done, contact bank, bank contact shop, and
shop must return money. Chargebacks occurs 95 % everytime, but everything
depends if it occurs before you managed to cashout or after. It can occur a
few days after payment, or three months after.
(3:27:07 PM) spartanz1: Bigger the balance on card, harder for holder to
notice losses. Also, sometimes people can request from banks to be notified
via SMS or E-mail, when their card is credited, or when they reach some
limits on their cards. Plus, some of them are big fans of online bank
statements, and check them daily. All this affect the chargeback speed.
(3:27:33 PM) spartanz1: about Shipping/Billing address:
(3:28:48 PM) spartanz1: Billing adress is the adress which cardholder
indicated on file when he opened his card. Shipping adress is the adress on
which your order will be delivered. All shops which deliver physical items
ask for shipping and billing adress. Even if a lot of shops have the option
to indicate different billing and shipping adress, not many ship on different
billing and shipping. Everything depends on amounts you card.
(3:29:52 PM) spartanz1: Some new shops which don t have good antifraud
system, don t check for billing address, even if they ask for it. This a
vulnerability in their shop and also this can happen because payment
processor page doesn t have connection with shop information. You can see
people calling this bill=ship
(3:30:16 PM) spartanz1: This means that in billing address you put your
shipping address, and everything goes ok
(3:30:41 PM) tarzan333@jabberzac.org/jabberzac.org: nice
(3:30:54 PM) tarzan333@jabberzac.org/jabberzac.org: always have problems with
billing and shipping here
(3:31:33 PM) spartanz1: If you card small amounts like till 200 $, even some
very serious shops may not look at your different bill and ship addresses. I
mean, shops offer you the chance to use different billing and shipping, but
they also have the right to cancel your order anytime if they think that you
are not legit. And orders till 200 $ make us legit
(3:32:22 PM) tarzan333@jabberzac.org/jabberzac.org: yeah i was going for ps4
and iphones
(3:32:36 PM) tarzan333@jabberzac.org/jabberzac.org: greedy noob
(3:33:45 PM) spartanz1: Such shops many times ask on their site all the
holder's card details like name, address, zip, and so on, and after they
redirect you to another site which is the processor's page. There you
introduce only card number, expiration date, and cvv. So there isn't any
connection between these two ones. First one checks the personal details and
address, and second one just the card information. The right way it would be:
Second one checks everything to be able to check AVS. This is the only
special feature i noticed for these shops, besides being new stores. Anyways,
you will need some trial and error for finding them if you will decide to go
this way.
P.S: For PS4 and iphones also exist methods. Usually ATO, about this we will
speak tomorrow
(3:34:31 PM) spartanz1: AVS stands for Address Verification System.
(3:34:35 PM) tarzan333@jabberzac.org/jabberzac.org: yeah got that
(3:34:57 PM) tarzan333@jabberzac.org/jabberzac.org: so let me just verify. If
u put all your details in etc. then you go to a payment process page
(3:35:09 PM) tarzan333@jabberzac.org/jabberzac.org: thats good it means
bill=ship?
(3:35:34 PM) tarzan333@jabberzac.org/jabberzac.org: because the site ive been
trying to card off has that system in place. plus its like 6 months old
(3:38:45 PM) spartanz1: This is the system used to verify the address of a
person claiming to own a credit card. The system will check the billing
address of the credit card provided by the user with the address on file at
the credit card company. AVS verifies only the numeric portions of a
cardholder's billing address. For example, if the address is 101
Carderstreet, Fraudland, CA 92346, in the United States, AVS will check only
101 and 92346 to match.
P.S: I don't know how to explain this well, you need to see to understand
better. But... all personal details you insert on the shop's page. After you
are redirected to bank page (if shop is using bank as their merchant) for
example. Now we have two websites that aren't related to each other. On the
bank page there are three fields. CC number, exp, and cvv. So there are two
different websites, between them isn't any connection. Shop ask for personal
details just to have the address where
(3:39:43 PM) spartanz1: Maybe you saw such listings like Non AVS cards.
This mean that card has no adress on file or it doesn t support that. A lot
of european credit cards are non avs, also south america. For U.S this is
rare
(3:40:08 PM) tarzan333@jabberzac.org/jabberzac.org: yeah all my successful
cardings have been with euro cards
(3:40:44 PM) tarzan333@jabberzac.org/jabberzac.org: ok got all that continue.
ill have a good look for those kind of websites with two different website
one for sending and one for payment processing
(3:40:55 PM) tarzan333@jabberzac.org/jabberzac.org: already learning a ton
cheers
(3:42:06 PM) spartanz1: Non-AVS cards can work good for shops which accept
and process worldwide orders. Again, if you will want to card in this way,
look in the direction of EU shops. Because many of their cards are NON AVS,
shops don't have reasons to check for AVS
(3:43:58 PM) spartanz1: Sometimes, even cardholders may receive false
negatives, or partial declines for AVS from e-commerce verification systems,
which may require manual overrides, voice authorization, or reprogramming of
the AVS entries by the card issuing bank. Why this is happening? Because of
the fact that there are different codes for AVS. For example Street address
matches, but postal code does not match. Or, AVS data is invalid or AVS is
not allowed for this card type, Non-U.S. issuing bank does not support AVS,
and other things. All of this may raise some flags, but it doesn't mean that
they will make a final decision for shops to accept or not your payment.
(3:44:15 PM) spartanz1: Also, another thing with non avs cards:
(3:45:05 PM) spartanz1: For example shop doesn t check if your card is AVS or
not. And you put billing address from US or any other country. Shop can
check bin of your card, and see that this BIN is from Colombia. This means
there can be probability for order to be declined
(3:45:43 PM) spartanz1: NON AVS is a powerful tool if you use them on the
right shops. And sometimes you will need to go by trial and error (i mean
trying it for one time) for finding such shops
(3:46:13 PM) spartanz1: about VBV/MSCS, Safekey- 3D secure:
(3:46:23 PM) tarzan333@jabberzac.org/jabberzac.org: yeah got it...its been
trial and error here for a few weeks now...alot of wasted money. thats why i
thought investing in you was the right move
(3:46:36 PM) tarzan333@jabberzac.org/jabberzac.org: yes my worst nightmare
(3:46:42 PM) tarzan333@jabberzac.org/jabberzac.org: fucken 3d secure
(3:48:21 PM) spartanz1: 3-D secure is an additional security layer for online
credit and debit transactions. It was developed by Visa, and called Verified
by Visa (VBV)
Soon, it was adopted by Mastercard, under the name of Mastercard Secure Code
(MSCS), and later by American Express as Safekey.
(3:49:13 PM) spartanz1: I'll put shops in two groups. Shops/Payment Gateways
that check for 3D secure and shops that don t.
(3:49:48 PM) spartanz1: For a shop that checks for 3d Secure, after you
entered card details into the payment gateway, it redirects you to 3D Secure
page, usually page of bank emitent.
(3:51:07 PM) spartanz1: Because this is an additional security layer, there
you must introduce code set up by holder, or some of his personal
information. Sometimes you can reset the code, by having SSN (Social Security
Number), ZIP, DOB (Date of Birth) or other information of card holder (this
is for USA), sometimes you can t. If a BIN can be reseted and what info is
required everything depends on BIN and on country where card was emited
(3:52:06 PM) spartanz1: Also, resetting the 3d secure can kill the card
sometimes, depends on how sensitive is the BIN and how big is the fraud
percentage for it, and also if holder used a lot of time 3dsecure online,
they have his fingerprints, so you need to match as much as you can him.
(3:52:34 PM) tarzan333@jabberzac.org/jabberzac.org: when u talk about
fingerprints is that useragent:
(3:52:52 PM) tarzan333@jabberzac.org/jabberzac.org: or is there more into
fingerprints. jsut a yes or no. im sure youll cover it when u get to that
(3:53:19 PM) spartanz1: 3d secure is very popular in Europe/ASIA and less
popular in United States . When i'm saying popular i mean:
P.S: Yes, and not only, but about this we will speak in the last session
(3:54:29 PM) spartanz1: 1. A lot of holders have VBV enabled on their cards.
Most BIN s have option to enable VBV
2. A lot of shops accept or require VBV transactions
(3:56:14 PM) spartanz1: Many vendors are selling like hundred of US NON VBV
BINs. This is bullshit, because a lot of BINS from USA are NON-VBV and it's
not so hard to find one, depends on what level do you need. Higher levels
equals with higher chances to be VBV on card. And besides that, in such bases
of hundred NON VBV BIN's, like 60 % of BINs are actually VBV (because they
are high
(3:57:00 PM) spartanz1: But finding a non-vbv BIN from Europe, is hard, and
that's why nobody is selling such info. NON-VBV are also less in Canada,
Australia and UK than in US, but more than in EU
(3:57:56 PM) tarzan333@jabberzac.org/jabberzac.org: ok. is there anyway to
indetify these bins? or is this just trial and method. or again secrets of
the trade?
(3:59:38 PM) spartanz1: If a shop redirects you to Verified by Visa page,
this means that in case of fraud, all the chargebacks will be paid by bank,
because this is their layer of security
If a shop doesn t check for VBV, shop must pay all expenses in case of
chargebacks. That's why sometimes the NON-VBV shops tends to have stronger
security. Because they will need to pay the stolen money in the end
P.S: A little later i'll show a simple method about checking BIN's, but it
doesn't work for all of them. So we can say that anyways a little trial and
error is involved
(4:00:35 PM) spartanz1: BTW, about Amex Safekey, you will see it rare
(4:00:52 PM) tarzan333@jabberzac.org/jabberzac.org: yeah i havent even used
an amex or found one yet
(4:01:15 PM) tarzan333@jabberzac.org/jabberzac.org: what u think better or
worse? some sites dont accept amex
(4:02:04 PM) spartanz1: Depends on website. That's the only one problem with
Amex, many shops don't accept them
(4:02:38 PM) spartanz1: How can we bypass the VBV password and MCSC
Password:
(4:04:02 PM) spartanz1: First method:
First method is very simple. We will pre enroll into the VBV or MSCS. What
this means? This means that BIN supports VBV, but holder just didn't use this
option and didn't enroll. So we will do it for him. After, we will have the
possibility to use the card with the VBV password that was setuped by us.
Also, this method works mainly for US
(4:04:45 PM) spartanz1: Again, i'll put banks in two categories based on the
ways they allow their customers to pre enroll cards.
(4:06:07 PM) spartanz1: 1. Big banks (but not all) like Chase or Citibank
for example allow to do it via Online Banking. How it's done? You go to their
website. Login with online details (not easy to get and rare sold by somebody
on DN), and acces their control panel. There you can do many nice things,
like checking balance, sometimes transfers, changing billing address, and
also VBV enrolling.
(4:07:02 PM) spartanz1: 2. Smaller banks (but not all) use this option via
third parties. This is the method we may want to use and it works for US. The
third parties we will use can be found here:
(4:07:40 PM) spartanz1: www.mycardsecure.com - It works for VISA and
Mastercard
https://verified.visa.com/aam/activation/landingPage.aam- It's not really a

third party, and it works only for VISA
www.mastercard.us/securecode-sign-up.html - For MC
(4:08:06 PM) tarzan333@jabberzac.org/jabberzac.org: nice
(4:08:21 PM) tarzan333@jabberzac.org/jabberzac.org: would u need to set up
socks etc as the card holder before doing all this. i assume so
(4:08:44 PM) spartanz1: Also, you can check the banks processes of enrolling
to VBV by typing in Google something like this: Enroll VBV and "name of the
bank"
P.S: Yes, you are fully right

