- Joined
- Nov 26, 2020
- Messages
- 716
Guide to the Guide
What is in the guide:
1) Learn to work with the CC (Credit Card).
2) You will be able to find correct and good BINs.
3) System setup.
4) Make yourself the safest car. I'll show you how to protect yourself from hacking.
5) You will be able to create your own VPN.
6) Learn to bypass protection (AntiFraud).
7) Find good and profitable online stores.
8) Working with E-Gift.
9) Enroll. (Online banking)
10) Logs. Brute accounts.
11) Working with PayPal.
12) Working with BA.
13) Air tickets and hotels.
14) Lots of very useful tips.
15) All the necessary and not very contacts in order to start working, even today.
16) And much, much, much more ...
WHEN I WRITE LECTURES - THIS MEANS LESSONS (I JUST STUDED IN THE PAST, OLD MAN)
I will immediately make a note that I decided to make this guide for everyone, which means as much as possible for everyone to understand ... The guide itself is divided into lessons, and before some lessons there will be a list of terms that you need to know and keep in mind. Sometimes terms are intertwined and one term can have two different meanings. I will also warn you about this so that there is no confusion.
Also, do not forget to write to me if you have any questions. Feedback is very important, as it is impossible to write and tell about everything.
In order not to constantly scroll and not kill the mouse wheel, just enter the lesson you need in the search (For example, Lesson 5.2), then you will immediately go to it without wasting your precious time.
Lessons:
Introduction to C (Carding) - Lesson 1. Types of cards (CC) - Lesson 1.1.
Encryption. Safety. Anonymity. Lesson 2.
Introduction to security. OS selection. Lesson 3.
Virtual machine for searching in the shadow internet. Lesson 3.1.
Pure IP - Lesson 4.
Driving Tools - Lesson 5.
Connecting to DS - Lesson 5.1.
Setting up LS (Linken Sphere) - Lesson 5.2.
Creating a Personal VPN - Lesson 5.3.
How to clean the logs on the server - Lesson 5.4.
VPN + TOR + VPN Bundle - Lesson 5.5.
AntiFraud (AF) - Lesson 6.
How AntiFraud Works - Lesson 6.1.
The basic concept of driving - Lesson 7.
Shops CC (Credit Card) - Lesson 8.
Warming up the store - Lesson 8.1.
Intermediaries - Lesson 9.
How to drive into Skype? Driving first - Lesson 9.1.
How to drive into a good store? - Lesson 9.2.
3DSecure - Lesson 10.
Drops and interception services (PickUp) - Lesson 11.
Redirecting a parcel (Rerout) - Lesson 12.
Working in Europe and Asia (Features) - Lesson 13.
Searching for online stores - Lesson 14.
Parsing links - Lesson 14.1.
E-Gift - Lesson 15.
Enroll - Lesson 16.
Logs. Brute Accounts - Lesson 17.
What does the store see? - Lesson 18.
Setting up Android on the example of Nox - Lesson 18.1.
Configuring WebRTC - Lesson 18.2.
Working with PP - Lesson 19.
Deposit and payment methods using PP - Lesson 20.
Draining money from PP - Lesson 21.
Bank accounts. BA - Lesson 22.
Ways of bays in BA - Lesson 23.
Self-registers BA - Lesson 24.
Documents and their forgery - Lesson 25.
Booking hotels. Air Tickets - Lesson 26.
Refund Scheme - Lesson 27.
A small reminder in case you are caught.
Terms
I will also add that I decided not to constantly use the usual terms that are generally accepted in our community, so to speak, which are more trivial, so there will only be official terms that are easier to understand.
(For example, SS can be called cardboard, and potatoes, and a map, and a cartographer, and a boat, and anything else. It is for this reason that all terms will be written so that any person can understand)
Why did I do this? Because sometimes the entire text is a continuous collection of terms. For ease of understanding, I have "simplified" them. In general, you will see for yourself. For the terms, of course, I will also give the generally accepted options that are used on the forums and so on.
С - Carding, carding, carzh.
CC - Credit Card, card. In general, it doesn't have to be a credit card. In fact, this is generally any card.
BINChecker - Checker, checks and punches BIN.
BIN - the first 6-7 digits of the SS.
CheckerCC - checks the CC for Valid.
Valid - validity. Working SS or not.
KX (Card Holder, CH) - Holder and owner of the CC.
Introduction to C (Carding). Lesson 1.
torproject.org/download/download-easy.html.en - TOR browser can be downloaded only from this link. TOR allows you to remain anonymous online, which means that you can search DarkNet through the TOR browser. TOR can be bet on your main system. As for the virtual machine, we will discuss it in the corresponding lesson. Now a small digression, I'll tell you for the guide.
The main direction in the guide is Carding, there are many methods of working in Carding, someone just hits with a CC (Credit Card), someone makes Enrolls, someone makes Gifts, PayPal, bank accounts. In short, there are many not very clear words for many of you, all this is included here, the choice will be yours. From experience I can say that almost everyone chooses one direction for themselves and works with it. That is, whoever works, for example, with bank accounts, rarely drives in cards (Credit Card).
On the topics above - we will cover everything, the task is to help you find your topic. We try to work organizationally, in the process of work always pay attention to your failures and, preferably, record them. For example, you drive in a card, and you get an error, take a screenshot, show me on Telegram and analyze the problem, so it will be much easier to understand what the problem is and help you. Don't be shy about stupid questions. The main point, not even in the manual, the manual is the material, the template according to which you can work, and most importantly with us, that you can always contact me individually, sort out your problem. But guidance and lessons are also very important, especially at the beginning. This is your base.
Useful services during training:
1) Screenshot service - prnt.sc
Download the program and easily take pictures using the "PrtSc" button on the keyboard.
2) Service of anonymous notes - privnote.com Have
created a note, handed it over and after reading it will be destroyed. Plus there is a "parameters" button with additional settings.
I will say for Jabber. Create yourself a fallback Jabber.
How to do this is written here: xakep.ru/2017/07/21/jabber-otr-howto/
And here is just quite useful and interesting information: cryptoworld.su/safe-comunications-tell-snouden/
Jabber can be kept where it is convenient for you, and it is more convenient on the main system. Delete Jabber on ".ru" servers immediately, if there are any. This is a trash heap. Ideally, the server should be located in a country where no logs are kept. That is, the country should not be in the Eyes 14. And yes, it should not be the country where you are at the moment.
