Free method + Information for NOOBS. (Part 1)
Free method/ + Information for NOOBS.
Envision: you’ve chosen to take the case, you need to purchase a Mastercard. You go to the checking gathering, cautiously examine all the offers, and at long last, discover a dealer with a great standing and proper costs… What’s more, you discover that he’s contribution cards of various banks. You’d think it was something little – why does it matter what you vbiv in?
In this guide you will learn terms/slang terms carders will use, if you follow some of the methods provided you will not have to worry. Please also like this post/thread, if you leave a comment I will also do like for like to.
Hardware aka equipment; You will need a laptop, try your best to avoid PC’s. 1. You can’t bring them with you, 2. You will find it harder to get rid of it or hide it easily either. But a laptop it’s easier to do these things.
Try your best to NOT INCLUDE ANY of your personal information. Either in notes/notepad/ txt document. This will be used to not only find you, but also find your location. And if you are doing carding, since it is illegal you will most likely go to jail or face some kind of punishment. I also highly recommend an android phone, a IOS (iPhone) is far too limited. A android phone is way better for mobile carding, although you can execute mobile carding even from your laptop.
USB Stick Key; Make sure it has plenty of space/gigabytes. You will need to store all your portable applications and some of the illegal date here. In case you need to throw away and or destroy it, all the evidence will be gone. No where to execute your fraud activities?, you can attempt to go to your local library, internet cafe or somewhere they have their free internet. If you can, really try to avoid doing this. It doesn’t look good that you browse some onion sites and or a clear net cc auto shop. Long story short though, make sure you are in a place where no one can spy on you.
Once you have your laptop/ are prepared. Install a software called VMARE. Basically, VMARE a paid virtual machine software and trust me its a better alternative of Virtual Box from Oracle. You need to be return on investment oriented (ROI) so avoid at all costs to spend money on a software that you can get for free on google. When you will start seeing some money rolling in, you can card license or even better to buy them with legit (real) money.
Simply, install the trial of VMARE workstation from their official website. After the VMARE is installed, you need to activate it. You can try free VMARE keys.
Remember to change your PC and username and put in a fake one. Now install VMWARE make your first VM, use a OS that you feel confident with, I recommend Win7 as its the most widespread one and it will make us look legit in the eyes of antifraud systems.
You will need an Windows 7 ISO, so that you can use it to create a Win7 machine, also get an activator so that you remove the annoying trial, Google is you best friend in this case. Make sure you give as many GBs as possible to the VM so that functions properly.
Now install the following softwares on the machine: Mozilla Firefox (Regular Browser), Mozilla Thunderbird (E-mail Management), Tor Browser, ICQ(Mesaging), Team viewer, Viscosity (DNS leak prevention), CCleaner (System Cleaner) Bleachbit (Additional Cleaner) Mozbackup(Profile saver for FFox), My Notes Keeper(Project Management, more on this one later), Pidgin + OTR, Noxx app player/bluestacks/Genymotion/Andy Emulator/(Android Emulator). Proxifier(Socks5 Connection), Bitvise, Diamond Voice Changer, Multilogin.
Encryption; Ok so allow us to touch on a fundamental topic about security, encryption. Here’s the bad news, encryption won’t always hide 100% of your illegal files, as a matter of fact, many fraudsters get caught and the evidence extracted, but I still highly suggest encrypting your illegal data. You can use Veracrypt to encrypt your virtual machine.
VPN: Now you also need to install a good VPN. It stands for Virtual Private Network, it will aid in hiding your real IP and keep you protected online.
A good VPN must pass this ckecklist:1) Does not store logs: this is important as if they store your IP and Law Enforcement demands it, you are practically screwed.
2) No-USA one: American VPNs are forced to give logs if LE asks for it by law hence avoid VPNs from the USA even if they claim they don’t keep logs.
3)fast: Virtual Carding is slow itself when you add a VPN and Socks, so make sure your VPN is blazing fast and Pick a server that is closest to your location.
4)Has a Killswitch: let’s assume that the connection from the VPN server drops, your IP is practically naked! (except if you are under a socks5, but LE can still do a traceback and find you), so your VPN Provide must have a kill switch.
5) DNS Leak Protection: This can be annoying so make sure your VPN provider helps you with that.
