THE BIG QUESTION: WHAT IS CARDING?
– Well, defined loosely, carding is the art of credit card manipulation to access goods or
services by way of fraud. But dont let the “politically correct” definition of carding stop
fool you, because carding is more than that. Much more.
Although different people card for different reasons, the motive is usually tied to money.
Yea, handling a $9,000 plasma television in your hands and knowing that you didnt pay one
red cent for it is definitely a rush.
But other factors contribute to your personal reason for carding. Many carders in the scene
come from poor countries, such as Argentina, Pakistan, and Lebanon where $50 could mean a
weeks pay, on a good day. Real carders (the one that have been in the scene the longest)
seem to card for something more, however. The thrill of cc manipulation? The rush that the
federalles could bust down your door at any minute? The defiance of knowing that everyday
that you are walking among the public is another day that you have gotten away with a
Whatever your persona reason for carding is, this tutorial should answer a few noobie
questions and take the guessing out of the entire carding game. The resources and
techniques mentioned in this tutorial are NOT, I repeat, NOT the only methods of carding.
Experience in carding is key. You have to practice your own methods and try out new
techniques in carding to really get a system that works for you. This tutorial is meant to
get you on your way.
THE BASICS: WHAT DO I NEED AND WHERE DO I GET IT?
Credit Cards: Yes, CCZ.
“do you have any ccz”
“where can I hack CCZ”
“where can I get a list of valid CCZ?”
You need money to make money. Plain and simple. Which means that the only way your gonna be
able to get ccs if you have ABSOLUTELY NO MONEY is if you successfully rip a noobie with
100 cards (but what noobie has 100 cards?), if you have any background in database hacking,
if you trade for your ****, or if you know someone that’s willing to give you ccz all day.
I know thats a discouraging statement to all of you, but we have to keep **** realistic.
The easiest way to get ccz is to purchase them.
“but I cant get a job/I dont wanna work!”
Having a regular 9 to 5 job is not a bad idea in the carding scene. Not only will you have
some sort of alliby to why you have all this expensive **** in your house, but you can also
use the money (who cant nowadays) to pay bills. You cant card forever, and you cant sustain
yourself by carding alone.
If you are REALLY strapped for cash, you have to go through the alternative: trade for your
resources. you have to be resourceful in carding, meaning you have to use what you got. Got
a psybnc admin account? Offer psybnc user for a cc or two. Got shells? roots? Can you make
verification phone calls? just ask yourself “what do I have that might be valuable to
someone else?” and work with that. It dosnt have to be big, it just has to get you a few
cc’s in your palms.
Once you’ve run your first successful cc scam, DONT SPEND ALL YOUR EARNINGS. Save $200 and
re-invest back into the carding community. head to SC and get better cards. If you have
level 2 cards, I suggest carding C2it/Paypal and using that $$ to buy ccs. (successful
C2it/PP scamming techniques will not be discussed in this tut, sorry)
To other minor pointers on rippers and legit sellers, please scroll down to “SELLERS,
TRADERS, AND RIPPERS, OH MY!”
“where can I check my CCZ?”
Knowing wether your cc is valid or not is really important for saving some time and energy.
if you want the lame pr0n site check, you can check them under
The idea way for checking ccz is through an online merchant (authorize.net,
linkpintcentral.) These merchants can verify cc amounts without charging your ccs. Good
luck finding one. People on IRC want a ridiculous trade for These merchants (cvv lists,
cash). So if you run accrosss a legit merc, dont give it out! even to your best buds!
online mercs are gold in the world of carding.
Other methods for verifying cc amounts include registering your cc on an online bank. (You
will need at least a level 2 card, level 3 for ATM cards). alot of online banks can give
you limit, billing addy, ect ect but they require at least a level 2 cc (more info on ccz
CREDIT CARD FRAUD: INFORMATION IS KEY.
I want to make something clear right now. The secret to carding is not the number of cards
you own, its what you can do with the cards. What do I mean by that? Simple.
Hypotherical situation: My name is Johnny and I have 3 ccs with SSN, DOB, CVV NUMBER, MMN,
NAME, STREET ADDRESS, CITY, ZIP, AND BILLING TELEPHONE NUMBER. I have a friend named Billy.
Billy has 300 CCCZ with CVV, MMN, NAME, STREET ADDRESS, CITY, ZIP, AND BILLING TEL. NUMBER.
Whos more likely to successfully card something?
