hhh
mazon(2020)
Virtual
Amazon Carding
Content:
The Amazon Locker
Antidetect? VM? FraudFox? - No thanks!
Amazon & JavaScript
Firefox basics
CC check for valid / credit
IP - the subtle difference
Amazon Fraud Prevention the A&O
Amazon Card with CC and / or ELV with master account
No mail validation? No problem!
Amazon Carden with ELV as a new customer
Amazon Carden with CC as a new customer
Accounts & invoices made by yourself
Amazon goes internacional
foreword
I only started doing carding a few weeks ago.
A little carded everywhere, with the interesting products you need a fullz everywhere.
But Amazon had the principle of a random. So I took on Amazon, aStudents tutorial
Bought for horrendous sums, well it taught me as a cardingnoob what to look for
Has. Well.
It answered zero questions for me what Amazon is looking for. It won't be in any tutorial
for real
discussed what needs to be considered, only FraudFox or Antidetect as a panacea
comparable
grasslands.
I thought it must be due to the cracked versions that only one out of X payments went through
I got the original versions.
But it didn't get better. The results were limited.
I spoke to other carders, many had no real understanding of Amazon and
to have
simply lottery style orders fired.
So I opened myself and tested everything, invested 4k € so far -
and
you will see the results here.
First of all, for an enrolled I recommend carding directly at Saturn & Co.
Unless you want a hublot.
Legend:
CC = credit card
ELV = direct debit data record with IBAN / BIC / holder
Socks = VicSocks5
Enrolled = access to online credit card banking.
The Amazon Locker
Hardly anyone knows him, the Amazon Locker. Practical like the Packstation, he doesn't need a Goldcard
still texting. Just Mailvalid or if you are a new customer that you look in the email and with the code
which you get to the locker, type, drop, done!
Unfortunately, the dropper is currently only in large cities and metropolitan areas.
You can't card everything on it, expensive things? No.
But for an MSR-605 it is always enough, even on ELV as a new customer.
Normally little things that are not well known for fraud.
Antidetect? VM? FraudFox? - No thanks!
The tools themselves are not bad, but they consume tons of resources.
Unnecessarily much. Because the same results can be achieved with FireFox Portable.
Together with the PDF you got a whole series of extra things - a folder with
a Pre-Configured FireFox Portable as I use it.
If you want to set everything yourself, here is the direct link for FireFox Portable:
https://portableapps.com/de/apps/intern ... x_portable
Amazon & JavaScript
Amazon runs with JavaScript, so you can forget NoScript. It doesn't make any harm
different whether you have activated plugins or not, so feel free to hit Adblock Plus.
Unfortunately
the phishers do not record which plugins are activated on the Vic (possible via Javascript) -
Consequently
we can't recreate this list anyway, so you go freestyle.
However, what you can change or prevent is the JavaScript query for subsequent
values. If you do not use the enclosed FireFox Portable, you have to do this yourself in
your
about: insert config as a string:
javascript: navigator.appCodeName "Mozilla"
javascript: navigator.appName "Netscape"
javascript: navigator.appVersion
javascript: navigator.buildID
javascript: navigator.oscpu
javascript: navigator.platform
javascript: navigator.plugins
javascript: navigator.product
javascript: navigator.productSub
javascript: navigator.vendor
javascript: navigator.vendorSub
I would leave most of the values blank. Only appCodeName & appName as before
put written.
When configured, the whole thing looks like this:
"Javascript: navigator.buildID"
Write the correct BuildID to yourself. So don't worry if it's not empty at
whoer.net.
"Javascript: navigator.oscpu"
Shows the real OS if your local host is Windows but the user agent set is Mac or
Android is - leak.
Does not set a value = no results, fits.
"Javascript: navigator.productSub"
The default is "20100101" even if the value is empty.
Mozilla set this value to "20100101" in 2015 for everyone around fingerprinting
Unterbin-
the.
"Javascript: navigator.platform"
Since we provide the user agent ourselves, we largely determine this value through the user
agent, since Javascript can no longer query the user agent on the OS.
"Platform" is usually always Win32, so unfortunately I cannot say whether it is an accident on my part
or is determined by Mozilla / 5.0.
(I could only guess why, if I have solved it, every update will be given.)