(4:09:02 PM) tarzan333@jabberzac.org/jabberzac.org: yep got it
(4:10:19 PM) spartanz1: Sometimes, pre-enrolling can occur even when we are
trying to make a payment. What i mean by this? For example you are trying to
use a CC that supports VBV (but isn't enrolled) on a shop that checks for
VBV. The payment gateway will suggest you first to enroll the card and will
redirect to the right place. You will create the password, and after will be
able to use it on the shop.
(4:11:41 PM) spartanz1: When you try to pre-enroll the card online you must
have the same setup like when carding. I mean to change your IP to
cardholder's location and much more things we will discuss in the security
session. Also, you will need to have the DOB and SSN of cardholder, but about
this we also will discuss later.
(4:11:45 PM) spartanz1: Be right back in 2mins
(4:11:56 PM) tarzan333@jabberzac.org/jabberzac.org: sure
(4:17:00 PM) spartanz1: Second method:
(4:17:58 PM) spartanz1: Ok, next method for dealing with VBV. It's simple and
it's about resetting the vbv password. Of course you can do it only by having
the right information in your hands. This is the best method for NON-USA
cards, but works the same for US too. How to get the right information? By
buying Fullz CVV.
(4:18:28 PM) tarzan333@jabberzac.org/jabberzac.org: ok
(4:19:52 PM) spartanz1: But resetting the VBV doesn't require everytime the
same info. It depends on country and BIN. This means that information we get
when buying Fullz CVV may not be enough sometimes. For US usually the
information required is MMN, SSN, and even ZIP (bins resetted by zip are
considered to be the best because it's easy), SIN (SSN in CA) for Canada,
Account number/Sortcode number, MMN in UK, Account and sortcode in Germany.
But everything depends on BIN, this is not an exact info and will never be
exact.
(4:22:27 PM) spartanz1: Third method:
This method may look a little strange to you, but i want to tell that there
are people who are using it because of the fact that they really have the
need in using a 3dsecure card. It is hard because it involves direct speaking
with bank employee, exactly like ATO. There are people who can manage calls
for you in exchange of a little payment, but you never know how good are they
in SE (social
(4:23:02 PM) tarzan333@jabberzac.org/jabberzac.org: i can do that shit so
easy. id just need spoofers etc
(4:23:12 PM) tarzan333@jabberzac.org/jabberzac.org: social enginerring is my
forte
(4:24:35 PM) spartanz1: What we must do? In a few words, we call the bank,
pretend to be the cardholder, and come with a very good legend why we need to
change the VBV. That's why SE skills are essential here.
P.S: I'll speak tomorrow about spoofers, and also if you will need i'll give
contacts of calling services with a perfect english and good SE skills too,
so everyting will be more clear in the end when we will finish
(4:24:49 PM) spartanz1: Like everytime when you want to make some changes on
card, you will be asked a few basic questions like MMN, SSN, ZIP, and so on.
You can have this info by getting fullz. But all this info doesn't matter if
your legend isn't good enough, or if you will deal with an experienced bank
employee who is good at detecting fraud.
(4:27:00 PM) spartanz1: And yeah i forgot to tell the most important thing
about carding VBV, especially in UK. Orders via phone. When you call the shop
and place an order via phone, most of the times VBV won't activate. But you
need to check if a specific shop accepts call orders, not all are doing it.
Usually just the biggest ones. But please don't share this tip, cause i don't
want a lot of people to start abusing it like with other things.
(4:28:17 PM) spartanz1: For a order via phone, you call the shop usually on
the number they provide on their website for phone order, tell to the
employee your card details and he/she inputs them manually in the merchant.
In this way, 3dsecure has a big chance to not be triggered
(4:28:21 PM) spartanz1: Yes, right )
(4:28:51 PM) spartanz1: How can you check if a card is VBV or not:
(4:28:54 PM) tarzan333@jabberzac.org/jabberzac.org: ahk nice
(4:30:09 PM) spartanz1: Actually a direct method or site i don t know and
never heard of a good one (there are a few checkers on market, but most of
them are giving fake results using old bases, same bases like those that are
sold by some vendors as bulk NON VBV Bins, we spoke above about it ), but
there are some indirect methods for doing this.
(4:31:44 PM) spartanz1: 1. You can go to a shop you know that checks for VBV.
If you don t know such a shop, go to google and type verified by visa shop ,
verified by visa clothes , or something
After go to site datafakegenerator.com, generate a fake credit card with bin

you want to check, and try to pay at shop. Even if card is dead it will
redirect to VBV page. This doesn t work for all shops and cards, but for many
i tried, it worked
(4:32:54 PM) spartanz1: 2. You go to this website
https://verified.visa.com/aam/activation/landingPage.aam . If card isnt VBV
it will write that your card doesn't support that. You see, this is the same
site like in the case when we setup the code by ourselves, so for a few big
banks it doesn't work
(4:33:27 PM) spartanz1: Most of the times if a BIN is NON VBV, all the cards
with this BIN will be NON VBV too
(4:36:13 PM) spartanz1: Mostly in European/Asian countries, you can find a
very interesting layer of security, which makes carding process to be very
hard. When you are redirected to Verified by Visa page, you can t use
information like ZIP or SSN to reset the code. They just send a sms code on
holder s mobile phone, which you need to confirm by entering it on VBV page.
This layer of security it s very hard to pass, and it require forwarding of
sms to your number, and a very very few people do it, because it just isn t
profitable and require good technology. Those who do it are doing for bank
transfers, not for VBV. Such cards should be avoided or used on shops which
don t check for VBV. From my experience, most of China, Hong Kong,
Singapore, Thailand, Spain, have sms
(4:37:08 PM) tarzan333@jabberzac.org/jabberzac.org: yeah sure my card has the
same thing
(4:37:21 PM) tarzan333@jabberzac.org/jabberzac.org: australia now has
implemented it too
(4:37:32 PM) tarzan333@jabberzac.org/jabberzac.org: only recently
(4:37:40 PM) spartanz1: Ok, so next ill speak about how to check a card to
see if it's valid or dead. Valid means that card can be used, and dead that
it was disabled by bank at request of holder, or because of suspecting fraud
(4:38:09 PM) spartanz1: Yes, for Australia always was hard to deal with VBV.
There are banks where it can be changed only by phone or physical presence
(4:38:49 PM) tarzan333@jabberzac.org/jabberzac.org: yeah bro aus is way too
hard for fraud. shops dont even accept magnet striped card. has to be chip or
GTFO'
(4:39:04 PM) tarzan333@jabberzac.org/jabberzac.org: anyway continue
(4:40:01 PM) tarzan333@jabberzac.org/jabberzac.org: i havent used any card
checkers etc cos evryone says it kills the card. so im eager to find out how
to really check for this
(4:40:38 PM) spartanz1: First and most important rule. Never check a CC
before you want to use it. Of course, many people are talking that exist
checkers of CC s that don t kill the card. Yes, such checkers exist, but let
me first explain how banks' antifraud system works
(4:41:46 PM) spartanz1: Every transaction gets fraud points from 0 to 999.
This system is used by four of biggest banks in US and other banks are using
similar systems. It's not about the system used, but about things on which
are based these systems. They are similar for almost all of the banks in US,
and even in the world
(4:42:47 PM) spartanz1: Transactions which got more than 300 points, will be
checked manually by a bank employee, who will decide if to contact cardholder
or to allow transaction.
Transactions which got more than 500 points, get autocanceled, card is
blocked, and bank
(4:43:01 PM) spartanz1: What things add fraud points:
(4:43:45 PM) spartanz1: Comparing transaction with payments which cardholder
made in past- This is a very important point. If cardholder is really a big
spender, it means that a big transaction won't be flagged by bank
(4:44:17 PM) spartanz1: The location of your payment- International
transactions are considered risky, especially if cardholder never made an
international transaction in his life.
(4:44:55 PM) tarzan333@jabberzac.org/jabberzac.org: yeah for sure
(4:46:21 PM) spartanz1: The amount- If card has 5000 $ and you want to spend
everything in one transaction without calling bank and asking them to allow
transaction, there are extremely high
(4:46:47 PM) spartanz1: Card used many times in a short amount of time
(4:47:20 PM) spartanz1: Riskfactor used by merchant/shop. How it usually
looks:
(4:49:48 PM) spartanz1: 1. Geo IP location= country of your IP must match the
country of real holder
2. High Risk Country- there are some countries usually associated with fraud.
They look if your IP/billing address/shipping address are from such
countries. Some of those: Russia, Ukraine, Belarus, Macedonia, Columbia,
Egypt, Indonesia, Macedonia, and others.
3. Distance- Distance between IP address and billing address.
4. Bin number match- country of credit card match the country of IP (like i
told about NON-AVS cards. But this is not for all the shops)
5. Carder E-mail- if email which you used is in the fraud database (rare)
6. Open Proxy- if you are making payment from a free public proxy.
7. Spam IP- if your IP is associated with Spam
8. Other things
(4:50:50 PM) spartanz1: For example, if card holder spends 30 bucks in a
local store from his city, this isn t suspicious at all. But a big order for
2000-3000 $ on a laptop s online shop, will get many fraud points, and it has
a big chance to be cancelled if cardholder makes online payments very rare.
(4:52:11 PM) spartanz1: How all this is linked to what I said before about
checking? Very small transaction, followed by a very big transaction, will
get you a big fraud score, because they understand that you are testing the
card. If they see an amount charged in limits of 0.5-10 $ and
(4:54:05 PM) spartanz1: Alright mate, now let me tell you about how checkers
work per general and why it's not a very good idea to check a CC using many
of available on market checkers. A credit card checker is based on merchant.
It's like taking the CC and paying at a shop. The merchant will just hold a
small amount on card (if this amount is present of course the card is Live),
or it will charge it. Checkers which just hold amount are better, but not
perfect at all. Some checkers are using hacked merchant accounts in different
countries, other are using merchants created by themselves, which is better
and not associated with fraud.
(4:55:28 PM) spartanz1: Banks don't really like cards being used in a
different country. For example, card is issued in US, but you use it in South
Africa. This looks suspicious of course, especially if cardholder never made
a single payment to South Africa in his life.. The same thing happens with
checkers too. For many checkers, we don't really know where is located the
merchant. It can be in US, in South Africa, or in Australia, and all these
things add a risk for card to get dead because of us
(4:56:53 PM) spartanz1: There are a lot of factors involved. History of
cardholders spendings, his spending's pattern, and also Bank. There are
sensitive banks, which have strong antifraud measures and can block the card
just by having a little suspicion about fraud. Also, there are banks that
don't care a lot. Amex Company is a good example, and for almost 80 % of Amex
cards even a few checks won't kill the card most of the times
(4:58:04 PM) spartanz1: So, how to check a card if you want to do it? First,
like i said, i strongly don t recommend to check it before payment. But if
you want to do it after payment, there are three choices to use:
(4:59:12 PM) spartanz1: 1. Checkers
Semi-private checkers where you check your cards for a little amount paid.
Some of them charge the card, and some of them just put hold on funds to see
if they are in account. Some of such checkers for which i heard normal
feedback are ug-market.com, Ucheck https://ucheck.cc/register/ , cubi11.com,
for them you must pay.
(5:00:35 PM) spartanz1: 2. Donation sites
Sometimes this is a better method, everything depends on your goal. A good

way to check card through donation sites is to make it with help of
authorize.net merchant. This is a relatively easy merchant to card. You can
google something like donate authorize.net or "donate through
authorize.net" and you will find sites
After you checked your card, and found out that it is valid, give it a little
time to rest. I would say something between a few hours and 1 day. Another
option is also to check the card via sites like Netflix for example
(5:01:57 PM) spartanz1: 3. Third method is a personal method and i didn t see
many people using it. First, you go to wallet.google.com and make account if
you already dont have it. There you choose payment method- credit/debit card,
enter card details, and save them. If you see error that your
(5:02:37 PM) tarzan333@jabberzac.org/jabberzac.org: ah right so it doesnt
actually charge the card
(5:02:47 PM) tarzan333@jabberzac.org/jabberzac.org: it just checks if its
live
(5:02:48 PM) tarzan333@jabberzac.org/jabberzac.org: smart
(5:03:21 PM) spartanz1: So these are the basics and lesson for today mate. If
you have questions, feel free to ask. And also i would like to hear your
feedback, was it new/useful?
(5:04:12 PM) tarzan333@jabberzac.org/jabberzac.org: yeah man definetly. i
knew some things..but as u explained further into them there was always
something new to be learnt. As for the other things well i had no idea about
(5:04:25 PM) tarzan333@jabberzac.org/jabberzac.org: i would have so say i
knew maybe 20% of what u said.
(5:05:11 PM) tarzan333@jabberzac.org/jabberzac.org: and you have awesome
english. i thought from the listing u were afgani and your english was gonna
be a bit basic
(5:05:19 PM) tarzan333@jabberzac.org/jabberzac.org: but im assuming now u
just put that for shits and gigs
(5:06:31 PM) spartanz1: I am happy that you enjoyed it bro. Afghanistan is
just the first country you can select when making a listing on Alpha
(5:06:43 PM) tarzan333@jabberzac.org/jabberzac.org: hahah right on
(5:06:47 PM) tarzan333@jabberzac.org/jabberzac.org: same time tommorow?
(5:07:11 PM) spartanz1: You can't do around 3-4 PM?
(5:07:21 PM) tarzan333@jabberzac.org/jabberzac.org: yeah tommorow i can do
whatever time
(5:07:34 PM) tarzan333@jabberzac.org/jabberzac.org: tonight i had plans
(5:07:42 PM) tarzan333@jabberzac.org/jabberzac.org: ccan do 4 its no provblem
(5:07:55 PM) tarzan333@jabberzac.org/jabberzac.org: so 4 UTC
lesson 2
(4:49:52 PM) Attempting to refresh the private conversation with