Also, as far as working in Carding is concerned, take it as a hobby, an additional direction for earning money, you do not need to give up everything and focus only on it, develop also outside of online. It is enough to devote time in the evening in order to have a stable good income. And this applies to any activity, always develop yourself in several directions. I will also add for the VPN. So, we will make our VPN our own, you don't need to buy it either, it will work both on the phone and on the computer.
Okay, let's start with basic concepts in Carding. Where does Carding begin with? That's right - security. True, but the first thing that usually comes to mind when the word "Carding"
is a credit card. Let's start with her. And we will also devote several separate lessons to safety. Credit Card - Credit Card. Credit Card - CC. Further it is designated - SS. It is more correct, of course, to say a bank card, but everyone calls it CC, it is not so much a credit card or a debit card. Everyone knows what CC is, but if you go deeper, then definitely not everyone. I will clarify, just in case, that we are working with card data, without a material card, since we have Online Carding. Let's consider the CC using our example. Cardholder Jonh Doe has no idea what an honor he is:
Code:
4037840052172271 | 2024 | 11 | 475 | Jonh | Doe | 2970 Park View Drive | [email protected] | United States | U.s. Bank National Association Nd | IN | Columbus | 47201
Let's do the analysis. Let's start with the card number - 4037840052172291. What is the basis in the card number? That's right - BIN. Let me explain. The card number contains numbers, which contain information about what the card is, the first 6 digits. It is called BIN / BIN. These are the first 6 digits of any card. Although, cards are already beginning to appear, where the BIN is in 7 digits. BIN - bank identification number. Now let's learn how to pull information from BIN'a. You can go to Google and type in a simple query “BIN Checker”. And before us will be a list of sites. The very first one is bincodes.com/bin-checker/ Not a bad BINChecker, beautiful, but ... from experience it is far from the most accurate, and the most accurate Google does not give us on the first pages, BINChecker is bins.su. BINChecker has changed the domain, apparently indexing has not yet reached it in full. We go to it and enter the BIN from our CC example in the BINS field.
The card number is 4037840052172291, which means BIN is 403784. Click FIND. We receive information:
403784 US VISA CREDIT PLATINUM US BANK NATIONAL ASSOCIATION ND
This information is included in our BIN, if you have a personal bank card, everything is the same there, you can punch BIN and see what kind of card you have. Once again, I will indicate that there is different information on different BINCheckers, therefore, if we are interested in accurate data, it is better to double-check it on several services. In practice, the most accurate, as already said, is bins.su. Each bank has its own list of BINs under which they issue cards, that is, there are many cards under one BIN. For example, under BIN 403784 there is also SS, only the rest of the numbers differ, it is clear why.
bincodes.com/bin-search, using this link you can select the country, type of card, bank and see which BINs which bank has. We save the link to a notepad or bookmarks, like all other useful services, in the process of working it is a good tool. In our business, there are such concepts as good and bad BINs. Bad BINs - BINs of the old release, which were often used by our colleagues, good BINs, on the contrary. That is, if the BIN is "dirty" (often used for Carding purposes), then banks do not particularly like to skip transactions with such BINs at the slightest suspicion of fraud (on Fraud).
BINCheckers:
bins.su - Nice and user-friendly.
binlist.net
bindb.com/bin-database.html - Authoritative.
bincodes.com/bin-checker/ - Alternative.
bincodes.com/bin-creditcard-generator/ (or namso-gen.com) - there is also a CC generator.
Advice. Check BIN on all resources.
Fraud is a type of fraud in the field of information technology, in particular, unauthorized actions and unauthorized use of resources and services in communication networks.
Good BINs are very important in Carding. In terms of working with the SS, this is generally almost half the success. Basically, these are BINs of NOT the best banks, if we speak for the United States.
https://en.wikipedia.org/wiki/List_of_largest_banks_in_the_United_States- this is a list of the largest, and therefore the best banks in the United States. All these points, including for BINs, will emerge in even more detail below, as we go deeper. Now general information for understanding the process, the concepts from which we will start. (In general, the better the bank, the more difficult it is to drive it CC. Ideally, these should be fairly small and local banks, which have few branches. In general, do not take large banks, if possible)
Back to our CC:
2024 | 11 | - card expiry date. November 2024. That is, the date after which the card will no longer be active. Expiration Date if in English. To clarify, the expiration date is calculated on the last day of the month, and not on the first.
475 - CVV code. I'll clarify that CVV and CVV2 are one and the same if you come across different spellings. CVV - code for card authentication. The Master Card has a code called CVC or CVC2. VISA and Master have this 3-digit code. American Express has this four-digit code. CVV - Card Verification Value. And don't confuse CVV with PIN. If the card does not have a CVV code, then it means that you cannot pay with it on the Internet.
Jonh | Doe - name and surname of the cardholder. Jonh Doe. Card holder - Card Holder - CH, KX.
2970 Park View Drive | United States | | IN | Columbus | 47201 is the Billing address to which the card is registered, usually KX's residence address. 2970 Park View Drive - street with house number, United States - USA, IN - Indiana, Columbus - City, 47201 - ZIP number. ZIP - in our opinion this is the index. You can google "47201 ZIP Code" and check that it corresponds to the state, city and the data on the map is correct. If, when driving, you receive an error that the ZIP from the card is not correct, how can this be fixed? That is, the ZIP in the map data is left. Yes, find the ZIP at the address on the map. Drive in the address and see its ZIP.
In the CC data, you can also find Email KX - [email protected]... There may also be KX's phone number. Sometimes there is no phone number, like Email - yes / no. Depends on how the data was merged. If we do not need an Email from a card in 90%, then a phone number is usually needed. In stores where CC is sold, indicate what data is (with / without phone, and so on).
We'll find out why we need a phone on the map. Map data, as in our example, is mined by hacking stores and leaking the database, Fishing. That is, a person makes a purchase in an online store, drives in the card data, and it is drained and the base is put up for sale. Let's digress a little from the conference, watch part of the series, for a better understanding of how it works.
Let's go back to the card number:
4037840052172271
By this number, you can immediately understand by eye that our card is VISA. Yes, by the first digit. VISA cards start with the number 4. Master Card - 5. American Express - 3. Maestro are debit cards from Master Card. After the BIN numbers, we have numbers, not counting the last one, where the data is encrypted, about whether a debit card or a credit card, the card's currency and the region of issue. The last digit of the card is a check number, a special algorithm is used to check the correspondence of this number and the card number, that is, the last number is formed through mathematical operations with the rest of the digits. Bank cards can also be debit and credit, as we already understood. Debit cards have their own stable balance. Credit cards can go negative, that is, credit money.