Simply put, I (Johnny) am. Why? Because I have more information that can prove that I am
the person who owns this CC than Billy does with his 300 CCVZ. Does that mean Billy’s not
gonna card anything? No, that just means Billy’s gonna have a hard time carding anything
So to sum up this lesson, you have to get information on your mark (the person that youre
impersonating.) #1 rule in carding is: the more information you have on a person, the
better chances you have for a successful transaction. Here is the information you’re
looking for(note: the levels of a card is not a tehcnical carding term, I’ just used L1 L2
L3 to simplify **** throughout the tutorial.) :
TEL. BILLING NUMBER:
CARD EXP DATE:
(LEVEL 1: REGULAR CVV. If you have this much info, youve got yourself a regular cc.
Nowadays you need this much info for carding ANYTHING worth mentioning. If you have any
less than this information, youre **** outta luck. 🙂
Social Security Number (SSN):
Date Of Birth (DOB):
******s Maiden Name (MMN):
(LEVEL 2: (PARTIAL FULL-INFO) If you have this much info, your ccz are on another level.
With this info, you should be able to card PayPal, C2IT, and other sites without too much
of a h***le.)
BANK ACCOUNT NUMBER:
DRIVERS LICENSE NUMBER:
PIN NUMBER (For CC or ATM card)
(LEVEL 3: (true full-info) If you have this info, youre cc is ready to card anything your
Now if all you have is a regular cc, dont discourage. Just do some research and build your
cards as much as possible:
First, go to whitepages.com and try to lookup your marks street address and phone number.
Make sure it matches the info you have on your cc..
Last, but not least, take a quick look in ancestry.com. Ancestry.com is a bit of a *****,
but you can lookup DOB and MMN (ie, if your marks name is anthony hawkins, his father is
david hawkins and his ******s name is bella donna, Donna is the MMN)
So size up your cards and move on to the next lesson:
ATTAINING HIGHER LEVELS OF ANONYMITY:
Safety is key. No one wants to give the federalles the satisfaction of busting us and
shutting down production, so we gotta stay as anonymous as possible.
First let me start off by saying theres no 100% safe way to card. Dont let people fool you
into thinking that. You can be behind all the proxies, wingates, socks, and whatever else
in the world, but you leave “digital fingerprints” wherever you go. For my personal
benefits, I use a carded ISP combined with an anonymizer account (www.anonymizer.com) and a
level 1 proxy. But I dont reccomend that for everyone.
www.anonymizer.com: offers excellent services for those that want to remain anonymous. The
setback is that its a service, and like any other service provided, you have to pay for
usage and they will restict your account due to fraudulent usage. Just card another one
rite? If youre planning to use anonymizer, just concentrate on keeping your IP secret from
their services instead of the site youre carding. The only set-back to the service is that
they have some issues with sites using Java Applets, meaning you might have to skip out on
some major sites that require JAVA.
proxies and such: I use a private hidden proxies, and dont really **** with any other
proxies, so I cant comment too much on this topic (maybe someone will paste a seperate
proxy faq?) As far as I’m told (thx red and hit), proxies differ from level 1 to level 3, 1
being the most anonymous, 3 being the least. You can also get free proxies from
www.anonymitycheker.com/page1.htm this is a descent site which ranks their proxies from
“transparent” (leaks your ip) to “highly anonymous.” they also do real-time proxy tests and
Stealther: Theres a prob out there that will actually link your proxies together for
maximum anonymity. This program is called Stealther. Stealther can be registered via key
(so you can go to #serialz on efnet and get a key) and is a descent anonymous program.
EvidenceEliminator: If you’re really serious about carding, this is a program you NEED to
have installed on your HD at ALL TIMES! Federal agents have several programs that allow
them to extract information from your PC, such as the pages you have visited, the files you
have deleted, and the emails you have written. Everytime your PC restarts, EE kicks in,
providing you with the safety of erasing any tell-tale logs and history files. You always
want to be prepared for the worse.
JAVA: Reguardless of what stealth method you are using, always be sure to disable JAVA on
CARDED ISP: I dunno if carding an ISP is safe or not. I’ve heard mixed feedbacks about this
idea. However, I can testify that I’ve had expirience with such a matter and I havent had a
problem as of yet. Some popular ISPs to card are Earthlink Pre-paid (you can pre-pay it up
to a year, look for the link on their confusing website) and America Online (better used
for a quickie card, just get out one of their 849308490383904 free 10000000 hour cds and
input a few ccs into that *****)
These arent the only stealth methods out there: these are just the popular ones ATM. If you
feel you have an anonymity method that works, by all means try it out. You never know what
works and what dosent until you experiment.
If you need to know how anonymous you really are, there are some simple ways of testing
www.whatismyip.com: the first (and most basic) test you should take. whatismyip.com is a
simple method of knowing what your ip is on the web. This does not run though JAVA so you
cant really tell if your anonymous or not from this site alone.
hxxp://www.sinfulcherries.com/?aid=525390: This is actually a pr0n site protected by ibill.