Also, unfortunately, I am not able to use the values recorded via Javascript such as:
height - actual height
width - actual width
availHeight - available height
availWidth - available width
.. edit to your heart's content (without plugins), but must note that neither Bestbuy.com, Wal-
mart.com still somehow disturbs Amazon in all its diversity.
Whether you carded with 1366x768 on a user agent from a Samsung S8 where the standard
The resolution is actually 2220x1080. Does not matter.
Firefox basics
Why Firefox Portable?
So that you can easily pull up an interested buyer who has been using the same
gion has the same provider and the same cookies.
You simply copy the "FirefoxPortable" several times and use the copies to card like
you need.
And you can prepare something so nice, because not everyone buys instantly after 5 minutes
iPhone. People often come back over several days, come "by accident" via the link from
Idealo.de again a few days later - and then finally order the
wanted product.
We edit the user agent for Firefox Portable:
about: config
general.useragent.override
You must have this string unless you use the supplied Firefox Portable yourself
create.
If not already available.
You can easily set your user agent there, which you have received with the account data, you should as
New customer carden you can choose the user agent yourself, my favorite:
Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit / 537.36 (KHTML, like Gecko)
Chrome / 58.0.3029.110 Safari / 537.36
Other values that need to be changed unless you are using the portable version:
media.peerconnection.enabled false
media.navigator.enabled false
media.navigator.permission.disabled false
media.peerconnection.default_iceservers empty
media.peerconnection.turn.disable true
media.peerconnection.use_document_iceservers false
media.peerconnection.video.enabled false
dom.enable_resource_timing false
geo.enabled false
browser.cache.disk.enable false
browser.cache.memory.enable false
network.predictor.enabled false
device.sensors.enabled false
network.dnsCacheEntries 0
beacon.enabled false
media.video_stats.enabled false
network.allow-experiments false
network.cookie.lifetimePolicy 2
media.getusermedia.browser.enabled false
media.getusermedia.screensharing.enabled false
browser.search.geoip.url empty
browser.search.geoip.timeout 1
dom.enable_user_timing false
geo.wifi.uri empty
security.csp.experimentalEnabled true
webgl.disable true
webgl.disable-extensions true
network.http.max-connections 16
network.http.max-persistent-connections-per-proxy 8
CC check for valid / credit
If you buy CCs, with no limit guarantee or with, it is important to check for valid quickly. At the
best before you hang in the payment gateway.
I recommend LuxChecker:
http://luxchecker.pm
There you can easily and conveniently check your CC for valid:
Card Number = card number
Exp Month = expiry month
Exp Year = expiry year
CVV = should be clear;)
But the Luxchecker not only offers a simple valid check but also a balance check
ecker - to German - check limit.
Unfortunately only up to a value of 1000. But if you get CCs with a limit guarantee you can here
Check comfortably whether the limit is really as promised.
Fortunately, the CC does not go down when you check it with LuxChecker.
In my Hublot Big Bang project I checked the CC for Valid almost every day to be sure
let me get the watch through.
IP - the subtle difference
Many always say you should make sure that you are in the same IP range.
I say shits on the IP range - tries to get the IP from the same provider!
Unfortunately, this information is hardly phished in with anyone. Some phishers feel
This note before the headbuttons that the long-believed logic of the Carden is of no value
was and was actually just a stroke of luck.
Fortunately, the CC seller Clex is of a different opinion and understood my objection:
If you have a flexible IP in the RL and you log in to your Amazon account, the truth is
Probably quite high that you never have the same IP or IP range. But what always remains
equal? I agree! Your provider.
But what a carder is usually not aware of:
WTF which provider does the Vic use?
Even in times of IPv6 it is increasingly difficult to find the right IP, of course you could
fall back on WoIstDeinSkill's suggestion:
But unfortunately that doesn't work. Not at all. Absolutely not.
Therefore simple: Internet provider with logging = more convenient for us carders.
If you use the portable version of Firefox that I have included, you always have to
separately
add the folder to Proxifier so that Firefox Portable then goes over Socks5:
In general, it is really recommended to only run the important things over the Socks5.
So here are the unimportant things that should be blocked, e.g. your anti virus / firewall
constantly scans the traffic:
More unnecessary shit that should go over Socks5 (VicSocks), so Java, Flash:
Last but not least, localhost. So your XMPP client, Chrome (if you have an open scene with it
NE
benher) etc everything normally over VPN instead of Socks5:
Amazon Fraud Prevention the A&O
Amazon's preventive measures consist of:
1)
The card number / IBAN is compared with those previously saved in the system.