403784 US VISA CREDIT PLATINUM US BANK NATIONAL ASSOCIATION ND
When we punch BIN. Level is the status of the card. We have Level - PLATINUM. For example, a student and a businessman will have cards of different status. That is, different limits, percentages, opportunities and similar things. For a higher status of the card, the client pays more for its service. International bank cards are used in international
payment systems . The most popular payment systems are Visa, MasterCard, Diners Club, American Express, JCB and China Unionpay.
The most widely available cards in the world are Visa Electron, Cirrus / Maestro. In most cases, they are debit cards and, as a rule, do not allow electronic payments over the Internet. This increases the safety of their use. These cards are the cheapest in terms of issuance and maintenance costs. The most popular in the world are Visa Classic and MasterCard Standard cards. They are both debit and credit, and also allow you to pay via the Internet.
Cards of the Gold / Platinum series are prestigious cards that emphasize the solidity of its owner. Used as an element of the image. Technically, Visa Classic - Visa Gold, MasterCard Standard - MasterCard Gold cards differ in design, cost of issue and service and, depending on the card issuing bank, different sets of services (for example, the provision of medical insurance, or a "concierge" service that allows you to book tickets on transport and to the theater, hotels and carry out a number of other assignments).
For Gold and Platinum cardholders, some shops and other organizations provide discounts and other benefits (for example, the opportunity to use a business class lounge at the airport regardless of the ticket category, special conditions for renting a car).
In addition, in connection with the proliferation of Gold and Platinum cards, international payment systems are introducing new formats for exclusive cards, indicating the extremely high status of their holder.
Also, there are titanium (Titanium) cards - the most prestigious cards that provide their owners with exclusive privileges around the world. The first such card was issued by American Express - the Centurion card.
Now about the money on the card, the balance of the card. It is impossible to find out the balance by buying simply the CC data. The balance can be found out, perhaps by making access to an online bank, like we have Sberbank Online. And then, only after the card was bought, and then additional information about KH was broken through. But this moment does not greatly interfere with our work, in the USA and Europe money is mainly stored on cards, there is usually a balance there. Also, there is the concept of "card validity", which means whether the card is alive / active. There is an option, we bought a card, we drive in, but it did not enter, usually the error is Card Decline. One of the options is that our map was originally dead, that is, not Valid, not working. Different stores and sellers who sell cards have different rules for returning such material (not Valid). To check for Valid cards, there are special Checkers CC, They work according to the principle - we enter the card into CheckerCC, a small card is inserted (Small debiting of funds), that is, it is checked and the result is given to us - Valid / not Valid. The disadvantage of such CC Checkers is that he can kill the card immediately after checking, even if he shows that the card is Valid.
CheckerCC works like this - we entered the card data into it, we check. CheckerCC debits a small amount from the card and returns them back to the card. If the money is debited, it indicates that the card is active (Valid). If not, not Valid. And why are CC Checkers making a refund of the funds debited to the card? So that it is not blocked (CheckerCC). Many cards pass through such Checkers CC, and banks know the codes on which CheckerCC is based. That is, it may be that they checked the card, Valid showed, but after that the bank is already blocking it.
This problem is not on all CC Checkers, the more private CheckerCC, the better. You can also check the card yourself by driving in some trifle. For example, driving into a donation. $ 1 - $ 5. If the transaction is successful, then the card is Valid. Donations to children, websites and so on. Also, the card can be blocked if it is driven into everything, that is, due to the large number of transactions, in a short period of time, the bank can block it, therefore, as a rule, one CC is one / two drives.
It is better to do it like this, hammered in - we got the result from the map and after that we can try again when we no longer risk anything. The problem of Valid material is a sore subject now, but there is a way out of all this.
FAQ:
A: How to select the correct BINs?
B: BINs you will intuitively learn to whip up in the process. It comes with experience. Over time, you will accumulate your own personal piggy bank of good BINs. The problem is that not only you know about these BINs, so they are quickly sold out (CC with good BINs). The solution is simple - to constantly monitor the stores selling CC, as well as to have several of these stores. For example, I hired a separate person who is looking for BINs and good CCs for me, immediately buys them up, and then I hit.
A: How acute is the problem with Valid material?
B: Sharp, but not critical.
A: Is there some kind of gradation of cards at face value on the card, how much can you expect when buying this or that card?
B: By status, yes.
A: What is VCC and what are its features in our business?
B: Virtual Credit Card - Virtual card, we'll get to know each other.
Try to capture the essence of each topic. Then you will have a complete picture. Structure is important.
Types of cards (SS). Lesson 1.1 (For general information)
So, let's start with the types of American Exspress cards: The
reputation of the American giant of financial transactions today is impeccable and carefully maintained at the highest level. American Express focuses on the quality of service and service and builds its relationships with customers based on years of experience and tradition. The company offers personal and corporate credit cards.
Holders of corporate cards (Corporate Cards) are employees of large world corporations.
There are four types of personal cards: Personal Card (the so-called
“Green”), Gold Card, Platinum Card and Centurion Card (in ascending order of priority). All of them differ only in class, as traditional benefits are relying on every AmEx customer.
Next, there are VISA cards:
Visa Electron - the simplest type of cards. It has no convex elements, which limits the possibility of using this type of cards in terminals based on taking an impression from a card (Mechanical copying without connecting to a database). As a rule, there are minimum transaction limits and minimum guarantees.
Visa Virtual Card is a card for making payments over the Internet. Sometimes "Issued" without physical card issuance. In fact, this is the provision to the owner of only card details (Number, CVV2, date of validity), which can be used to pay via the Internet. The issue of the card is reduced in price, but the security is reduced. Usually they are prepaid at the time of issue and do not provide for the possibility of replenishment. They can be anonymous, which sometimes causes difficulties in processing in payment systems with mandatory verification of the owner's name.
Visa Classic is a card with a standard set of functions. This includes payments at most merchants that accept cards, booking various goods and services on the Internet, insurance of money in the account, and so on.
Visa Gold is a card that has additional guarantees of the holder's solvency, higher payment and credit limits compared to Classic, as well as a number of additional services, including express cash withdrawal and emergency card replacement in case of loss or theft of the card away from the issuing bank , additional discounts and privileges in areas such as travel, car rental, purchase of exclusive goods and services. As a rule, along with mandatory privileges from the payment system, card issuing banks offer their own additional services for Gold and higher cardholders.