spartanz1@exploit.im...
(4:49:54 PM) Successfully refreshed the private conversation with
spartanz1@exploit.im/Psi+.
(4:50:00 PM) tarzan333@jabberzac.org/jabberzac.org: hey mate
(4:50:46 PM) spartanz1: Hey
(4:50:55 PM) spartanz1: It's okay for you to begin in like 20-25 mins?
(4:51:12 PM) tarzan333@jabberzac.org/jabberzac.org: sure man whenever ur
ready
(5:18:47 PM) spartanz1: Okay, so based on difficulty, profitability, and
things required, i like to put carding in three categories.
(5:20:33 PM) spartanz1: First one is easy carding and it's the beginning
point for most carders. Amounts are usually below 100 $, and making a very
big profit isn't easy. But if you want to hustle a little or want to enjoy
that feeling of getting things for free, this category is good. We are
talking here about payments for restaurants, skype credits, pizza stores, and
so on. Usually CVV, Expiration date, and Card Number are enough to card shops
of this category. Sometimes, you can card at such level even without CVV code
(5:21:47 PM) spartanz1: Second category is medium level carding. This level
is a little harder and sometimes requires aditional information. You can card
small electronics, clothes, and other things. Amounts between 100-500 $. Keep
please in mind that these amounts are not something exact, but just average
digits. For example, in some rare cases you may find a shop that is selling
Iphones 6, but you can put it in first category because is very easy to card
it
(5:22:12 PM) spartanz1: For second category we usually need:
(5:22:56 PM) spartanz1: CVV code
Expiration Date
Card number
Billing adress
Name of cardholder
Sometimes, aditional info from background of credit card holder
(5:24:06 PM) spartanz1: And the last one category is hard level carding.This
isn t recommended for full beginners because involves some need of
experience, not only knowledge. It s about carding expensive electronic
items, high end clothes, jewelery and so on. Usually involves ATO (account
take over). About this we will speak later.
(5:24:26 PM) spartanz1: What do we need for the last category:
(5:25:10 PM) spartanz1: CVV
Exp Date
Cardholder Name
Billing addres
Billing number
SSN (Social Security Number)
DOB (Date of Birth) of card holder
Background Report (sometimes)
(5:25:48 PM) spartanz1: Do you know what is a background report mate?
(5:27:11 PM) tarzan333@jabberzac.org/jabberzac.org: yes its used to check
credit rating and get personal information like ssn and MMN etc
(5:27:12 PM) tarzan333@jabberzac.org/jabberzac.org: right
(5:28:12 PM) spartanz1: Background report contains information about
relatives and family members, previous addresses, all phone numbers
associated with a specific person, and much more. In a few words, a lot of
personal information.
(5:29:03 PM) spartanz1: You can find background report on sites like
www.peoplefinder.com, www.intelius.com, www.recordscheck.net by carding them
or there are vendors who provide it on Alphabay
(5:29:37 PM) tarzan333@jabberzac.org/jabberzac.org: ok. is these websites
considered level 1 to card
(5:30:21 PM) spartanz1: Actually, the best for BG reports is lexisnexis.com.
They provide a lot of personal info that no other service is providing, but
you won't be able to card it. They make a lot of verifications and from what
i heard they may require even your physical presence, so this reports aren't
easy to get at all, but will be good for you to know in future. I saw that
some vendors are selling lexisnexis checks, but they don't get them by
request. You just get a random lexisnexis profile. They are very good for
creating bank drops.
P.S: They are level 2

(5:32:25 PM) spartanz1: We won''t speak about how to card first level,
because it's easy and doesn't require big knowledges or lot of experience.
For second level you need to enter right billing adress of holder, shipping
adress and other details, if shop is AVS. Usually we can find more about a
shop by reading their Privacy&Policy, Payment, Shipping rules . If there for
example, it s written that shop look for your number to be the same like
holder s billing number we need ATO or spoofing number. We just can call the
shop by ourselves to ask this, but will the shop call us back? It depends on
order, shop s rules and your activity. Remember that succesful carding means
trying and experience. Don't be afraid of calling, cause if you don't know
english on a good speaking level, ill give you contacts of people who offer
this service in exchange of a fee
(5:34:31 PM) spartanz1: How carding on second level usually looks:
(5:36:53 PM) spartanz1: 1. Finding the right CC
2. Changing your IP to city or at least state of cardholder. IP under city

won't be so easy to find, especially for a small city.
3. Making the right PC system, to look exactly like cardholder (about this we
will talk in security lesson)
-----------------------------------------------------------------------------
-----------------------------------------------------------
BREAK
4. This point sometimes isnt needed, but sometimes is very good to use it if
the shop is checking where the visitors are coming from. You go on google,
search for shop name, and go to it with link from google
5. 5-15 minutes we look at items in shops to be like a normal person (this

also sometimes isnt required, depends only if shop is checking it), and after
chose something till 500 $ (with shipping costs, too)
6. In the Billing field we put all details of holder. Everything
7. In the Shipping field: Name, telephone of holder, address of our drop. But
drop must be in the same state, or better in the same city. The best is under
the same zip code, chances for success are very high. This is hard to do (i
mean getting a drop with the same zip like our cardholder), but we first get
the drop and after get the CC under the ZIP of our drop. Same thing we can do
with state
(5:37:29 PM) spartanz1: All these things seem extremely simple, but they make
a lot of difference, tested fact.
(5:37:49 PM) spartanz1: About what email to use:
(5:37:57 PM) spartanz1: Be right back in 2 mins
(5:40:14 PM) tarzan333@jabberzac.org/jabberzac.org: is there that many drop
services available in the states that we can even get the right state
(5:49:16 PM) spartanz1: There is some work involved, but the easiest is to
get the drop first and after to get the CC
(5:50:35 PM) spartanz1: Some people use always emails with name of cardholder
plus some very famous email provider (yahoo, gmail, hotmail, and so on). For
example Tom.johnson@gmail.com. It's nothing wrong with this, but when you do
it many times, things get suspicious, and a lot of carders do like this
(which is not good, shops already know). And avoid email providers like
yahoo, gmail, hotmail. Gmail is better than hotmail (outlook) and yahoo, but
still not very good if you want to look serious and legit
(5:51:07 PM) spartanz1: The best is to have a personal domain email, but
other choice is to use less popular providers like gmx.com, aol.com
(5:51:39 PM) spartanz1: AOL for example is something between a free email and
a domain email
(5:53:46 PM) spartanz1: And namecheap.com (domain names registrator) began to
accept bitcoin payments, so this it's even easier now to register domain
names and after from control panel to register an email attached to a
specific domain name. Before namecheap introducing bitcoin payments, people
used to card their domain names and there were risk to get it closed anytime.
(5:54:21 PM) spartanz1: Of course, shop may check your domain from the email
and see that it is a blank domain, but it won't happen so frequently.
Actually very rare.
(5:55:46 PM) spartanz1: When you get a big list of emails, you understand
that people with a medium income, medium age and a job, use for everything
related to money, business, a private email. It's not necessary a private
domain, but it can be for example a name@comcast.net. Also, analyzing a lot
of emails i noticed that for yahoo, gmail and so on, people don't use so many
times their names. So again, these are confirmed facts
(5:56:11 PM) spartanz1: Now i'll tell a little about card levels:
(5:57:19 PM) spartanz1: Classic: small balance. These are cards for average
people
Gold: Mid balance.
Platinum: big balances
Business/Signature: Big and very big balances.
Corporate/Infinite/Centurion: Top levels with very high balances, but usually
hard to find.
(5:58:18 PM) spartanz1: There are also other high levels like World
Card/World Card Elite, Premier, Black, Centurion, and others. Card levels
also depends on countries. In USA you will see a lot of Platinum, but in EU a
lot of Premier. Black cards are very popular in South America
(5:58:56 PM) spartanz1: World Card and World Card Elite you will find for
Mastercard, Centurion for Amex, Infinite for VISA and so on.
(6:00:29 PM) spartanz1: Remember, these levels dont indicate something exact
for 100 %. Everything depends on credit score, history of payments, amounts
which are used by cardholder, and other factors, but they give a general
idea. From my experience, i can tell you that debit cards usually have a
stronger protection for online purchases, and they work good on 1-2 level,
not on third level.
(6:00:54 PM) spartanz1: I'll show now two easy methods about how to find
shops with stuff that interest you.
(6:02:34 PM) spartanz1: First one:
For example you already know a shop let's say with sporting clothes
You go to this site. http://webstatsdomain.org
Type website of shop, and below you see similar site with it. You can see
their popularity, social media pages, and from what countries are visitors.
For example, if you will go to facebook page of a shop, and will access their
site from that page, this will also build credibility sometimes, especially
for a small shop. If all visitors of a shop are from USA and UK, it wont be
very good to use a Brazil CC for example
(6:03:32 PM) spartanz1: Second method of finding shops relies on finding them
by payment gateways. Such companies are Paypal, Stripe, Square, Yahoo, for
example and so on. There are easy gateways to card and hard ones
(6:04:04 PM) spartanz1: Easy ones: yahoo, 2checkout, authorize.net, and
others
Hard ones: Paypal, Alipay, Skrill

(6:05:48 PM) spartanz1: To know if a shop is easy to card you can search it
by payment gateway. For example you want a shop on authorize.net gateway. You
go to google and find image of it. After you go to google and there you have
option to find a site by image. You insert image of authorize and get sites
with it . You know, shops usually put gateways images/logo on their sites.
Another method is typing in Google and searching by "Secured by
Authorize.net", or Powered by Authorize.net. If you know a vulnerable
gateway, this method is perfect . In UK many shops use Sagepay gateway. And
for many of them it is bill=ship, but also for many of them it has 3dsecure
activated
(6:06:15 PM) tarzan333@jabberzac.org/jabberzac.org: yeah i have a question
with paypal. I carded 1500 dollars in 3x 495 dollars to my neighbors website.
then we went halves. however i have now found it impossible to card his
store...can paypal make his store harder to card etc based on this
(6:06:38 PM) spartanz1: Ok, next part is ATO aka third level carding
(6:07:12 PM) spartanz1: Paypal is much more harder now, because it was
abused. About why i don't really recommend carding Paypal and Skrill, we will
speak tomorrow
(6:09:21 PM) spartanz1: Third level carding is the most complex form. It's
also the most profitable and hardest one, cause if it was easy, everybody
could just take a CC and card thousands. Most of the times you will need ATO.
ATO (Account take over) is the process when fraudster call the bank, and just
makes changes he wants, without permission of the real holder. The basic keys
in ATO are access to holder s personal information and social engineering.
(6:11:25 PM) spartanz1: On third level we are talking about expensive stuff
like Iphones, high end laptops, gold, and so on. Shops that are selling such
things are taking care a lot about their security and implement good
antifraud measures, because everybody is trying to card them (but i'm not
saying that actually everybody is having success on it).hat's why level two
methods usually don't work on such shops. They don't have the bill=ship
vulnerability, they ship very rare on different billing and shipping address
and so on. But we need somehow to deliver items to our address. Here comes in
play ATO, a very useful tool and process. Third level carding is profitable,
but i suggest to begin with second level of carding and get just some little
experience before moving to this.
(6:12:42 PM) spartanz1: So like i already told, we need to call the bank. But
don't hurry, cause before calling there is preparation stage. We gather
information, make our plan, to be fully prepared. Bank's employees aren't
stupid, and it's not hard to understand that if you make a pause before
answering how old are you, you aren't the real cardholder. Hope you got the
idea here.
(6:13:37 PM) spartanz1: Basic security questions for banks usually are MMN
(Mother Maiden Name), SSN (Social Security Number) and DOB (Date of birth).
We can get them by buying fullz CVV. Also, i'll tell later how to get them in
case you can't buy fullz.
(6:14:34 PM) spartanz1: Besides this, we must have the background report of
cardholder, too. But many times the basic and classical question that banks
will ask you is "What's your MMN". They are sure that this is a very
confidential information, and nobody can get it.
(6:15:35 PM) spartanz1: So i'll put bank questions in two groups
(6:16:52 PM) spartanz1: First type of Questions:
1. All CC info
2. Full Billing address (including ZIP and all the details)
3. DOB, and also calculate how old is card holder (this is very important,
cause many banks like to trap fraudster with this question)
4. SSN
5. MMN
6. Billing number
(6:17:12 PM) spartanz1: Second type of Questions:
(6:19:53 PM) spartanz1: 1. Employer name. Required rare, but try to find it
in facebook or on other social networks like linkedin, in case you can't find
it in background report. But usually, employer name can be found in
background report.
2. Car model. Required rare, but try to find using Google Street View by
indicating holder s address. Or, if you have holder's email address, try to
look for it in Google, maybe he is selling somewhere his car and is using the
email you have for contact. Anywhere, if you can't find it, don't worry, this
is required rare.
3. Previous address- More important than first two points, but also only
sometimes required. (you can use info from background report sites)
4. Background information. You will see why this sometimes may be important.
5. Other personal information. For example, at some banks, some cardholders