Since Amazon has approximately 820 million customers worldwide, 70% of the DE CCs are with Amazon
sets. Lotto. Fortunately, there are still countries in the European Union where Amazon
is hardly used.
More on that later.
2)
Amazon uses all the subtleties of the SEPA Direct Debit (direct debit) mandate that are possible.
This means that Amazon can send an electronic request (i.e.
send an API query) to the deposited IBAN and check whether the account exists and whether
there is insufficient cover.
It is not possible for Amazon to see how much money is in the account.
You can read more about this here:
https://www.europeanpaymentscouncil.eu
http://www.celeritift.com/products/paym ... on-systems
3)
Address comparison at the card-given bank.
Unfortunately, only a different billing address works for nonVBV cards.
2 bins which are nonVBV:
457096
457037
4)
The Vic has the Amazon app on his cell phone or Alexa at home.
The Vic has placed an order in front of you and is waiting for it.
"Alexa, where's my order?" and Alexa lists all orders in the shipment and also the
Status. No, this technique!
So if the account data has a mobile user agent, there is also the risk that the
Vic has installed the Amazon app.
I am still working on tricking them. How to stop Alexa, phew, work on it too
me still.
Amazon Cards with CC and / or ELV on master accounts
This section applies to both ELV and CC.
We have an Amazon account with ELV from a Vic, now we first check whether we have Mailvalid
to have. Shouldn't it be that way, not too bad.
If we have Mailvalid, we set the mail filter that the mail: *@amazon.de
Read directly to the trash or (if the mail provider allows it) the e-
forward to an email address that belongs to us.
When forwarding, make sure that not all emails are forwarded to you
special
only the important ones (Amazon, for example). Otherwise the Vic falls on his 200 newsletters a day
no longer come.
We switch the user agent to the one attached to the account, then we look for one
VicSocks off (in my case Vip72).
Since you rarely find the right IP or the right IP range, we resort to one
trick
back - and we whoise the IP. We go to:
https://www.whatismyip.com/ip-whois-lookup/
or
https://www.ultratools.com/tools/ipWhoisLookupResult
And look for the IP address there. As an example, we are now looking for:
80.134.227.32
So now we know which provider the Vic uses, so we only have to find the right one
VicSocks with the provider at Vip72 can be found in the most suitable region. Simply Vicsocks
add and check at whoer.net whether we have found the right one.
Once we have found the right provider, it doesn't matter that much whether you look at it
now in Cologne (location of the Vics) or Herne (location of the IP). The provider is the same
the
Volcano is soothed.
Now we log into the Amazon account, here it is up to you which step you as
first does. Whether you click through the area first, maybe a shopping list
create
with the things you want to card Or go directly to "my orders" and others
Hide the things Vic has bought so far - "Hide order".
It is recommended to hide 2-3 things, but not a must.
If we now only have the ELV for the account, we calculate from the previous 10 orders
an average value: 55, 109, 78, 9, 12, 140, 26, 42, 49, 29
Add everything up, then divided by 100 (= 5.49) times 80: 439.20 € the probable
go through safely. That's the guideline after I go, unfortunately most Vics shop abso-
lut motherfucker in her years at Amazon.
Of course you can also freestyle carding at ELV and directly up to 1k carding.
But the probability is less that it will go through without any problems. Therefore I live with less
but more by mass. You should make sure that you don't have cell phones or "fraud-charged"
Article takes. Dear graphics cards, laptops, cameras, etc.
Then we conveniently place the order, enter the drop data at the delivery address or choose one
Packstation / Paketshop / Amazon Locker off.
We send the order, maybe have to confirm the IBAN in between,
and et voila it is ordered.
Now we quickly intercept the mail at the Vic and delete it.
Optional: After a few hours you can log in again and the
Delete the delivery address from the address book to make sure that the Vic gets nothing. The
Orders, even if not yet sent, still arrive unless Amazon somehow
was startled.
The procedure with the CC is basically the same, only that depending on how much limit guarantee the CC has
(or if you know which one is good) you can order more. That means even if the Vic
20x
Boxer shorts for € 7.99, you can also order a tablet for 1k.