Visa Platinum is an elite card that usually provides the holder with the opportunity to
receive additional services, discounts, and insurance in amounts exceeding the privileges for Gold card holders.
Visa Signature is a card product for especially wealthy clients, the distinctive features of which are maximum purchasing power, increased limits on various groups of card transactions, exclusive services in the field of leisure, shopping and travel, as well as a concierge service and special features on a personal page on the Internet. ...
Visa Infite is positioned as the most prestigious card for clients with the highest paying capacity. In some cases, the credit limit for such a card is unlimited.
Visa Black Card is an elite image product. The material for the manufacture is not ordinary plastic, but a patented special carbon fiber. It is positioned as a symbol of the holder's belonging to the top of society. Due to increased requirements, in the United States, no more than 1% of residents can become owners of this card. The owner will be able to stay in VIP lounges of international airports, use the services of a concierge service, travel insurance, cover for damage in case of a car accident, and reimbursement of costs in case of cancellation of trips.
Visa Business Credit and Visa Business Debit are cards for representatives of legal entities designed for payments in the interests of business. These cards are positioned as a product for small businesses.
Visa Business Electron Card - cards are positioned by the payment system as a product for small businesses in countries with emerging economies.
Visa Corporate - business segment cards designed for medium and large businesses.
Visa Fleet - business segment cards targeted at companies that use vehicles in their core business. This type of card helps companies track the operating costs of their fleet, as well as receive additional discounts on fuel and service.
Visa Debit is a card for everyday expenses. Its peculiarity is that funds are debited from the client's deposit account, as if he were withdrawing cash from the account or writing checks to pay for purchased goods or services.
Visa Prepaid Card is a card, the balance of which is replenished when issued at the bank, and further operations are carried out within the limits of the available balance of funds. A variation of this type of card is a Gift Card. A variation of this type of cards can also be considered cards of instant issuance - Visa Instant Issue - pre-personalized, but not personalized (without specifying the name of the holder). A feature of this type of cards is the quick issue of the card, as a rule, within 15-20 minutes from the moment the client contacts the bank.
Visa TravelMoney is a card designed primarily for the safe transportation of funds, for example, while traveling, being a more technologically advanced analogue of traveler's checks. As a rule, with this type of cards, only cash withdrawals from ATMs are possible, however, some banks also allow purchases with TravelMoney cards.
Visa Mini Card is a reduced format card, often issued with a hole, implying use as a key fob and not only. It should be noted that proximity to metal keys is highly undesirable and can adversely affect both the information recorded on the magnetic stripe and lead to increased mechanical wear of the card. Due to the non-standard format, this type of cards cannot be used in ATMs, terminals with contact chips (Contactless protocol is supported - if the card is equipped with such a chip), and it will also not be possible to use the card in imprinters. Thus, this product is only suitable for paying for purchases or receiving cash at points equipped with an electronic terminal capable of operating on a magnetic stripe or contactless chip. For this reason, this type of card is usually
Visa Buxx - the target audience of this card are teenagers who do not yet have an independent income. Parents have the opportunity to credit "non-cash pocket money" to the card and monitor account movements.
Visa Horizon is a debit card that stores funds on the chip itself, pre-authorizing them from a bank account. When using it, there is no need to establish real-time communication with the issuing bank to obtain authorization. All information about the available balance is located on the card itself in the memory of the built-in chip and is available for reading by the terminal at the point of sale. The cardholder, if necessary, can replenish the balance on the card from his bank account either through an ATM, or through one of the terminals in the trading network or bank branches. Visa Horizon is ideal for situations where there are connectivity issues or none at all. Since there is no risk of insolvency or cost overruns due to pre-authorization for this product, then Visa Horizon is ideal for issuing to customers who do not have a banking or credit history. Unlike a card with an electronic wallet, in which the balance on the card is prepaid and if the card is lost, the client loses unspent funds from the card, Visa Horizon allows you to recover the funds remaining on the client's bank account at the time of the card loss.
Visa Cash or, as it is commonly called, "electronic wallet", is a prepaid card and combines the convenience of payment cards with the security and functionality of an embedded chip. Visa Cash allows you to easily and quickly pay for minor expenses, so it can mainly be used to buy inexpensive items such as newspapers, movie tickets, to pay for short phone calls, and so on. The Visa Cash card can be either rechargeable or disposable. The decision on this is made by the issuing bank, which issued the card, and agreed with the client.
Visa Payroll is a common type of card that immediately upon purchase provides insurance for the personal property of a person purchased with this Visa card. The total amount of insurance cannot exceed 50 thousand dollars per person. At the moment, these cards are only issued in the United States.
Visa Check, Visa Gold Check and Visa Business Check are cards created for cooperation with airline mileage programs. This mainly concerns the NWA WorldPerks system.
Visa Platinum Check is similar to the previous three cards, but cannot be combined with the WorldPerks program, although it provides more opportunities for holders than Visa Check or Visa Gold Check.
Visa Purchasing - the card has been offered by banks since 1994 and is designed to account for the costs of office needs. The card can be used by both medium and large companies and is issued, as a rule, to people who are responsible for economic activities in these companies. Its use allows companies in both the private and the public sector to do without the labor and paper-intensive process of processing small purchases of goods and services. The card is directly intended for the purchase of goods and payment for services in the amount within 5 thousand US dollars. For these cards, banks are subject to requirements for a special reporting form for invoicing. Thanks to this form, the company can significantly save on administrative costs associated with the purchase of goods, as well as receive information,
Visa Commercial - Creates an easy consolidation of expenditure data from all departments, divisions and subsidiaries of the company, which provides an integrated view of all expenses for events, procurement, and travel expenses.
Please note that not all map types are available in some countries or regions. This may be due to the peculiarities of the legislation of a particular country, as well as regional restrictions of the payment system itself.
Next, consider cards of the Master Card type (Basic):
MasterCard Maestro are the most affordable bank cards due to their low cost and initial payment. By purchasing it, you become the owner of a full-fledged international card that is widely used in the world.
MasterCard Standard - the presence of such cards emphasizes that you are an accomplished person who successfully conducts business. When traveling abroad and having one of these cards with you, you will have no problem booking a hotel room or renting a car.
MasterCard Gold - these cards inspire more respect for the owner of this card. They unequivocally say that his authority and weight in society is higher than usual, that a person has achieved serious results in his life. This gives the holder of "gold" cards the right to discounts when ordering expensive hotel rooms and when shopping in prestigious stores.