may setup security questions. For example "Pet's name", or "First workplace",
"First teacher", and so on.
(6:21:03 PM) spartanz1: Usually when you call the bank, they will begin with
asking questions from the first group cause these are basic security
questions. Usually, they ask three random questions from the first group (MMN
is very frequent). If you fail one question, they will ask another two. If
(6:22:54 PM) spartanz1: Sometimes, you may receive wrong info in fullz or
there may happen things revealing that you are a fraudster (like worrying
voice and so on), and in such cases operator can understand that you are
executing an ATO, and will forward your call to security department. There
you will receive 2 questions from the second group. Usually such questions
aren t linked to holder s bank account. They can be questions from background
report, credit history, and so on. For this i told you above about Second
type of questions . They can be easy ones, hard ones, its random everytime.
If you fail them, they will tell that they can t do nothing and you must come
personally to bank. Also they will call the real holder.
(6:24:08 PM) spartanz1: If you got success, the only thing you must do is
changing the billing number, that s all. Don t do anything more, because bank
can get suspicious. After you changed the billing number, leave this card to
"rest" for about four-five days. By rest i mean, don't touch it, and don't
use it for any payments, just forget about it for four-five days
(6:26:31 PM) spartanz1: In all this time you are waiting for the card to
rest, you can create an account on site you are planning to card, look at
products, put them in shopping cart, remove them, go to check out, go back,
and so on. In this way we are building valuable history with that specific
site and site will already recognize us as it's potential customer, even if
we didn't buy anything yet. Spend a little time on site, because you must
have behavior of a simple buyer, not of a fraudster. Remember, 1000-2000 $
are good money for most of people, and if you just put products in shopping
cart, without looking at prices, you will get fraud points. This isn t
required for all the shops, only for big ones which have a good antifraud
system, but if you will learn to do this everytime you card, you won t lose
nothing. Also, try to gain cookies for that specific site. So, after 4-5 days
passed, we can call the bank again. This time we will add a temporary
shipping address to the file.
(6:27:23 PM) spartanz1: In US, all banks have this option (adding temporary
shipping address), with exception of BOA (Bank of America). This is the
reason because a lot of people don t use BOA cards for third level of
carding. Chase Bank adds very easy another shipping address, but for it is
the hardest to do ATO
(6:28:31 PM) spartanz1: The easiest to do ATO is for Capital One and BOA (
and here i mean FIA card services, too), and harder is for Chase and
Citibank. Fia Card is a credit card issuer company. But it was acquired by
BOA, so we can say that BOA and FIA are the same thing, even if everything is
done separately and they look like two different companies
(6:29:54 PM) spartanz1: After you did ATO, it s carding time. Go to account
in shop, spend some more time on shop, and after make an order. Indicate your
right billing address, billing number (which we already added), and shipping
address (which we already added). Check information you entered to be
everything right, and click on Pay .
(6:31:13 PM) spartanz1: After order is made, you can see two scenarios. You
order will pass through security system and will have the status processing
. This usually means success and that there are money on card and that bank
allowed your transaction. But, depending on shop, your order may be reviewed
manually, including reviewing your system information (about what we will
speak in
(6:31:35 PM) tarzan333@jabberzac.org/jabberzac.org: so your billing address
will still be the cardholders original. but when we have entered the tempory
shipping address we can use a different shipping and billing?
(6:34:27 PM) spartanz1: If you did a big amount order or an amount which is
not characteristic for card holder, it will be declined and you will receive
a message similar with Call please your bank . Call the bank, and system
will redirect you to an antifraud agent. Tell them that you authorize this
transaction and you don t know why it was declined. This is simple if you
have required info, and about required info we spoke above. Usually is enough
information we get from Fullz CC. But call right away after you received
declined, because bank can be faster than you, and call cardholder first.
P.S: Yes, right. And shops will be able to check this new shipping add. But,
also, the same way we can change the billing. The process is the same, but a
little higher chances to fail.
(6:35:57 PM) spartanz1: A good method to solve the problem above with bank
blocking payment is to preauthorize the transaction. You call the bank before
purchase and tell them that you want to make a big purchase of 3000 $ soon
and tell them to authorize it and to not block. Bank is blocking suspicious
purchases to protect customers against fraud. But if customer calls and
authorize it, everything is ok. Like this you can also make international
transactions (other risky transaction type), by informing them about it
before payment.
(6:36:34 PM) spartanz1: As long as you have a fullz supplier for this (ATO
and not only), it is good, but sometimes you can't find fullz for example.
SSN and DOB you can find on next sites:
(6:37:06 PM) spartanz1: http://ssndob.so/
http://ltdcc.cc/?s=ssndob
http://www.robocheck.cc/login
http://logocc.ru/login
(6:38:13 PM) spartanz1: If person is older than 40 years, you will find dob
and ssn in aprox 85 % of cases. Why, because older persons used their
information for different things during their lifetime. I would like to ask
you please to not share the websites above, some of them are really private.
(6:39:04 PM) tarzan333@jabberzac.org/jabberzac.org: with all these sites do u
reccomend paying anon
(6:39:17 PM) tarzan333@jabberzac.org/jabberzac.org: carding
(6:39:22 PM) tarzan333@jabberzac.org/jabberzac.org: or just use ur own funds
(6:40:49 PM) spartanz1: There are a few US states, where finding MMN is
possible, but not guaranteed a 100 % success rate: Arizona, California,
Delaware, Idaho, Indiana, Kentucky, Maine, Maryland, Massachusetts,
Minnesota, Nevada, New Hampshire, New Jersey, Ohio, Rhode Island, South
Dakota, Texas. So what you do? You go on site Archives.com. Card there a
subscription. In a background report you can find mother of cardholder, and
check her name and DOB
P.S: Pay anon with BTC. The sites above you won't be able to card, because
they don't accept CC. Anyways, just a tip for the future, most of the tools
we will get we never pay with our CC
(6:41:33 PM) spartanz1: Affter you search mother of cardholder on
archives.com, there are data about her marriage, and previous name.
(6:42:36 PM) spartanz1: And some more sites for BG reports and not only.
Sometimes, if person is old and maybe left a trace of himself in many
databases (like i already told above), you can find valuable information on
these sites for free. For example, DOB or family members
(6:42:53 PM) spartanz1: https://radaris.com/
http://www.anywho.com/whitepages
http://www.yellowpages.com/
http://www.instantcheckmate.com/
http://www.ussearch.com/
(6:44:30 PM) spartanz1: ATO is very good for gift cards, because they are
always associated with fraud. For example, not very many people buy 1000 $
gift cards, to make a gift for somebody. These are good money. And buying
gift cards for high amounts, you 100 % will receive verification call from
shop. If you see that a shop offers gift cards in range of 100 $-1000 $ don't
be greedy and never card more than 500 $ in value. Because that's what the
average people are doing. 800 $ gift cards for example aren't ordered so
frequent like you may think.
(6:45:08 PM) spartanz1: Also, for gift cards the point which i said about
email address is important. A domain email address is much better.
(6:46:10 PM) spartanz1: If you want to get a gift from a website which
specialize on gift cards, and have amazon itunes and all sort of gifts, they
will call you, but a sport clothing site which offers gift cards wont call
for 200 $. So you must select very carefully websites where you want to card
gift cards. They are very sensitive.
(6:47:37 PM) spartanz1: A trick with phone number, for 200-500 $ amounts:
When you type number, type number of holder, but change last digit. They
will try to call, wont be able to do it, and sometimes will leave an email to
call you them. Then you just make a call with spoofed number and that's all.
Or if they dont send email, you just call them by yourself. Also, you can ask
them via Email what's the problem and so on.
(6:47:59 PM) spartanz1: Btw, for spoofing number there are websites:
(6:49:01 PM) spartanz1: spooftel.com. It's the only one that accepts bitcoin
payments. If you will pay with bitcoins, you will be able to make Toll Free
calls, otherwise no.
Other sites, but you must card them. In such case, it means that they may
cancel your subscription any time (when the chargeback will come)
http://bluffmycall.com/
http://spoofcard.com/
http://www.telespoof.com/
(6:54:12 PM) spartanz1: A drop is a person or address that receives your
physical carded items to be no evidence of you. I'll tell in a few words how
to get them
My most used method is finding drops through social networks (usually

Facebook) or on sites for people who search a job. Seems simple, but my
succes rate is pretty good. For example you need some drops in US or EU
countries, then you must search for immigrants, especially for those from
third world countries. They are people who need money and when you need
money, you are ready to make a lot of "dirty" things. You should not tell to
a drop that his job is to receive carded items. This thing, plus the fact
that he doesn't know you, may stop him from the idea of working with you. And
we don't want to answer to a lot of questions, that's why don't tell him
nothing about carding or fraud. Better tell that you are representing an
international company or need some items from a shop that doesn't ship to
your state (if we want to look that we are from US, which is better) or to
your country.
(6:55:31 PM) spartanz1: Before involving in serious work with your drop, you
must do some testing orders, to see if he can be trusted. This is an
important part, especially when you card on last level, cause you don't want
your drop to run with some high value items for which you investing big
amounts of money and spent lot of time
(6:56:52 PM) spartanz1: We agree on payment methods via which he will receive
his part, and begin work. Drops shoudn't be used for many times. A few
serious deals, and we move to finding next one. Also, the best are women,
cause men use to scam much more. For avoiding scamming (besides by testing
the drop first), you can make an agreement with him. Like a document which
you send him, he prints it, signs, scan, sends to you. This is a very
effective method.
(6:57:31 PM) spartanz1: He is thinking that there exists a legal evidence of
your with him deal, and if you will make a legit profile, he won't have any
reason to doubt these things
(6:58:57 PM) spartanz1: A legit Facebook profile is very important. Don't
approach him with 2 friends and no photos, because you will be rejected
instantly. Work on aging your Facebook profile, add people from your fake
state and city, get fake photos, indicate your workplace, like pages, and so
on. Also when approaching your future drop, a good trick is having a few
common Facebook friends with him. This thing will build trust between you
two.
(6:59:37 PM) spartanz1: All these things may look hard at first, but believe
me that having even 2-3 drops to do everything for you, means having a very
powerful tool in your hands.
(7:00:41 PM) spartanz1: Second method are drop services. These are people who
provide drops for a fee, and getting them usually with first method i wrote,
or using spam, but also as a job offer for them. Sometimes you can find drop
services on darknet, sometimes they are exit scamming, but such services
exist
(7:02:10 PM) spartanz1: Last method works the best if you are not from US.
These are reshipping companies. They give you an address where you receive
your goods and reship to yours. Many of them don't reship on US teritorry
(and this is obvious cause they don't have reasons for doing it), so for this
i'm say that is the best if you aren't from US. Such companies are also all
over the world. For example you want to order something from a German shop. A
company in germany receive the goods on their address and after they reship
them to you in US.
(7:02:41 PM) spartanz1: Make a google search and you will find them, a few
examples are:
(7:03:07 PM) spartanz1: https://www.myus.com/
https://www.shipito.com/
http://www.comgateway.com/
(7:03:48 PM) spartanz1: For high amounts you can also have a chain of 2
drops. Shop sends items to drop 1, drop 1 sends them to drop 2, and drop 2
sends them to you.
(7:04:29 PM) spartanz1: Okay mate, so that's all for this session. Hope you
learned a lot today. Feel free to ask your questions now
(7:08:21 PM) tarzan333@jabberzac.org/jabberzac.org: man you pretty much
covered it all...thankls for the links too especially the mail forwarding
companies theyll be heaps handy in asia
(7:08:44 PM) tarzan333@jabberzac.org/jabberzac.org: also if i card a ebay
gift card or paypal my cash etc
(7:09:13 PM) tarzan333@jabberzac.org/jabberzac.org: can i use it directly to
my address. or do u reccomend still sending it to a reshipping company
(7:09:53 PM) spartanz1: Still sending to a reshipping
(7:10:41 PM) spartanz1: Physical GC's are easier to card than virtual ones,
but instead of carding the physical gift card you can card the item because
it's almost the same
lesson 3
Today we will speak about everything related to Virtual Carding. Virtual