When ordering with the CC, care should be taken to stay below 2k if possible
Singles-
orders. But you can connect some things, e.g .:
1x Bose Quietcomfort 35 for € 279
1x Macbook Pro for 1.6k €
1x Razermouse for € 80
1x laptop bag for € 200
So that it looks like you are treating yourself to something. But not too over the top. Amazon then catches
also to calculate the credit rating. What it is based on is currently not known to me. So whether
Schufa is queried or own scores exist.
No mail validation? No problem!
Should the mail login not work, we simply shoot spam at the email address.
We go to:
http://floodcrm.net/
If you have purchased the tutorial from me, you will promptly receive an account there
to spam thousands of emails inbox + $ 10 start-up capital paid in about 11,000 emails
speaks.
First you set the email; then a description (just for you);
how many emails should be spam; Working time in how many hours: minutes of spam in
to be shot; You bet:
In progress = start immediately
Planned = start time can be chosen later
Pause = paused
The whole thing looks like this:
& Inbox for Telekom mail access:
Amazon Carden with ELV as a new customer
Small foreword, unfortunately I have not yet had a clever provider for this to see if the
Vic has enough money in the account or rather not.
In my opinion, good ELVs are:
OB's, because you can see whether the Vic orders from Amazon and how much money he has.
Deutsche Bank ELVs, since almost every Deutsche Bank customer has a 10k overdraft facility.
Further in the text.
We create an email with our preferred provider.
Then go to Amazon, create an account for us or just browse what is so nice
gives. That is up to you.
With ELV for new customers you have to pay attention to where the shipping address is and the invoice
billing address. The article is also important. With known objects of desire of a carder
don't even go through € 100. But 2x MSR-605? Or a 300 € SSD?
Expensive items are also possible, but are strongly linked to the shipping & billing address. So
nothing received in Berlin and order from Kirchheim (Bavaria). After placing the order
was given we wait what happens.
From time to time Amazon sends an email that the account is "due to a security check"
has been deleted, this means that the IBAN has already been stored in the system and is still active.
You could now call / chat with the support from Amazon and give it a big lie:
Lover, lover, partner must know nothing about it.
This is the 80% chance that not only your account will be deleted, but everyone
Account with this IBAN is blocked, 20% that the clerk has understanding.
If the email is in the wording: "You still have unpaid invoices open with us" means
this that the ELV was used sometime but was not paid. The one already mentioned
SEPA Direct Debit verification has only existed since 11/2016. Before carden was so easy ...
It also means that nothing is with the order, the name + IBAN are flagged, you can open an account
throw it away. Or try to deposit with a random from the same "region"
(30km² around the ELV Vic), then a colleague orders on his neck.
Amazon Carden with CC as a new customer
The same principle as for the ELV, limit is how much money the CC specifies as a limit.
But if you want to be sure, go up to max 1k - the 1k that you can also check with LuxChecker
can. More is only recommended with Enrolled anyway.
One should check whether the mail / passport that is sometimes supplied with the CC Mailvalid is
at the Vic's mail provider. Or at least Valid on Amazon.
Both invalid? Fine, let's order something.
Process again the same, browse and create an account later or create an account directly &
Create a shopping list and card everything that is on it - even if 2-3 shit items for a couple
Euros
are on it.
Afterwards to checkout, the important thing is:
The address data from the CC must be entered as the billing address.
With nonVBV you can specify the billing address = delivery address, but no guarantee that
it always goes through
Send order, done. Now we are waiting for Amazon.
There are 3 different emails:
1) Wording: "Account security check was deleted", you could contact the support
and try to unlock it. (same as ELV)
2) Request a credit card statement.
3) Request a phone bill or an invoice from another shipping company.
With 2) & 3) it is essential to use originals, the shit you can buy at CrimeNet
is
... perverse bad. Almost a crime against humanity.
In the next step I will explain how you can edit PDFs.
Which PDF's ?! Well, which are included in the "Accounts" folder!
There are always more PDF's as soon as I "conquer" new ones.
But before we start, 2 & 3 prescribes 2 options:
Sending the documents by letter.
Of course you could do it if you won your lottery time.
Send the documents by fax - fix!
In order to send a fax easy we quickly create an account on the invoice data of
Amazon at https://web.de/
There we get the "Web.de Club" membership, push eternal back and forth until
you are finally ready. Good, 4 clicks.