MasterCard Platinum - special premium class bank cards. They give limitless possibilities, complete freedom and exclusivity. The platinum card holder is provided with the VIP status anywhere, anywhere in the world. This guarantees both high quality service and substantial discounts.
In addition to the existing cards, customers are offered to acquire an American Discover (starts with the number 6).
Discover, on the contrary, is kind of popular, and initially focused on credit programs. The main feature of the system is bonuses. When buying goods and services using borrowed funds from the card, some part of the amount (very insignificant) is returned to the client, while the more you spend, the greater the percentage of return.
It's not profitable to use Discover cards! There are several reasons for this. Firstly, it is completely unclear where it will be possible to pay with them, since this payment system is not accepted everywhere. And if they do, then there, no doubt, the prices will be somewhat overpriced. Secondly, the problem with ATMs - it will only be possible to put it in the ATM of the issuing bank. With the appropriate level of commission. Thirdly, you can't go to Europe and Asia with this "plastic" either - the logo with an orange "orange" in the center is extremely rare to see in the Old World. Those who often travel to the USA or Canada can always pay with their usual Visa.
However, some proponents have called it the best credit card for people concerned about online fraud and privacy.
Encryption. Safety. Anonymity. Lesson 2.
Let's talk about encryption. I must say right away that this is a rather difficult topic, and it is not 100% mandatory either. Rather, this information is needed by those who have already really achieved something (in our business) and want to seriously take up their security and anonymity. This lesson describes what security is, how it is achieved, and so on. If it seems to you that this is too difficult for you or not necessary, then you can safely proceed to the next lesson.
Again, this information is not 100% mandatory, but very useful for general understanding.
So, we will discuss and analyze the fundamental foundations of encryption, we will study symmetric and asymmetric encryption, we will also slightly touch on such concepts as: hashes, SSL, TLS, certificates, data interception using the SSLStrip utility and weaknesses associated with encryption. This is the fundamental knowledge required to select the appropriate security controls to mitigate risks.
In general, encryption has two parts - encryption and decryption. With the help of encryption, three states of information security are provided:
1. Confidentiality - encryption is used to hide information from unauthorized users during transmission or storage.
2. Integrity - encryption is used to prevent information being changed during transmission or storage.
3. Identifiability - encryption is used to authenticate the source of information and prevent the sender of information from refusing from the fact that the data was sent to them.
In order to read the encrypted information, the receiving party needs a key and a decryptor (a device that implements the decryption algorithm).
The idea of encryption is that an attacker, intercepting encrypted data and not having a key to it, can neither read nor change the transmitted information. Let's imagine a closed door with a lock in order to find out what is on the other side of the door, we need to open it with the key from this lock. So it is in the case of data encryption. Only instead of a lock, we have a data encryption algorithm, and instead of a key, a secret key (Password) for decrypting data.
The main purpose of encryption is used to store important information in encrypted form. In general, encryption is used to store important information in unreliable sources and transmit it over insecure communication channels.
Such data transfer represents two mutually inverse processes:
1. Before data is sent over a communication line or before being stored, it is encrypted.
2. To restore the original data from encrypted data, the decryption procedure is applied to them.
Encryption was originally used only for the transmission of confidential information. However, later they began to encrypt information with the aim of storing it in unreliable sources. Encryption of information for the purpose of storing it is still used now, this avoids the need for physical secure storage (USB, SSD-disks).
What are the encryption methods:
1. Symmetric encryption - uses the same key for both encryption and decryption.
2. Asymmetric encryption - uses two different keys: one for encryption (also called public), the other for decryption (called private), or vice versa.
These methods solve specific problems and have both advantages and disadvantages. The specific choice of the applied method depends on the purposes for which the information is encrypted. In order to make the right choice in the encryption approach, which encryption method to use where, and to answer other related questions, you will need to understand what encryption is, as I said earlier.
For example:
• The sender sends an encrypted message: "Hello, Anton"
• Attackers intercept this message, but since they do not have a decryption key, they only see the character set: "% # & $!"
• The recipient, having the decryption key, can easily read the message sent by the sender in encrypted form, and he already sees the sender's text in its original form: "Hello, Anton"
It will not be an exaggeration to say that encryption is the best tool there is in our arsenal to protect you from hackers and surveillance.
Encryption is a method of converting human-readable data, called plain text, into a form that cannot be read by a human, and this is called cipher text. This allows you to store or transmit data in an unreadable form, due to which it remains confidential and private.
Decryption is a method of converting ciphertext back into human-readable text. If you do a simple Google search, you will see HTTPS and a green padlock icon, which means that all the content of the web pages is not readable by people who are monitoring data transmission over the network.
There are two main components of encryption:
1. The encryption algorithm is publicly known and has been studied by many, many people in an attempt to determine if the algorithm is strong.
2. Secret key - you can imagine that the secret key is a password and it must be kept secret.
The algorithm can be thought of as a lock, and the secret key is the key to that lock. In symmetric cryptosystems, the same key is used for encryption and decryption.
Let's take an example. I want to send some file to Anton, but I don't want any third parties to be able to view it. For clarity and ease of use, I decided to encrypt this file with the 7-Zip program. The same structure is used to encrypt sectors / disks in VeraCrypt, TrueCrypt.
Definitions:
1. An encryption algorithm is the mathematical process of converting information into a string of data that looks like a random set of characters and letters.
2. The hash function is the transformation of the input data into the output bit string. The function of the function is to maintain integrity and to detect unintended modifications.
At the output, we get an encrypted archive, which, in order to unpack and obtain information that is inside, you must enter the decryption key, in simple terms - a password. Let's say that I used a symmetric block cipher algorithm - Advanced Encryption Standard (AES) for encryption. This algorithm uses only one key, the key is created using our password. Also, you can choose what block size will be used 128/256/512/1024 bits.
Imagine a door and many locks on it. It will take you a long time to open or close this door. Also with algorithms, the higher the bitrate, the stronger the algorithm, but the slower it encrypts and decrypts, you can consider this the strength of the algorithm.
256/512 bits is also the amount of key space, that is, a number that indicates the total number of possible different keys that you can get using this encryption algorithm.