Carding includes payment systems, transfers, carding your own fake website,
bank drops, and other things
[21.09.2015 09:36:35] <spartanz1> The easiest way to cashout at the moment is
via third parties. They are called "third parties" for a reason. They make a
connection between a CC and your drop bank account. For example Stripe, it
helps you to receive payments for your website and sends
[21.09.2015 09:37:25] <spartanz1> I want to begin with what is not very easy
to use at the moment. Many people are asking me if i teach how to card
Skrill, and i'm not teaching it for a reason, it's hard, especially for a
beginner.
[21.09.2015 09:38:49] <spartanz1> Firstly, it's almost impossible (i am
serious about it) to link a good US card to Skrill, and this is because good
BIN's were abused and now are in the blacklist. Second reason is because
banks are blocking most of the times Skrill payments, considering it a high
risk merchant, and it is really a high risk merchant. So, in such cases you
need to call the bank with fullz of course, and preauthorize the transaction.
And even so, 100 % success rate isn't guaranteed, i would say about 80 % and
with the condition that BIN isn't blacklisted
[21.09.2015 09:39:35] <tarzan333@jabberzac.org> yeah i dont like those odds.
not worth it then
[21.09.2015 09:39:50] <spartanz1> Why many people are interested in Skrill?
Money transfers are almost instant. You don't need to wait and have
verifications sometimes like for Paypal, but you receive money in minutes
most of the times. Also, for US, you can create the Skrill account using a
specific identity, and pay with a random credit card.
[21.09.2015 09:41:08] <spartanz1> Even so, all this pain in the ass won't
make these things to be worth, and also won't make them profitable if you are
at the beginning of your carding road. That's why you will see most of the
times people who are willing to cashout Skrill payments, who are willing to
buy good BIN's for Skrill, but you won't see people who are making Skrill
transfers.
[21.09.2015 09:42:27] <spartanz1> Anyways, we can still use Skrill for
something. And this "something" is cashing out. Skrill is a bitch with CC's,
but who said that it is a bitch with bank accounts too? We can attach our
bank account to Skrill, cashout money to Skrill account, and from Skrill
account to make a transfer to another acc. Also, Skrill offers the option to
order a debit Mastercard. The whole process isn't hard, but you must keep in
mind a few rules:
Ok, like you see it's not so hard to create a bank account online. But,
besides creating, banks don't really like when you mantain a zero balance for
a long time. Even a few days or a week it's considered to be a long time in
some cases
[21.09.2015 11:12:55] <spartanz1> So they tend to close accounts really fast
in such cases (here is involved a little luck too). That's why we need to
fund this account as soon as possible. How to do it:
[21.09.2015 11:13:19] <spartanz1> 1. You receive money from a person you know
in US by a direct deposit with cash.
[21.09.2015 11:14:20] <spartanz1> 2. Using different payment systems like
Skrill or Paypal. For example, before creating your bank account, you create
a Paypal account with the same fullz. You age it a little, after create the
bank account, attach it to the Paypal account. Get a small Paypal transfer
from somebody, and after cashout to the bank account
[21.09.2015 11:14:59] <spartanz1> And you won't have many problems with the
third method, because for initial funding we don't need big amounts.
Something in the range of 50-100 $ max will be ok
[21.09.2015 11:16:05] <spartanz1> 3. Attaching the bank account to a BTC
exchanger like Coinbase. You will need to pass some verifications, but won't
be a problem when having fullz, BG, and maybe scanned ID (i mean photoshopped
scanned ID). This is the method i like the most, even if it requires a few
more work
[21.09.2015 11:16:30] <spartanz1> 4. Attach the bank drop to a prepaid
account like amex serve or others and use the deposit funds to bank option.
[21.09.2015 11:17:41] <spartanz1> Keep in mind that you should opt for "no
debit card" and "go paperless" option if you do not have a physical drop for
the debit card. This is so that it will not get sent to the fullz real
address which will get the bank drop burned. When the real fullz owner
complains to the bank about it.. its goodbye bank drop. Without debit card
you won't be able to make wire transfers for a lot of banks and cashout at
ATM, but you will still be able to do ACH
[21.09.2015 11:18:15] <spartanz1> There aren't too many differences between
ACH and wire
[21.09.2015 11:19:05] <tarzan333@jabberzac.org> sorry again with method 4 and
2 are we carding the initial funds to send it to the drop account
[21.09.2015 11:19:58] <spartanz1> ACH - automated clearing house is an
automated way to do online transfers. Usually it takes around 1-3 days but
with technology now, it usually can be done in a few hours. Its just bank
PROTOCOL to put in a few delays in days. ACH is somewhat similar to wire
transfers but these are done automatically. Usually for stuff like bill
payments, automated payments, automated funds crediting, etc.
P.S: Nope, we are moving legit funds. Like when i told about exchanging BTC
for legit PP funds for
[21.09.2015 11:20:21] <tarzan333@jabberzac.org> ah ok sweet
[21.09.2015 11:21:21] <spartanz1> In short:
Wire transfer - you send money to your relative or friend bank to bank, and
usually is a little faster
ACH - you pay your credit card bills via direct debit, all sorts of
electronic transfer is called ACH, payment to a payment processor is done via
ACH. Keep in mind that a person to person transfer can also be done
electronically via ACH without any problem
[21.09.2015 11:22:25] <spartanz1> And also most of the funding methods i
spoke about, are usually used also as cashout methods, too. And also they are
used for creating transaction history. For not having your bank account
closed, i recommend creating transaction history, even if some people
[21.09.2015 11:22:55] <spartanz1> Usually transaction history is done in $40-
$100 transactions or even smaller.
[21.09.2015 11:23:44] <spartanz1> Transaction history can be a $42 withdrawal
then recycle the money (by now you have ideas on how to do this already) to
deposit again $50 or so. So thats an in and out transaction. Do this atleast
around 3 times successfully and you have a solid bank account.
[21.09.2015 11:24:36] <spartanz1> You should put in your numbers so that you
will be the one to be called or just fake numbers. Never place in the numbers
of the CH because try to think what will happen if bank calls them telling
them about their new bank account which they did not create.
[21.09.2015 11:25:10] <spartanz1> Okay, besides the funding/cashing out
options i spoke above about, i want to tell about another cashing out method,
and these are prepaid cards
[21.09.2015 11:25:53] <spartanz1> Prepaid cards also are considered to be
bank accounts. Why? Because most of the times they come with a routing
number and IBAN. We use them mostly for cashout, but they can be used for
funding too
[21.09.2015 11:26:30] <spartanz1> Because they have banking details, we can
initiate an ACH transfer to our prepaid cards, and after cashout at an ATM,
without even having a drop for our original bank account
[21.09.2015 11:27:03] <spartanz1> A few companies that i recommend:
www.payoneer.com, www.serve.com, www.rushcard.com, www.netspend.com
[21.09.2015 11:27:29] <spartanz1> Payoneer is very good if you are from
overseas
[21.09.2015 11:27:49] <tarzan333@jabberzac.org> yeah i just got my girl a
payoneer card was the easiest thing to get sent out
[21.09.2015 11:28:01] <tarzan333@jabberzac.org> just a photocopy of her
passport
[21.09.2015 11:28:55] <spartanz1> It is used by freelancers all over the
world, so if rushcard may not ship to a specific country, payoneer will ship
for sure. But for payoneer you should follow the next rule: Don't receive
payments from different sources. If you receive payments from Account X,
receive them just from Account X, not Account Y.
Okay mate, so here we finish for today. Hope you find it very informative.
Now it's questions time, feel free to ask them
[21.09.2015 11:30:53] <tarzan333@jabberzac.org> just one. you obviously
reccomend getting passport scans
[21.09.2015 11:31:22] <tarzan333@jabberzac.org> even though theyre optional
they seem to be your favorite method
[21.09.2015 11:34:13] <spartanz1> Yeap, many times for most of companies
there are two verification methods. Calls and Scans. Which one you will
receive it's random
[21.09.2015 11:34:32] <spartanz1> Anyways, i didn't really understand if you
asked a question right now
[21.09.2015 11:35:51] <tarzan333@jabberzac.org> ok well do you reccomend
having both scans and using sonotel
[21.09.2015 11:36:17] <tarzan333@jabberzac.org> and does it not matter if the
sonotel is from a differnt number as long as its within the same statre
[21.09.2015 11:42:13] <spartanz1> Do you mean if it's different than victim's
one? Nope, it doesn't matter as long as it is from the same state, and the
best even from the same city area code if you will find
[21.09.2015 11:43:32] <tarzan333@jabberzac.org> ok cool
My method works for these states: Florida, Illinois, Wisconsin, Maryland,

Michigan, Minnesota, New Hampshire, New York, Washington, New Jersey, Nevada.
So you got to this website: http://www.highprogrammer.com/cgi-
bin/uniqueid/dl_mi
Click on "Other Tools" dropdown method and choose state "Calculator" > Now
put your Card Holder First and Last Name day and month of birth, and you will
receive a "test number". For expiration date i always use a future date for
the year and the same day and month as from the date of birth. For most banks
random exp date works
(5:07:58 PM) tarzan333@jabberzac.org/jabberzac.org: well lock it in
(5:08:21 PM) spartanz1: Yeap, 4 PM it's better. See you tomorrow then if you
don't have anymore questions, and good luck
(5:08:42 PM) tarzan333@jabberzac.org/jabberzac.org: thanks. enjoy
lesson 4
(7:00:19 PM) tarzan333@jabberzac.org/jabberzac.org: hey mate