6)Payment by BTC Allowed: Of course, you want to keep yourself anonymous even buy payment method-wise, so make sure the VPN accepts BTCs.
7) Auto login and connect and start-up: it is annoying to always launch the VPN and connect it by yourself, so make sure your VPN allows you to connect and login on windows start.
Luckily, NordVPN has all of these ( I use it myself) it’s a great VPN so get it ASAP, it’s just $8 per month.
Add the key apps to the kill switch setting: Mozzila Firefox, Pidgin, Tor Browser, Mozilla Thunderbird, Remote Desktop Connection:
Click Settings —- Browser
Now that you have a VPN we do some more preliminary steps: Go to ProtonMail.com and register an e-mail, add it to Thunderbird.
Protonmail is the safest email provider in the world, you don’t have to worry about potential opsec leaks with them.
You will use this email for all your fraud related activities.
Here is an issue I faced, as a fraudster I had to deal with plenty of login credential and it was getting frustrating, the solution for this was LastPass. With the new email, make a lastpass account. Lastpass will help you to manage all the usernames and passwords, has been a huge time and frustration saver for me.
Install the extension on both portable Firefox, regular Firefox, and chrome.
After your illegal operations, you have to clear all your traces from both your host and Virtual Machine. We do so by running CCleaner and Bleachbit. You have to check all the checkboxes, ensuring that all the traces in your computer will be removed, don’t check wifi-free space, or it’s going to take too long. Also, you have to use the 35 Gutmann steps cleaning, ensuring that the files will be permanently deleted.
Extreme opsec security
For the very paranoid Fraudster, I recommend installing Qubes OS and integrating it with VMware Workstation.
Final Words on Security: yes, being safe is important, but don’t push it too far, there’s a mental disease that I call opsec paranoia, as if their security setup is never enough, I also learned that the more security you add the more frustrating fraud guests, in fact, I’ve seen some fraudster with double kill switched VPN. One is more than enough. Remember that there’s always a small risk that you get caught. From my experience, a burner laptop with encrypted illegal data and a kill-switched VPN is more than enough to keep you safe without too many hassles, also make sure your key apps like browsers, etc are kill-switched, many forget about this.
All these websites can read plenty of information about our fingerprints. The browser fingerprint will be used to identify us and also used as possible evidence against us (in case they have your real IP and other sensate data).
And if they find something phishy, most likely they will put your fraudulent order on review or simply decline.
The secret here is to look like the average guy, and spoof as many details of the victim. Remember that the greatest skill of a fraudster is to look as genuine as possible if not more genuine than a legit customer. If you go on whoer.net, you will see that it’s able to read many things about you.
There are some rumors that whoer.net belong to LE, I say in response.
Where is the evidence? Contrary to widespread belief, having a 100% score on whoever is totally bad, that’s an anonymity score, not a spoofing score, and generally speaking, when you want to be anonymous, you have to hide stuff.
Another good one is browserleaks.com, when you check your spoofing setup you have to check on both of them.
I’m going to give you an ideal fingerprint that has a high success rate for desktop-based carding:
Do Not Track(DNT): DNT is an HTTP header that allows the user to avoid tracking his or her actions by third-party websites. When you work online, all your actions are saved in your browser cache: visited URLs, search queries, purchases you made in stores, etc. all this data can be read by websites and then used for marketing or analysis purposes.
For example, a user typed ̈buy a bike ̈. This query is saved in his or her browser cache and is now available for third parties to view. From now on, this user will be able to see bike ads all across the Internet.
Do not disable this like whoever recommends, no legit user deactivates DNT. CCleaner/Bleachbit is enough to delete that fingerprint.
OS: You will want to spoof your OS as Win7. Why? Because Win7 is the most widespread one at the moment.
User Agente: I recommend spoofing Chrome, as it’s the most widespread browser, always try to use the most recent version.
Screen Size: As for Screen resolution, the most widespread is 1366×768.
Well-developed websites sometimes have this fingerprinting measure called canvas to recognize you every time you browse that site.
Firefox has an extension to randomize Canvas, Anti- detect something, same goes for Fraudfox.
Thank you for viewing this post. I will be posting another helpful thread ASAP!.
You can also buy instant:
Cashapp Money Transfer Click here
Paypal Money Transfer Click here
Western Union Money Transfer Click here
Venmo Money Transfer Click here
Bank Money Transfer Click here to Contact Us