Then we go to fax
Then there is left: Your WEB.Cent account: top up, click on top up
CKEN.
You fill out the payment details and then buy 500 WEB.Cent
(5 €)
with any IBAN / BIC lying around. Money is loaded immediately
the.
Then we go back to the fax and fill out all the necessary information from the
Vics if not correct:
You click on "MORE" under "Price information".
You can add any errors there.
To: 08938038801
Web.de automatically converts it to +498938038801.
This is the Amazon fax number for domestic German customer problems.
Subject: -formal or informal-
And very important! attach your edited PDF as an attachment.
You can also print out the PDF and redact debits or sales.
This falls under data protection.
Then scan or take a picture and send the JPG along. The only important thing is that
Billing is an original.
Example, where you should not take over the subject:
Then send on, the fax takes about 10-15 minutes to send.
Then wait until the gods judge you.
Accounts & invoices made by yourself
Enclosed there is the folder "Accounts" and the subfolder "Accounts" with a lot
Example invoices as a practical PDF.
How do you know which CC belongs to which bank? If no IBAN is included:
https://binlist.net/
Simply insert the first 8 digits of the CC and et voila, we know which bank we have to use-
sen.
I use the PDF-XChange Editor Portable to edit the PDFs.
As a download: https://portableapps.com/apps/office/pd ... r-portable
Or you can find it already in the folder of the tutorial.
We open the program and open a PDF of our choice with:
File> Open .... and select our PDF.
When the PDF is loaded, we select "Change content" from the tools above.
Then a window appears, just click "Yes".
You now select the area to be edited by double-clicking.
And enter the data there and change the data in the required text fields.
Then simply save the file, done.
Amazon goes internacional
The best way to card Amazon is with CCs from other EU countries.
Countries where there is no Amazon or it doesn't really have anything to offer.
e.g. amazon.nl only offers Kindle & Ebooks. - NL cards have good limits.
Norway, Sweden, Finland, Poland, Czech Republic, Baltic States, everything goes.
But in turn you need the billing address = address that is deposited with the bank. So
half-sensible randomies are a must.
When ordering, you have to make sure you have a foreign IP to the region of the CC
fits.
We go to Amazon.de and change the language to English.
You now choose your desired product.
Some products cannot be delivered to your country from Amazon.de, so you admit
the shipping address to your DE Drop.
For better orders (so from 1k) you give at shipping address under "company name" for
play the following:
Borderlinx
Home & Away
Parcel Services
Etc. the drop should look like it is only forwarding your packet to wherever you come from
comes.
The whole thing also works with countries outside the EU, for example in Africa as well
Arab area.
Incidentally, Amazon.de is the only EU spin-off from Amazon besides Amazon.co.uk
knows the language.
Ordering from Amazon.co.uk is suicide, extremely long delivery times.
So that's it with the Amazon Carding Tutorial, hope you have learned something new & that
it helps you understand Amazon better
Follow the news and subscribe to the channe
Amazon Carding
Content:
The Amazon Locker
Antidetect? VM? FraudFox? - No thanks!
Amazon & JavaScript
Firefox basics
CC check for valid / credit
IP - the subtle difference
Amazon Fraud Prevention the A&O
Amazon Card with CC and / or ELV with master account
No mail validation? No problem!
Amazon Carden with ELV as a new customer
Amazon Carden with CC as a new customer
Accounts & invoices made by yourself
Amazon goes internacional
foreword
I only started doing carding a few weeks ago.
A little carded everywhere, with the interesting products you need a fullz everywhere.
But Amazon had the principle of a random. So I took on Amazon, aStudents tutorial
Bought for horrendous sums, well it taught me as a cardingnoob what to look for
Has. Well.
It answered zero questions for me what Amazon is looking for. It won't be in any tutorial
for real
discussed what needs to be considered, only FraudFox or Antidetect as a panacea
comparable
grasslands.
I thought it must be due to the cracked versions that only one out of X payments went through
I got the original versions.
But it didn't get better. The results were limited.
I spoke to other carders, many had no real understanding of Amazon and
to have
simply lottery style orders fired.
So I opened myself and tested everything, invested 4k € so far -
and
you will see the results here.
First of all, for an enrolled I recommend carding directly at Saturn & Co.
Unless you want a hublot.
Legend:
CC = credit card
ELV = direct debit data