(7:00:20 PM) You sent encrypted data to spartanz1@exploit.im, who wasn't
expecting it.
(7:00:21 PM) Successfully refreshed the private conversation with
spartanz1@exploit.im/Psi+.
(7:00:21 PM) The last message to spartanz1@exploit.im was resent.
(7:04:50 PM) spartanz1: Hey, ready to begin now?
(7:04:53 PM) tarzan333@jabberzac.org/jabberzac.org: just have a question via
yesterdays sessions...read over and over the first 3 tuts...wherever i put an
OR id like your best refferal...ok so my first method of approach is going to
be to buy 5x fulls plus BG probably 2 for each. i will attach a skrill OR
paypal account. After studying the shit out of these reports a couple of days
later i will start to open the bank accounts.
(7:05:15 PM) tarzan333@jabberzac.org/jabberzac.org: after that im going to
use gofundme OR other reccomendation
(7:05:57 PM) tarzan333@jabberzac.org/jabberzac.org: im going to use Netteller
OR payoneer as they ship cards overseas and im going to opt for paperless and
no debit card for my bank accounts due to the cards not being a guartantee
and could close my bank accounts
(7:06:33 PM) tarzan333@jabberzac.org/jabberzac.org: my aim iss going to be
500 dollars for the month of donations or crowdfunding OR too much? obviously
generating traffic etc to these pages off fiver
(7:07:26 PM) tarzan333@jabberzac.org/jabberzac.org: of course with all the
bank accoutns feeding money through accounts. Was also gonna ask can i get
say 100 dollars legit into one account. fund it through the 5 accoutns. then
cash out
(7:07:41 PM) spartanz1: 1000-1500 $ i would say will be okay in one month or
even 2 weeks. Also, you missed an important element, initial deposit for bank
drops. Everything else is good
(7:07:49 PM) tarzan333@jabberzac.org/jabberzac.org: then again put more money
in etc. or do i need to do each account individually
(7:11:27 PM) spartanz1: 100 moved through 5 accounts can be a little risky if
the account is brand new. The best will be 2 accounts.
(7:11:49 PM) tarzan333@jabberzac.org/jabberzac.org: ok sure thanks
(7:11:55 PM) tarzan333@jabberzac.org/jabberzac.org: so skrill or ebay?
(7:12:04 PM) tarzan333@jabberzac.org/jabberzac.org: skrill u said was instant
so i was swaying with that option
(7:13:10 PM) spartanz1: Skrill
(7:14:08 PM) tarzan333@jabberzac.org/jabberzac.org: paybygroup
(7:14:14 PM) tarzan333@jabberzac.org/jabberzac.org: or go fund me
(7:14:17 PM) tarzan333@jabberzac.org/jabberzac.org: or even both?
(7:14:55 PM) tarzan333@jabberzac.org/jabberzac.org: and finally with the
debit cards. Can they be contactd and the cards closed. say if an account is
compromised in gofundme. do they contact the bank. does the bank contact
netteller
(7:14:59 PM) tarzan333@jabberzac.org/jabberzac.org: how far does the chain go
(7:17:25 PM) spartanz1: VPN, Webrtc/DNS leak, VM, useragent string and
fingerprinting, RDP, Genymotion, a little about socks, SSH, other things
(7:17:34 PM) spartanz1: sorry
(7:18:55 PM) spartanz1: Better go for both. In theory yes of course, but if
you will keep amounts around 1-2k per account, they won't be contacted many
times, but still sometimes it will happen
(7:19:19 PM) spartanz1: In theory the chain goes till the end, but for not
big amounts it's not worth it
(7:19:58 PM) tarzan333@jabberzac.org/jabberzac.org: u mean small ammoutns
right. and yeah im just going quantity for this first attempt
(7:20:06 PM) tarzan333@jabberzac.org/jabberzac.org: anway continue man u just
cleared up a bunch
(7:20:10 PM) spartanz1: Yes, i mean small amount
(7:20:14 PM) tarzan333@jabberzac.org/jabberzac.org: thanks
(7:20:15 PM) spartanz1: amounts*
(7:20:55 PM) tarzan333@jabberzac.org/jabberzac.org: when u say keep amounts
1-2 k....u mean sitting in the bank account or the netteller account. going
off your first rule. always cash out straight away right
(7:21:22 PM) tarzan333@jabberzac.org/jabberzac.org: i mean at least in
increments of 500 or so dollars...we never want to leave money sitting in
there....or do u mean just the account having 1-2k already passed
(7:24:29 PM) spartanz1: I mean max cashed out from an account to be 1-2k.
After, getting to a new account, and so on. 1-2k is nothing to a big company,
so they don't put too much effort into searching the whole chain.
(7:24:47 PM) tarzan333@jabberzac.org/jabberzac.org: ok sweet
(7:24:53 PM) tarzan333@jabberzac.org/jabberzac.org: thanks man onto security
(7:24:58 PM) tarzan333@jabberzac.org/jabberzac.org: im fucken pumped to get
this started
(7:25:51 PM) spartanz1: Okay, should i begin with basics or do you know
already some things i can skip? let me know please
(7:26:06 PM) spartanz1: I am okay with beginning with basics, so no problem
(7:26:29 PM) tarzan333@jabberzac.org/jabberzac.org: well typically my way of
security is this
(7:26:49 PM) tarzan333@jabberzac.org/jabberzac.org: first i have a comp just
for carding so i dont use a vpn...second i get my socks from 5 socks.net
(7:27:09 PM) tarzan333@jabberzac.org/jabberzac.org: i of course use mac
adress changers harddrive spoofers. use a vpn and chain it with my socks
(7:27:35 PM) tarzan333@jabberzac.org/jabberzac.org: i have antidetect and it
opens with a portable version of firefox. bought it on the darknet. but dont
really know how to use it
(7:28:14 PM) tarzan333@jabberzac.org/jabberzac.org: first i have a comp just
for carding so i dont use VMware******
(7:28:19 PM) tarzan333@jabberzac.org/jabberzac.org: i use vpn of course
(7:29:11 PM) spartanz1: Hmm, okay, i'll skip just the VPN part. Also, mac
address and hard info spoofers are useless if you don't work with casino or
poker clients, websites can't see this info
(7:29:23 PM) spartanz1: only softs installed in the PC can see it
(7:29:39 PM) tarzan333@jabberzac.org/jabberzac.org: ok thanks nice to know
(7:29:54 PM) tarzan333@jabberzac.org/jabberzac.org: apparently paypal can see
a shitload like ur acc name even
(7:30:06 PM) tarzan333@jabberzac.org/jabberzac.org: also i change time and
date settings keyboard setting etc
(7:30:19 PM) tarzan333@jabberzac.org/jabberzac.org: say i use german card
though. i change my keyboard input to german (english)
(7:30:21 PM) tarzan333@jabberzac.org/jabberzac.org: is that cool
(7:30:32 PM) spartanz1: What do you mean by acc name?
(7:30:42 PM) tarzan333@jabberzac.org/jabberzac.org: like when u log into ur
pc
(7:30:45 PM) tarzan333@jabberzac.org/jabberzac.org: they can see that name
(7:30:53 PM) tarzan333@jabberzac.org/jabberzac.org: username
(7:31:01 PM) tarzan333@jabberzac.org/jabberzac.org: so i read on a paypal tut
(7:31:14 PM) tarzan333@jabberzac.org/jabberzac.org: its a prettty good
security manual though it taught me what i know
(7:33:48 PM) spartanz1: Nope, the default language must be german. But we can
spoof this with Antidetect.
I am not sure about this for Paypal, but hardware info they can't see. Like
Hardware ID and so on. When i heard about this (wrong info), i was changing
like crazy my hardware info, and after i realized that is useless. Anyways,
Paypal was always special, so we don't know what they are preparing for
fraudsters, but i can tell for 100 % that websites can't see hard info
(7:34:12 PM) tarzan333@jabberzac.org/jabberzac.org: ok cool
(7:43:08 PM) spartanz1: I just want to speak about only one thing about VPN,
that i'm not sure if you know. Many people are experiencing a very common
problem. What happens if i'm using a soft (Jabber for example) or i'm loading
a browser page, and my VPN fails and reveals my real IP address? And if there
is a problem, there must be a solution too, especially for such things that
affect our privacy. Nowdays some VPN companies take care about it, by using
the so called "internet kill switch built into the VPN clients. Choosing
this setting in the client s Settings dialogue will prevent all traffic in
and out of the computer in the event of a VPN fail. Unfortunately this is a
feature that we don t see often enough, but is becoming more common. Some
good providers who do include a kill switch in their VPN clients are:
NordVPN and Mullvad
Also, if you will use another provider and it doesn't have this function,
don't worry. We use an utility called VPNetMon. This tool efficiently keeps
an eye on the IPs of your computer. Once the IP of the VPN server is no
longer detected, VPNetMon will shutdown specified programs immediately. The
client works instantaneously that it quickly terminates the old connection
and shows a new IP address without revealing your original IP. It's free and
you can download it here: http://vpnetmon.webs.com/
(7:44:48 PM) spartanz1: Sometimes even if you use VPN or other protection
method, your IP can be leaked, and i'll show how you can prevent it. Your IP
can leak via WebRTC or via DNS.
(7:45:37 PM) tarzan333@jabberzac.org/jabberzac.org: i use open vpn. is this
called network lock by any chance
(7:45:54 PM) tarzan333@jabberzac.org/jabberzac.org: or do u think fuck it and
just ge the software. better to be safe than sorry
(7:46:30 PM) tarzan333@jabberzac.org/jabberzac.org: just answered my own
question. continure
(7:48:21 PM) spartanz1: Let's begin with WebRTC. You can check on whoer.net
right now if you are IP is leaked by Webrtc. The solution for this is simple.
I suggest you to use Mozilla Firefox for
(7:49:32 PM) spartanz1: To disable WebRTC in Mozilla, type about:config in
the address bar. Find "media.peerconnection.enabled" field, double click on
it to set to false. For Google Chrome you can't disable WebRTC in browser,
but can block it using special plugins. The problem is that we never know if
such plugins really block WebRTC
(7:49:37 PM) tarzan333@jabberzac.org/jabberzac.org: uh dude
(7:49:42 PM) tarzan333@jabberzac.org/jabberzac.org: i have this when i went
on that website
(7:50:02 PM) tarzan333@jabberzac.org/jabberzac.org: Yes (Illegal 3rd
party exploits, including proxies, worms and trojan) (IP ranges which should
not be delivering unauthenticated SMTP)
(7:50:11 PM) spartanz1: This is not a problem
(7:50:34 PM) spartanz1: Just IP being dirty, high chances that it was abused
by spammers
(7:50:42 PM) spartanz1: (IP ranges which should not be delivering
unauthenticated SMTP)
(7:51:18 PM) tarzan333@jabberzac.org/jabberzac.org: if that was ur real ip
though that would be bad right?
(7:51:41 PM) tarzan333@jabberzac.org/jabberzac.org: what does it mean to be
blacklisted
(7:51:59 PM) spartanz1: About blacklisting we will speak later.
(7:52:48 PM) spartanz1: For DNS leakage check this link please:
https://developers.google.com/speed/public-dns/docs/using
(7:53:28 PM) spartanz1: There you will see how to change the DNS for
different Operation Systems, and will also see the Google Public Ip addresses
you can use.
(7:54:17 PM) spartanz1: This is only for DNS when using VPN, for socks we
need to do other thing, because we don't need country mismatch for DNS and IP
for socks
(7:54:55 PM) tarzan333@jabberzac.org/jabberzac.org: ok yeah i know how to
change dns
(7:55:09 PM) tarzan333@jabberzac.org/jabberzac.org: do u want me to use
googles ones or not?
(7:55:29 PM) tarzan333@jabberzac.org/jabberzac.org: my vpn changes with my
vpn
(7:55:37 PM) tarzan333@jabberzac.org/jabberzac.org: i mean my dns changes
with my vpn
(7:55:40 PM) tarzan333@jabberzac.org/jabberzac.org: to the country of the ip
(7:55:44 PM) tarzan333@jabberzac.org/jabberzac.org: ive checked all countries
(7:57:50 PM) spartanz1: Ok, so VPN is our first barrier of protection. Next
you will need a VM or RDP, so we use only one of them. About RDP we will
speak later. VM is a Virtual Machine, a workstation where you can install
other OS. For example if you have a Windows VM, it will be like a Windows
inside another Windows (your main OS). VM will be like an OS just for
carding. There are two famous softs for virtualization, Virtualbox and Vmware
Workstation. Vmware changed their policy, and now they aren't free, but you
can use everytime their free trial or download it from a torrents website.
But i suggest using Virtualbox (https://www.virtualbox.org/wiki/Downloads)
Even if you have a non-personal PC i suggest using VM, but of course not
required
P.S: If your VPN changes your DNS, that's good. It doesn't happen everytime
(7:58:48 PM) tarzan333@jabberzac.org/jabberzac.org: ok but anyhow i dont have
every country for DNS. say i have a dns for a country not as an option
(7:58:55 PM) tarzan333@jabberzac.org/jabberzac.org: how can i get that
countries dns
(7:59:20 PM) tarzan333@jabberzac.org/jabberzac.org: by using googles public
one?
(8:01:01 PM) spartanz1: What do you need to know about using a VM? First, for
VM you will need an OS (Operating System) to make it running. I suggest you
Windows 7 or Windows XP. You will ask, what the hell? Windows XP in 2015?
I'll explain you next the only reason why i put it on our carding tools list.
Let's forget now about it and concentrate on two things, User Agent String
and Browser Fingerprinting.
P.S: When hiding your IP, you don't need countries to match, just to hide
your real country. We need countries to match when carding, using socks/ssh,
and i'll speak about it later.
(8:02:46 PM) spartanz1: An User Agent String is a very interesting browser
feature, and by it websites can know some information about us. Usually it
comes in this format: Mozilla/5.0
(8:04:13 PM) spartanz1: You can see that it tells information about our OS
(Windows NT 6.1 is Windows 7), about our Browser (Firefox), about our Browser
version (29.0), about the date the browser was built (2010.01.01), and if we
are using x32 or x64 bit Windows Version (x64).
You can check your useragent here:
http://whatsmyuseragent.com/
(8:05:36 PM) spartanz1: Browser Fingerprinting is based on information
collected about a browser for the purpose of identification. In past
websites/shops used to track their customers only by cookies, but
fingerprints can be used to fully or partially identify individual users or
devices even when cookies are turned off. More and more companies are using
fingerprinting techniques because of the fact that such fingerprints have
proven useful in the detection and prevention of online identity theft and
credit card fraud.
(8:07:39 PM) spartanz1: Let me explain how carding worked in past. You could
take a CC, card a specific site, change your IP and clean cookies, and in 2
minutes to card the same site using another CC. Now websites began to save
and compare browser fingerprinting logs. For example, if you will card the
site X for the first time, you will be unique and you may have success. But
now the site X have your browser fingerprints stored. If you will try to card
the site X after 5 mins with the same fingerprints, you have chances to fail,
because you aren't unique anymore. Not all the sites use this technology and
not all will reject your payments with the same fingerprints, but the chances
to fail are high anyway.
(8:08:43 PM) spartanz1: What they can see by browser fingerprinting: OS,
resolution, window size, time and time zone, date, plugins installed,
language, version of your plugins, version of your Flash, and other things.
You can check it on websites like: http://whoer.net/extended
(8:09:03 PM) spartanz1: How to solve these problems:
(8:09:27 PM) spartanz1: There are two softs created special for appearing
unique. Antidetect and Fraudfox.
(8:10:22 PM) tarzan333@jabberzac.org/jabberzac.org: yeah i have antidetect 5
v2
(8:10:34 PM) tarzan333@jabberzac.org/jabberzac.org: also makes alot of fucken
sense. i carded paypal 3 times after that its never worked
(8:10:46 PM) tarzan333@jabberzac.org/jabberzac.org: and burnt god knows how
many cards'
(8:13:32 PM) spartanz1: Both of them can spoof browser fingerprints and also
they can spoof other things like Canvas HTML 5
Remember when i said about Windows XP? The only reason why i suggest it is
because of these softs. In order to make modifications on your browser, these
softs need administrator permission. Windows 7 has sometimes problems with
administrator rights because of it's settings. Most of the people are having
success using AD on Windows 7, but a few can't spoof their fingerprints on
this OS. And Fraudfox is also a WIn XP modified VM
P.S: Anyways, at the end i'll send AD, don't know if it's the version you
have, but it comes with my anticanvas plugin and a small guide.
(8:14:04 PM) tarzan333@jabberzac.org/jabberzac.org: ok yyeah definetly rather
take urs
(8:14:38 PM) spartanz1: Now let me tell you please about one more thing
created to identify you. It's called Canvas and it's an HTML element.
(8:16:49 PM) spartanz1: The technique for creating the canvas fingerprint is
to give the browser a somewhat complex image to render, capture the actual
pixel values produced, which is then hashed down to make the actual
fingerprint. When a user visits a website with canvas fingerprinting, their
browser is instructed to "draw" a hidden line of text or 3D graphic that is
then converted to a digital token. Canvas is based on Javascript and to make
for you easier to understand, it is a system that will make an unique
"drawing" that will identify you. And maybe you changed your IP, useragent,
and so on, but when you will enter the same site next time, they will see
this "drawing". It's estimated that only about 10-15 % of websites are
utilizing the canvas fingerprinting process to identify visitors. You may
think that it's not a lot, but their number are growing everyday.
(8:17:18 PM) spartanz1: More about canvas fingerprinting you can read here:
http://www.w3schools.com/html/html5_canvas.asp
(8:18:21 PM) spartanz1: Both Antidetect and Fraudfox soft have the ability to
spoof the canvas. Also you can block it, but blocking it for sites that check
it, means fail for your payment. An average user isn't blocking his canvas,
why he would do it, right? High secured websites think the same way.
Anyway, for blocking it you have the free Firefox plugin here:
https://addons.mozilla.org/en-us/firefox/addon/canvasblocker/
(8:19:54 PM) spartanz1: Now let me tell you about a new way of carding that
started to be used and it brings pretty good success rate. It's about carding
using mobile phones. Interesting? Of course it is, and the best part about it
is that we won't even use a mobile phone, lol. We are fraudsters and our job
is to fake everything and to appear as legit people
(8:20:08 PM) tarzan333@jabberzac.org/jabberzac.org: so we wouldnt want to
block it then cos its an automatic faikl
(8:20:10 PM) tarzan333@jabberzac.org/jabberzac.org: ?
(8:20:44 PM) tarzan333@jabberzac.org/jabberzac.org: do we spoof it or block
it im confused? ive already been canvased on paypal for sure..i spoof it
yeah? cos if they detect a blocker they will deny payments
(8:21:42 PM) spartanz1: If the website checks, it's like 70 % fail, if they
don't call to verify you or you don't call them to make your payment look
legit. But, we spoof it, blocking is just a budget choice and just to know if
maybe something will change in future and you will need
(8:25:03 PM) spartanz1: We can card using our PC, but to appear like we are
using a mobile phone. I'll show now how this is possible. The whole magic is
created by a very nice soft, called Genymotion. It can be found on
www.genymotion.com
Genymotion is an Android emulator and it comes with 20 preconfigured devices,