When you try to sign-up, there is a java applet that tells you “your current IP of
blahblahblah is being recorded. Any fraudulent blahblahblah will be reported.” If its not
your real IP, you p***ed the second test. (you can also check your ccs here)
hxxp://www.multiproxy.org/env_check.htm: this is a basic check of your anonymity level.
Must have JAVA enabled — the true purpose of the site is to promote their software
(multiproxy) which works in similar fashion to stealther.
DROPS AND VERIFICATION TECHNIQUES:
The right drop is essential to your scamming needs. Finding legitamite drops inside and
outside of the US is hard. Many people keep your **** and dont send, or some people dont
pick up the package at all! (theres nothing worse than watching your hard-earned laptop
going back to the store because it was refused by the recepient)
If you live inside (or even outside) the USA, youre better off scoping a drop out on your
own. A drop is basically an empty home that looks to be inhabited. This is the shipping
address you use for your carding needs. Your items should only picked up at night. As
awlays, be sure to have a cover-story in case someone asks why youre snooping around an
empty home. “I’m picking up a package for the person that used to live here” is a legit
excuse. Or even “my father is the real-estate agent.” is good. Just keep in mind that if
you order anything over $500, it will USUALLY need to be signed for, (this statement is
based upon FEDEX/UPS policies. I’ve gotten feedback from people that state they have gotten
their local UPS employee to drop merchandise worth 1k at thir doorstop using a note, but
these are uncomfirmed rumours.) Wether youre willing to sit and wait all day on the
doorsteps of your drop, or you rather leave the postman a note that says you’ll pick it up
at the nearest postal station, its up to you. (Dont panic if you have to pick up a package
at the station. When you walk in, you need to be calm so it dosent arise suspicion. If the
clerk asks you to wait more than 3 minutes, PLEASE dont stand there waiting to get busted,
tell him/her you have a prior engagement and quickly exit stage left. )
If you live outside the USA, youre just gonna have to trust someone. The easiest way to get
a legit drop in the USA is to ask around for people that have had successful experiences
with a drop. Most drops hold a 50/50 or “you card something you card me sommething” policy.
If youre talking so someone thats trying to cut themselves in to the deal “Ie yes, I know
someone but you have to card me something too” just move on, they’re wasting your time.
Just a quick note, if youre carding something like a plasma television, youll have better
luck using a drop from the same state, changing the billing addy (you can change a billing
addy with a level 2 card, youll need a L2 card for carding a plasma tv neways) and acting
like you just moved. (have that mindset when you call in: I am (name of cardholder) and I
just moved from (city a) to (city b)) Once you have the item in your possession, you SHOULD
GUESS THAT YOUR DROP HAS BEEN FLAGGED. What does this mean? YOU SHOULD NOT – I REPEAT
SHOULD NOT RETURN TO A DROP ONCE YOUVE CARDED EXPENSIVE **** TO IT. Reguardless of wether
your drop is flagged or not, do you really want to take the chances?
The cellular phone: The anonymous cell phone is the carders sword. With it, you will make
several calls to several companies using several names. You should keep this cellular phone
for carding ONLY. (just in case you become confused and forget who youre talking to.) If
you have a phone phreaking connection, youre a lucky SOB. For the rest of us, we gotta go
out and get a pre-paid cellular phone. (a phone which dosent require much info to purchase
THE SITES: WHATS CARDABLE AND WHATS NOT?
Ok, so you got your ccs, your drop and youre as anonymous as you can make yourself. Now
what sites are cardable? This is the easiest question I have to answer on this FAQ.
-ANY AND ALL SITES ARE CARDABLE- (THX CIA AND `Q_)
Why do I say that? because it’s true. Like I said in chapter two of this little tutorial,
its not about how many cards you have, its what you can do with them. Alot of this has to
do with your mindset as well.
If you have a card from Johnny Knoxville from Texas, you must be Johnny Knoxville from
texas. Depending on the information that you have acquired from Johnny Knoxvile, you must
convince merchants and I-stores that you A R E Johnny Knoxville.
When approaching these I-stores, you want to scope things out first. Ask yourself a few
-whats their policy on different shipping address than billing addess?
If they have a “must call” policy, make sure to give them an anonymous number where you can
be reached (have your anon cell phone ready for this.)
-do they accept other payments besides credit?
If they accept other payment methods, sometimes its easier to card with a different payment
method. (Ive had more luck on Dell.com with online checks that I have with credit cards.)
Whatever you card, make sure that you have all your info prepped before carding it. If
youre carding something over 1k, get on your anonymous celly and call up the banking
institution of the person’s card youre holding. Make sure to let them know that youre
making a purchase of a large limit, so they dont deny your card.
Happy Carding 😀 and be carefull (y)