To break a symmetric cipher, you need to sort out 2 ^ N combinations, where N is the key length. To break symmetric encryption with a key length of 256 bits, you can create the following number of combinations, that is, possible keys: 2 ^ 256 = 1.1579209e + 77 or if you expand 1.1579209e * 10 ^ 7, then the calculation results in the following number of possible variations (This is 78- bit number):
Code:
2^256 = 115792089237316195423570985008687907853269984665640564039457584007913129639936
If anything, you can check this number yourself here - kalkulyatoronlajn.ru
Thus, for everyone who doubts the safety of the chances of a collision 2 ^ 256, there is a number: where is the probability that a collision will have one of more than 1.1579209e * 10 ^ 7 = 78-bit number (The number above). Simply put, this hit or collision itself is almost impossible.
All this means that the key is extremely difficult to find, even with the help of very powerful computers, but provided that you used a long and random password when generating the key. Let's talk about the password separately, which one to use, and so on. Together with programs and why.
People and governments are constantly trying to break encryption algorithms. I will give you a list of algorithms which are good and which are not, which of them lend themselves to hacking, and which are currently impossible to hack.
Symmetric encryption algorithms:
1. Data Encryption Standard (DES) is a symmetric encryption algorithm developed by IBM and approved by the US government in 1977 as an official standard (FIPS 46-3). The block size for DES is 64 bits.
2. Triple-DES (3DES) is a symmetric block cipher, created in 1978 on the basis of the DES algorithm in order to eliminate the main disadvantage of the last small key length (56 bits), which can be broken by brute-force attack.
3. Blowfish is a cryptographic algorithm that implements block symmetric encryption with variable key length.
4. RC4 is a stream cipher widely used in various information security systems in computer networks (for example, in SSL and TLS protocols, WEP and WPA wireless security algorithms).
5. RC5 is a block cipher developed by Ron Rivest of RSA Security Inc. with variable number of rounds, block length and key length. This expands the scope and simplifies the transition to a stronger version of the algorithm.
6. RC6 is a symmetric block cryptographic algorithm derived from the RC5 algorithm.
7. Advanced Encryption Standard (AES) is a symmetric block encryption algorithm (Block size 128 bits, key 128/192/256 bits), adopted as an encryption standard by the US government based on the results of the AES competition. This algorithm has been well analyzed and is now widely used, as was the case with its predecessor DES.
Symmetric algorithms are used in most encryption systems that you use on a daily basis: HTTPS, Full disk encryption (TrueCrypt, VeraCrypt and others), File encryption (7-Zip, WinZip and others), TOR, VPN. Symmetric encryption is used almost everywhere.
The Advanced Encryption Standard (AES) is the generally accepted standard for symmetric encryption. For maximum security, use AES-256 whenever possible. AES is fast and today it is impossible to crack it (Provided that you have a strong password, we will discuss this below).
Asymmetric encryption. Very smart people have invented this public and private key encryption and algorithms based on the complexity of certain mathematical problems. I will not go into the mathematical details, because understanding them is not necessary for your defense. To make the right choice of security tools, you just need to have a basic understanding of algorithms and the strength of algorithms, as well as the cryptographic systems that you intend to use.
As we know, in the symmetric encryption method, one secret key is used, while in asymmetric encryption methods (Or public key cryptography), one key (Public) is used to encrypt information, and another (Secret) is used to decrypt the information. These keys are different and cannot be derived from one another.
Let's consolidate the material:
Symmetric encryption method - one key, uses the same key for both encryption and decryption.
Asymmetric encryption method - two keys: public (Public) and private (Private).
So let's say we have a file for Anton that was encrypted with 7-Zip using the AES-256 encryption algorithm and a strong password, but how do we deliver the password to Anton so that he can decrypt the file?
The best way to convey something and be sure of the delivery of information to the specified addressee is in person. But this is not a very good idea, since we may simply not know where the addressee is, or he may be so far away that it becomes problematic to deliver something "in person", or maybe we just need anonymity.
Asymmetric algorithms (using public and private keys):
1. RSA (Rivest-Shamir-Adleman) is a public key cryptographic algorithm. This algorithm is very popular, one of the most common asymmetric algorithms you'll see, and I'll show you where to look for them and how to use them. The cryptographic strength of this algorithm is based on the complexity of factorizing or decomposing large numbers into the product of prime factors.
2. ECC (Elliptic curve cryptosystem) is a widespread and gaining popularity algorithm. This cryptographic system is based on elliptic curves, or ECC. The robustness of this algorithm relies on the problem of computing discrete logarithms on elliptic curves.
3. DH (Diffie-Hellman) - Its durability is based on the problem of discrete logarithm in a finite field. Diffie-Hellman is becoming more and more popular because it has a property called Forward Secrecy, which we will discuss later.
4. ElGamal - ElGamal scheme, and the cryptographic strength of this algorithm is also based on the complexity of the problem of discrete logarithm in a finite field.
Cryptographic strength (The ability of a cryptographic algorithm to resist cryptanalysis) - This algorithm is based on the complexity of factorizing or decomposing large numbers of a product of prime factors.
These asymmetric algorithms help to solve the problem of exchange or agreement of keys, and also allow the creation of so-called electronic digital signatures. So we can potentially use public and private keys to send Anton our private key in a secure manner, without the possibility of intercepting its contents.
Again, public and private key algorithms use two keys, not one as in symmetric encryption. The difference is that in asymmetric encryption there is a public key that is created to be known to any person, that is, it is a public key, and there is a private key that must always be kept secret and kept private. These keys are mathematically related and both are generated at the same time. They must be generated at the same time because they are mathematically related to each other. Any website using HTTPS has a public and private key that is used to exchange a symmetric session key in order to send you encrypted data.
It looks a bit like a Zip file. They use these public / private keys and then they need to send another key, such as the key we use for the Zip file, in order to do the encryption (End-to-end. Let's break it down further).
Remember:
If you encrypt with a private key, you need a public key to decrypt. If you encrypt with a public key, you need a private key to decrypt.
In asymmetric encryption, if a message is encrypted with one key, then a second key is needed to decrypt that message. If you encrypt with a private key, then you need a public key to decrypt. If you encrypt with a public key, then you need a private key to decrypt. It is not possible to encrypt and decrypt with the same key, and this is extremely important. For encryption or decryption, you always need interconnected keys.
So, back to our question. What are all the same ways to deliver a password?
Method one
In the first method, the sender encrypts using the open (Public) key of the recipient - Anton. This means that you need anonymity and confidentiality,
so that no one can read the message except the recipient. Let's say you encrypt a file using the recipient's public key. The message can only be decrypted by a person with a suitable private key, that is, Anton's private key. Since we know that these keys are interconnected, we encrypt with some, decrypt with the other, and nothing else.