and also you can create and customize your own devices. You can make devices
with Android versions beginning with 2.3 and finishing with 5.1. and you will
have all the functions of an real Android phone, beginning with Camera and
finishing with Battery. Also, you will be able to spoof your GPS too with
(8:27:05 PM) spartanz1: You can see on their site that there is Free version
and Business version. You can begin with Free version to test it and to
understand how it works, but for fullest effectivity you will need the
Business version, because it has much more functions than the Free one. For
example, Hardware ID spoofer or even IMEI spoofer, so in most of the cases
the free version will
(8:27:30 PM) tarzan333@jabberzac.org/jabberzac.org: easy. im assuming its a
level 1 card anyway
(8:29:24 PM) spartanz1: Why Genymotion is such a good soft? First, shops use
to give more credibility to payments made from mobile devices. For example,
many shops know about Socks, RDP, and so on, but not many can understand how
the fuck can you spoof or emulate and Android device
(8:32:27 PM) spartanz1: Second reason is that many big companies have their
own apps you can find on the Google Market. Like Paypal for example
All these things are great for carding and it's above of what the "average"
carder is using
(8:32:50 PM) tarzan333@jabberzac.org/jabberzac.org: nice to know man
(8:33:01 PM) spartanz1: Ok, let's speak now about RDP
(8:33:28 PM) spartanz1: In simple words, you are using RDP to connect to
another PC, like when you are using Teamviewer.
(8:34:42 PM) spartanz1: Why some fraudsters are using RDP as their carding
tool? Because it is easy. When you are carding using a VM, you need to spoof
your fingerprints, you need to be sure that you are unique everytime, etc.
But let's say that you already have prepared an unique PC and you just need
to connect to it, and to use it like a PC for carding. Here RDP helps us. You
won't only get a
(8:35:50 PM) spartanz1: How to get an RDP? The best way to go now is to buy
one. But i'll explain
(8:37:12 PM) tarzan333@jabberzac.org/jabberzac.org: ok well my comp is a
piece of shit. i have vmware with xp on it but it wouldnt even run somestuff
like vpn. i know i can run it externally etc. once i get a bit more of an
income from this or can order a laptop using reshipping etc i want a new
notebook just for carding. so i can run vmware etc. ive got like 2gb ram and
a shitty intel b960 processor
(8:39:37 PM) spartanz1: Well, i guess 2 gb ram can lead to VM working slowly,
so you may not use a VM
(8:39:47 PM) tarzan333@jabberzac.org/jabberzac.org: yeah i dont its a pain in
the ass
(8:40:22 PM) tarzan333@jabberzac.org/jabberzac.org: is it still ok to just
use my pc for the time being and using the previous security measueres u
mentioned before
(8:40:58 PM) tarzan333@jabberzac.org/jabberzac.org: also using genymotion.
connecting it via socks5 and vpn etc. does it still use fingerprints. or does
that act as a vmware sort of
(8:41:51 PM) tarzan333@jabberzac.org/jabberzac.org: also would we use
antidetect with genymotion. i have a useragent of a cc that is of an iphone.
i can see with antidetect u can change it to put apple etc. would it be
better using antidetect or using geny in this situation
(8:45:48 PM) spartanz1: Genymotion is just for Android
(8:46:06 PM) spartanz1: Iphone emulators are bad quality, so i dont recommend
using them
(8:46:21 PM) spartanz1: And we don't just emulate here, but we are using an
app
(8:46:26 PM) spartanz1: Like on a smartphone
(8:46:46 PM) spartanz1: this thing is impossible with Fraudfox and Antidetect
(8:47:44 PM) tarzan333@jabberzac.org/jabberzac.org: ok yeah i understand
(8:48:09 PM) tarzan333@jabberzac.org/jabberzac.org: i will most likely use
paypal to card my neihbors website its my quickest method of cashout atm so i
can source funds.
(8:48:18 PM) tarzan333@jabberzac.org/jabberzac.org: but the card i have came
with a useragent
(8:48:33 PM) tarzan333@jabberzac.org/jabberzac.org: uses safari and has
appple os etc
(8:49:45 PM) tarzan333@jabberzac.org/jabberzac.org: its been taken off an
iphone. so when using this to card paypal. do u reccomend using genymotion.
even though the useragent will be off an android rather than using antidetect
and changing settings matching to useragent given
(8:49:56 PM) tarzan333@jabberzac.org/jabberzac.org: that is of course if CC
isnt already registered
(8:53:37 PM) spartanz1: If cardholder uses PP, this means that he is already
registred with PP, so it doesn't matter. Anyways it doesn't matter, PP can't
check it (matching the cardholder). They can't know that he is using iphone
(if he never made a payment with them) or even if he made 1 payment for
example from iphone, he got a PC, too right? So he can make another payment
using his PC, not just phone
(8:54:22 PM) tarzan333@jabberzac.org/jabberzac.org: ok cool. ill play around
with it
(8:55:08 PM) spartanz1: Be right back in 2 mins
(9:04:16 PM) spartanz1: Okay, to continue with RDp
(9:07:43 PM) spartanz1: 1. First one is the illegal one. These are other
people hacked PC's. For example you have a cardholder from New York city, so
you will need also an IP from NY city. You get a PC of a person from NY,
connect to it, and use it's IP. How such RDP are gotten? Most of the times,
by a classic hacking method, called brute forcing. It consists of
systematically checking all possible keys or passwords until the correct one
is found. Usually it works good with short
(9:08:21 PM) spartanz1: Advantages:
You get a real PC. You are acting as a real person from NY city (example).
You also have good chances to get OS like Windows 7, which is better than
Windows Server.
(9:12:34 PM) spartanz1: Disadvantages:
For example we have the PC X, and PC X has the password "12345". Such
password is very easy to bruteforce. And let's say that three persons are
trying to bruteforce PC X. All of them will have success very fast, because
it's a easy password to crack, and also all of them will have access to the
RDP. Let's say that first person connects to RDP and is carding Ebay. Second
person will connect to RDP and will try to card Ebay with a different CC, but
will fail, because Ebay already was carded by the first person using this PC
and this IP. Hope you get the idea. Many hacked RDP's (especially the ones
with easy passwords) are "dirty" because they have been used before by
somebody else, and
(9:13:16 PM) spartanz1: Other disadvantage is that there is a risk that in a
specific moment, owner of the PC will change the password. Or maybe he will
understand that his PC is hacked. Also maybe somebody else will brute force
it and will change the password.
(9:14:39 PM) spartanz1: 2. Second one is the legit one. For example there is
a Internet Hosting Company that offers virtual space on their hardware. This
is called VPS (Virtual Private Sever). You connect to their server via RDP,
and as long as you pay for it, it's your PC, nobody except you will be able
to access it. You will have access to it as long as you are paying. Usually
most used OS on such
(9:15:21 PM) spartanz1: If you don't know about Windows Server Operational
Systems, please check this link: https://en.wikipedia.org/wiki/Windows_Server
(9:16:21 PM) spartanz1: Advantages: As long as you pay, you will have access
to the RDP. Of course there may come fraud alerts to the hosting company, but
they won't come so fast and so frequent like you may think.
(9:18:05 PM) spartanz1: Disadvantages: You won't find Windows XP, 7, and 8
easy. If you will card using a Server 2012 and won't change your useragent,
shops will gain your fingerprints and will see that you are using a server
OS. How many people do you think that are using a Windows Server for their
Personal Computers? This problem can be solved with AD or Fraudfox
A simple whois on your IP will reveal that behind it is a hosting company.

This isn't such a big
(9:19:16 PM) spartanz1: VPS are used more for long term projects. For
example, creating bank drops. For such task, you don't need your RDP to die
in the moment of "action", that's why you choose a stable VPS.
For short term projects, better is to use hacked RDP's and to make your job
fast, because there will
(9:19:42 PM) tarzan333@jabberzac.org/jabberzac.org: ok so how to use these
things
(9:20:05 PM) spartanz1: You can connect via RDP on all of the Windows
version, Linux, Unix, OS X, etc. I'll show now how to do it on Windows 7:
(9:21:15 PM) spartanz1: Go to "Start" button on desktop. In field "Search
programs and files" you type "Remote Desktop Connection", find it, and after
type IP, username, password and Connect (you will receive the RDP in this
format: IP, password, username).
Important: Never connect to an RDP without having your most trusted VPN on,
especially to a
(9:22:09 PM) tarzan333@jabberzac.org/jabberzac.org: ok and where to find ones
we can buy
(9:22:20 PM) tarzan333@jabberzac.org/jabberzac.org: and ones we can hack. or
hacked ones...im definetly no hacker
(9:23:37 PM) spartanz1: To better understand about connecting to socks, i
will give you a mini guide, because there are used images and will be easier
for you to understand.
P.S: No need to hack if you don't know how. There are vendors who provide it
on Alphabay. Mrbiggles (not sure if spelled corectly) had good stuff.
Anyways, even if there will be no vendors at some moment, in future i can
find new contacts for you
(9:30:46 PM) tarzan333@jabberzac.org/jabberzac.org: yo is there something i
need to do to accept guide?
(9:32:08 PM) spartanz1: Nope, i just was waiting thinking that you have more
questions. I guess you saw this guide if you are using 5socks anyways.
http://5socks.net/Manual/proxifier_eng.htm
(9:32:39 PM) tarzan333@jabberzac.org/jabberzac.org: nah sorry ive been on
alpha loooking at rdp vendors
(9:32:40 PM) tarzan333@jabberzac.org/jabberzac.org: lol
(9:32:40 PM) spartanz1: Don't use VIP 72. Their IP are blacklisted for many
things and their traffic is sniffed by LE
(9:32:48 PM) tarzan333@jabberzac.org/jabberzac.org: i use 5socks
(9:32:52 PM) tarzan333@jabberzac.org/jabberzac.org: they ok?
(9:33:14 PM) tarzan333@jabberzac.org/jabberzac.org: lol ok must be if ur
guide is from them
(9:33:46 PM) spartanz1: Yes, they are good at the moment. Anyways, other
choices for socks, besides Vip72 (most famous socks provider among
fraudsters) and 5socks:
(9:35:18 PM) spartanz1: http://super-socks.com
http://rs-socks.net/registration
http://isocks.ws/
Do not share please these socks services or they will end up being burned
just like Vip72 or other famous provider that was abused.
(9:35:31 PM) tarzan333@jabberzac.org/jabberzac.org: sure man
(9:35:40 PM) spartanz1: About basic IP checking for spam lists and proxy:
(9:37:36 PM) spartanz1: If your IP is blacklisted you will fail almost
instantly to card. On sites like ip-score.com you can see if your IP is
blacklisted in the biggest spam bases, like Barracuda, Spamhaus, etc. You may
think how is this related to carding? The answer is simple. A legit, average
customer is a spammer? No. This mean that we are using a proxy, and websites
understand this. And RDP's, SSH, socks, etc. are used most of the times by
spammers, by the way. So after you changed your IP, first thing you must do
is checking it. Go to ip-score.com and look if it is listed in any spam base.
If it is listed, get a new IP. Ip-score may put your IP in the category "Low
risk". This isn't such a big
(9:38:55 PM) spartanz1: Also, ip-score it's showing you if you are seen to be
using a proxy. I mean, they tell you if you are on a "fake" IP or on the real
one. Our aim is to look like we are on our "real" IP, we need to look like
the holder. And proxy score, blacklist, indicates how "real" is our IP. Proxy
score must be 0 or N/A. Any number higher than "0" is bad and you can throw
away such an IP and
(9:40:15 PM) tarzan333@jabberzac.org/jabberzac.org: i think their server is
down its not working
(9:40:29 PM) tarzan333@jabberzac.org/jabberzac.org: nah got it
(9:41:16 PM) spartanz1: SSH stands for Secure Shell Tunnels. Consider them to
be a more improved version of our classic "socks". They are more secured and
more stable. The problem with socks is that they sometimes can fail in the
most unperfect moment, for example when we are carding. SSH fail very rare.
If you used a SSH today, there are high chances that after 3 days, the same
SSH will be "live" and running. For socks, chances aren't so huge. On the DN
i didn't see SSH sellers, they are most of the times in russian communities,
so if you will have a need in using them, i will find an english speaker for
you.
(9:41:45 PM) spartanz1: For SSH you need two softs, Bitvise and Proxifier
(9:41:50 PM) tarzan333@jabberzac.org/jabberzac.org: ts ok my wife is russiani
(9:42:01 PM) tarzan333@jabberzac.org/jabberzac.org: just give us the site
(9:42:08 PM) tarzan333@jabberzac.org/jabberzac.org: and i can read a little
too...probably help
(9:43:39 PM) spartanz1: 1. First you download and install Bitvise and
Proxifier
http://www.bitvise.com/ssh-client-download
https://www.proxifier.com/download.htm- "Standart Edition"
P.S: The access is possible by invitation, but anyways i'll come later with
SSH sellers
(9:44:03 PM) spartanz1: Now in bitvise you must put the settings like in
image: http://fsell.biz/attachment.php?attachmentid=4964&stc=1&d=1410240217
(9:44:37 PM) spartanz1: After you do this for Proxifier:
(9:44:46 PM) spartanz1:
http://fsell.org/attachment.php?attachmentid=4965&stc=1&d=1410240224
(9:45:22 PM) spartanz1: First step from the image i sent above is clicking
on "Proxy Servers" tab. The login panel looks like this:
http://fsell.org/attachment.php?attachmentid=4963&stc=1&d=1410240211
(9:45:26 PM) tarzan333@jabberzac.org/jabberzac.org: sorry im confused do i
use these apps with my 5socks.net ips
(9:45:46 PM) tarzan333@jabberzac.org/jabberzac.org: or only when i have ssl
clients?
(9:46:06 PM) spartanz1: Nope, for 5socks you just need Proxifier. For SSH you
need Proxifier+Bitvise
(9:46:48 PM) spartanz1: When you buy a SSH tunnel, you receive it in the
format: IP, login, and pass. When you connect, if the bitvise icon in the
right bottom of screen, it's white, you are connected. Saying this, because
many people don't know if they are connected or not.
(9:48:25 PM) spartanz1: To avoid DNS leaking, both for socks and SSH, in
proxifier setup like this: Open Profile/Name Resolution and check "Resolve
hostnames through proxy"
(9:49:22 PM) spartanz1: About CCleaner and cookies cleaning i think you know
already. But you may not know about Flash cookies. There is a soft for
cleaning them. Flash Cookie Cleaner: http://www.flashcookiecleaner.com/
(9:50:16 PM) spartanz1: One more method for deleting flash cookies is add-on
"Better Privacy" for Firefox, and besides CCleaner for deleting general
cookies and system logs, there is another soft Bleachbit:
http://bleachbit.sourceforge.net/
(9:50:34 PM) tarzan333@jabberzac.org/jabberzac.org: jesus dude i wasted so
much fucken money cards
(9:50:43 PM) spartanz1: Some general very important security things:
(9:50:51 PM) tarzan333@jabberzac.org/jabberzac.org: no i didnt know that i
thought cccleaner did that...i was aware flash cookies gave you away though
(9:51:08 PM) spartanz1: Dont keep personal info on your work PC or Virtual
Machine
(9:51:28 PM) spartanz1: CCleaner do it, but it doesn't clean all the cookies
in some cases, i mean flash ones
(9:51:37 PM) tarzan333@jabberzac.org/jabberzac.org: personal info even being
photos?
(9:51:49 PM) spartanz1: Photos, names, addresses, and so on
(9:51:52 PM) tarzan333@jabberzac.org/jabberzac.org: are we talking about LE
knocking down my door...or someone hacking and revealing ID
(9:51:59 PM) tarzan333@jabberzac.org/jabberzac.org: yeah ill clean it up
(9:52:17 PM) tarzan333@jabberzac.org/jabberzac.org: im assuming u reccomend
buying a fresh laptop and starting new on it. when i can
(9:54:26 PM) tarzan333@jabberzac.org/jabberzac.org: i dont login to fb or
anything here...but previously before i had done so...bank accoutns
etc...this was my old comp i reinstalled windows...but same ip etc
(9:54:39 PM) spartanz1: Yes, this is not something extremely important, but
better to make a good set of rules to follow, you will feel more safe.
Someone hacking.
Don't open images or links you don't trust. You can get a rat in your PC and
you will never know about it, but it will be able to remote control your PC,
hear your microphone and will have access to webcam, and a lot of other
things. Also, don't open PDF you don't trust. Upgrade softs to the latest
versions. People usually need time to find vulnerabilities in latest
versions, and the most exploited ones are the oldest versions. If you want to
feel safe on this part, remember some basic golden rules: you should always
update your softs, delete useless softs from your PC, and be very careful
with what you open and run.
(9:57:05 PM) spartanz1: For LE knocking down your door (not saying that there
are high chances to happen, but unprepared means weak), you can encrypt your
hard drive or just some files on PC. The soft used for this in past was
Truecrypt. Truecrypt is the most famous and maybe oldest soft for encryption
in the industry. But now i heard that they are investigated or something
like this, so the best alternative now is Veracrypt open source soft. Always
use open source softs for this. Veracrypt have some very interesting features
like creating Hidden Operation System, hidden containers and so on. I suggest
reading "documentation" on their website, cause there is some important info
you need to know before starting using it, and it's explained better than i
can explain
(9:57:21 PM) spartanz1: https://veracrypt.codeplex.com/
(9:58:04 PM) tarzan333@jabberzac.org/jabberzac.org: for the time being i have
an off site storage i keep this laptop and only access it when i need it
(9:58:17 PM) spartanz1: When you want to hide some files from your PC and
delete them, they aren't really deleted. They need to be overwritten if you
want to get rid of them forever. You can do this with CCleaner. You will find
this function in the "Tools" tab, "Drive Wiper"
(9:58:37 PM) tarzan333@jabberzac.org/jabberzac.org: i have a fair few guides
for encryption etc...i will definetly do this with my new pc
(9:58:46 PM) tarzan333@jabberzac.org/jabberzac.org: thanks for the tip
(10:01:10 PM) spartanz1: So that's it for today bro. Here we finished our
Carding School and hope you learned a lot. Now i want you to review a few
times all the info we discussed. Prepare a set of questions if you will have
them. And begin making your action plan based on all the info here. Devide
everything thing in steps you will follow after. After, send me a PM and we
will meet on Jabber or we can even discuss on Alphabay about it. I'll review
your plan, correct in case if something wrong, and even add some more things
if needed. Remember, our coaching doesn't finish here, and i will be anytime
available for support, and if you have some questions now, i'll be more than
happy to answer
(10:01:59 PM) tarzan333@jabberzac.org/jabberzac.org: nah besides ass kissing
theres nothing to be said
(10:02:04 PM) tarzan333@jabberzac.org/jabberzac.org: im sure u know it ur
fucken gun at this
(10:02:17 PM) tarzan333@jabberzac.org/jabberzac.org: and appreciate doing me
at 350 i saw ur price increase
(10:02:51 PM) tarzan333@jabberzac.org/jabberzac.org: ill have my plans
written up tomomrow....i studied the fuck out of the first three today...ill
do the last and hit u up with a few methodologies

Spartanzv 2

Uploaded by

Copyright:

Available Formats

You might also like

Spartanzv 2

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Spartanzv 2

Uploaded by

Copyright:

Available Formats

(3:06:51 PM) Attempting to start a private conversation with

3 months ago when i tried, it worked for PP

https://verified.visa.com/aam/activation/landingPage.aam- It's not really a

P.S: Yes, you are fully right

After go to site datafakegenerator.com, generate a fake credit card with bin

Sometimes this is a better method, everything depends on your goal. A good

(4:49:52 PM) Attempting to refresh the private conversation with

P.S: They are level 2

2. Changing your IP to city or at least state of cardholder. IP under city

5. 5-15 minutes we look at items in shops to be like a normal person (this

6. In the Billing field we put all details of holder. Everything

You go to this site. http://webstatsdomain.org

Hard ones: Paypal, Alipay, Skrill

5. Other personal information. For example, at some banks, some cardholders

My most used method is finding drops through social networks (usually

Today we will speak about everything related to Virtual Carding. Virtual

My method works for these states: Florida, Illinois, Wisconsin, Maryland,

(7:00:19 PM) tarzan333@jabberzac.org/jabberzac.org: hey mate

You can check your useragent here:

Genymotion is an Android emulator and it comes with 20 preconfigured devices,

A simple whois on your IP will reveal that behind it is a hosting company.

(9:35:18 PM) spartanz1: http://super-socks.com

https://www.proxifier.com/download.htm- "Standart Edition"

You might also like