The recipient (Anton) cannot identify the sender of this message. Since the public (Public) key is public, it is usually laid out in the public domain, and anyone can use Anton's public (Public) key for encryption. When the sender encrypts using the recipient's public key, the message is confidential and it can only be read by the recipient who has the private key to decrypt the message, but as I said earlier, there is no possibility of identifying the sender, provided, of course, if you do not send any or data for your subsequent identification
Method two
All of the above results in the second way of using public (Public) and private (Private) keys. If you encrypt with your own private key, then that means you are interested in authentication. In this case, it is important for you that the recipient knows that it was you who sent the encrypted message. To do this, you encrypt the password (File) with your private key. This gives the recipient confidence that the only person who could encrypt this data is the person who owns that private key, your private key.
For example, you are the creator of some kind of software, but the government is not good at it and in every possible way obstructs your activities.
Let's simulate the following situation:
Let's say I want to download this software, here is the hash of this file, however, if the website is compromised, it means that attackers could spoof this file for downloading and add a virus or something to it to spy on me and they could also change the checksum.
So this hash doesn't mean anything. It will not help detect deliberate modification of the file. We need something else to make sure this site is in fact the official site of the software.
And this is where we come to certificates, digital signatures and other means. All these documents are obtained as a result of cryptographic transformation of information using a private signature key and allowing you to check the absence of distortion of information in an electronic document from the moment the signature is formed (Integrity), the signature belongs to the certificate owner (Authorship), and in case of successful verification, confirm the fact of signing the electronic document (non-repudiation).
Encrypting data with the sender's private key is called the open message format because anyone with a copy of the corresponding public (Public) key can decrypt the message. You can think of it as if you officially put something on the internet for public access, and since
you encrypted it with your private key, anyone can verify that it was you who left this message. Confidentiality or anonymity in this case is not ensured, but authentication of the sender, that is, you, is provided.
Further. When various encryption technologies are used in combination, such as the ones we talked about earlier, since they can all be used in combination and cannot be used in isolation, they are called a cryptographic system, and cryptosystems can provide you with a variety of security features.
A cryptographic system can provide you with a variety of security features. Among these means:
1. Confidentiality - the need to prevent leakage (Disclosure) of any information.
2. Authentication is an authentication procedure, that is, we know that Anton is really Anton and no one else.
3. Avoiding rejection - which means that if you sent an encrypted message, then later you can not begin to deny this fact.
4. Credibility - authenticity that the message has not been modified in any way.
Examples of cryptosystems are any things that use encryption technology, they are: PGP, BitLocker, TrueCrypt, VeraCrypt, TLS, even BitTorrent, and even 7-Zip.
For example, so that we can send our file to Anton, we can use Anton's public key to encrypt files or to transfer anything encrypted. But first, of course, we need Anton's public key, we just need to get it once in some secure way, and after that we can always send encrypted messages that are only available for reading to Anton.
PGP - This is a system that we can use for these purposes, it uses technology to encrypt messages, files and other information presented in electronic form.
PGP (Pretty Good Privacy) is a computer program, also a library of functions that allows you to perform encryption and digital signatures of messages, files and other information presented in electronic form, including transparent data encryption on storage devices, such as a hard disk. For these purposes, we can use Jabber + PGP.
More on this below. But let's get back to encryption. When it comes to public / private key cryptography or asymmetric encryption, there are both strengths and weaknesses.
Asymmetric encryption - public and private keys:
1. Better key distribution, since Anton can put his public key directly into his signature and anyone will be able to send it to her
encrypted messages or data that only he can read.
2. Scalability - if you are using symmetric keys and want to send your file to Anton and, say, ten other people, you will have to share your password 10 times. It is not scalable at all. Asymmetric algorithms have better scalability than symmetric systems.
3. Authentication, rejection prevention - this means if you sent an encrypted message, then later you can not begin to deny this fact. Since it was encrypted with your private private key, your private key.
4. Slow - If you look at the message length in bits after asymmetric algorithms work, you will notice that it is much larger than that of encryption algorithms with symmetric keys, and this is an indication of how much slower they are.
5. Mathematical-intensive - The longer the length in bits, the greater the number of mathematical operations, and, therefore, the greater the load on the system.
Symmetric encryption - private key:
1. Fast - if you look at the message length in bits after symmetric algorithms work, you will notice that it is much less than that of asymmetric key encryption algorithms, and this is an indication of how much faster they are.
2. Reliable - Look at the above about AES-256, where it was calculated with the number 2 ^ 256 and see for yourself, but there are 384/512/1024 and more.
In order to secure the material, let's go back to the analogy with the number of locks on the door. With public and private keys, there are many, many locks on the door, so encryption and decryption takes much longer. For a central processor, this is a large amount of mathematical operations, which is why there are hybrid systems, or hybrid cryptographic systems. Public and private keys are used to exchange negotiation keys, and we use symmetric algorithms such as AES to encrypt data, thereby maximizing the benefits. HTTPS, using the TLS and SSL protocols, is an example of a similar type of hybrid system as is PGP.
FAQ:
A: 1. Are the methods of steganography somehow applied in your work? 2. Asymmetric encryption for example works like this - we encrypt with public AES, decrypt with a conditional password: qwerty?
B: 1. Of course apply, everything depends on you. 2. We create a mutual pair - private and public. You encrypt with some, decrypt with others. Private also with a password phase is symmetrical.
A: What method can be used to transfer the code to Anton? (Example)
B: Depends on the situation, in general, it's easy to verify it through OTR by fingerprint. And only later, when it was verified by OTR, you can throw it right there, or by another encrypted source that you trust and are sure that Anton is really Anton.
A: Is it possible to modify a file without changing its checksum?
B: In fact, it is possible, but not cost-effective, since basically the entire hash of the file depends on the weight of the file, for example, the weight of the file is 1,454,458 bytes, and the file that was changed is 1,594,137 bytes and their hash will differ and here it is necessary to fit perfectly and it all depends on the type of encryption else. In fact, no. Since you have to remove something from it and replace it with something to fill the space. I think the gist is clear to keep and so on.
Let's now talk in more detail about what encryption consists of.
Hashing is the transformation of an array of input data of arbitrary length into a (Output) bit string of a fixed length, performed by a specific algorithm. The function that implements the algorithm and performs the transformation is called
"Hash function" or "Convolution function". The original data is called the input array, "Key" or "Message". The transformation result (Output data) is called "Hash", "Hash-code", "Hash-sum", "Message summary".
The hash function accepts input of any size. It can be E-mail, file,
word. And the data is converted using a hash function, for example, into the following form:
Code:
732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798fdeb6e77c78d84ccb1
An important feature of the hash function is that you cannot convert from the hash back to the original input. It is a one-way hash function and does not require keys.
There are many examples of hash functions: MD2, MD4, MD5, HAVAL, SHA, SHA-1, SHA-256, SHA-384, SHA-512, Tiger, and so on. Nowadays, if you are looking for a cryptographic system, you should use SHA-256 or higher, I mean SHA-384 and SHA-512 and so on.
To make it easier to deal with the material, let's move away from the dry text and simulate the situation. Let's say you need to download the Windows 7 Home Premium operating system for yourself.
We know that this operating system comes from Microsoft developer, then we go to the search and make the following search query:
Code:
site:microsoft.com Windows 7 Home Premium hash
Site operator: This operator restricts the search to a specific domain or site. That is, if we make a request: site: microsoft.com Windows 7 Home Premium hash, then the results will be obtained from pages containing the words "Windows", "7", "Home", "Premium" and "hash" on the site " microsoft.com ”and not elsewhere on the Internet.
This information is also key for searching online stores using operators in search engines. In this way, you can easily find the hash of the Windows 7 Home Premium 64bit operating system on the official Microsoft website: SHA1 Hash value:
6C9058389C1E2E5122B7C933275F963EDF1C07B9
In general, I would recommend finding hash sums and performing searches starting from 256 and higher, but on the official site there was only this amount, so I will take what is. Next, we need to find a file that corresponds to a given hash, for this we also use the Google search engine and operators, how to search using operators and what is the link above.
Code:
inurl:download "6C9058389C1E2E5122B7C933275F963EDF1C07B9"
After when you download this file, then using our hash-sum, you can make sure that this file has not changed, that is, it has integrity.
There are tools you can download to do this:
https://en.wikipedia.org/wiki/Comparison_of_file_verification_software
One such tool is Quick Hash (quickhash-gui.org), and I will show you how to check hash sums and ensure the integrity of the information received.
Also, I will attach below, information on other hash-sums of this file:
Code:
MD5: DA319B5826162829C436306BEBEA7F0F
SHA-1: 6C9058389C1E2E5122B7C933275F963EDF1C07B9 SHA-256:
C10A9DA74A34E3AB57446CDDD7A0F825D526DA78D9796D442DB5022C33E3CB7F
SHA-512: E0CB678BF9577C70F33EDDC0221BC44ACD5ABD4938567B92DC31939B814E72D01FAC8 82870AB0834395F1A77C2CD5856FD88D2B05FBE1D1D9CCE9713C1D8AB73
You may notice that as these numbers increase in the hashing algorithm, the hash length gets larger as it is the length in bits. SHA-1 is short, 256, 512 and MD5, which is weak and should not be used at all. So this is a way to confirm that the file you downloaded is intact.
Some of you may be wondering,
"What if the file I'm about to download is already compromised?"
Let's say we have a website (veracrypt.fr) of the VeraCrypt software
https://ru.wikipedia.org/wiki/VeraCrypt.
And I want to download VeraCrypt, the site has hash sums of files encoded in SHA-256 and SHA-512
Code:
SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b49e3897677896e
VeraCrypt Setup 1.21.exe
SHA-512:
5c68a5a14fa22ee30eb51bc7d3fd35207f58eefb8da492f338c6dac54f68133885c47fa2b172d8783614 2c75d838dac782b9faca406a2ffb8854cc7d93f8b359
VeraCrypt Setup 1.21.exe
However, there is one "BUT", if the website was compromised, it means that the attackers could spoof this file for downloading and add something to it, a virus or something for surveillance, and they could also spoof the checksum ...
Therefore, it turns out that the hash does not mean anything, that is, it cannot detect deliberate modification of the file. And we need something else to make sure that the software in question really comes from the developer. That the VeraCrypt site is the official VeraCrypt site and so on.
And here we come to certificates, digital signatures and other means, which we will now analyze, but for now, let's touch on the not unimportant essence of hashing.
Passwords, and everything you need to know about them. When you enter a password on a website or operating system, it is extremely bad way to store that password in a database, because if that database is compromised, your password will be compromised too. But let's see what a good password is. And what passwords should and should not be used. Usually, passwords are searched through all kinds of password dictionaries, or the so-called password database, and so on.
I think it is clear from the password database that this is when there is a certain list of passwords that is selected for authorization. And according to the dictionary, this is when the password brute-force method is used, based on the data collected on you, for example, or without it, that is, composing words for example:
Moscow Street 1905Goda Masha - then such a password will not be strong, even assuming that it will be typed in a different layout, since it will be easy to sort it out, collecting information on you and analyzing it, you can start a narrowly targeted search in the dictionary with the compilation and generation of the desired type of password.
What I can recommend about passwords:
1. Use a strong password, I think many of you have at least heard this phrase, use strong passwords in the form of numbers, uppercase letters, lowercase letters and special characters, but it's not so easy to remember it all, but surely you know at least one such password without semantic meaning
Let's assume that this password is 3hF9 $ u? H, but it is small - only 8 characters, such a password is not overly secure, but plus such a password that we can use it when encrypting a disk, for example, protected partitions. Do not use such a password, preferably anywhere. Just remember it somehow and store it in some protected place. For example, I know several sets of symbols that lie in my head and are not used anywhere.
Let's take our password MoscowStreet 1905godaMasha and slightly modernize it, with our character set - MoskvaStreet! 90% 3hF9 $ u? HyearMasha, as we can see, I pressed the “Shift” key when entering 1 and 5 and they were replaced with special characters. That is, in the English layout it will look like this VjcrdfEkbwf! 09% 3hF9 $ u? HujlfVfif, and such a password is easy to remember, since it has a meaning, plus a unique secret key (Cipher) that you have in your head and nowhere used.
You can also reconcile your passwords or what it is composed of against a list of published passwords.
2. Using a password of at least 21 characters.
3. Storing all sorts of notes, passwords, and other confidential information in encrypted form, for this you need to use full disk encryption programs such as VeraCrypt, TrueCrypt and other analogs, I myself use VeraCrypt.
And for passwords and password notes, use KeePass 2: https://en.wikipedia.org/wiki/KeePass or KeePassX 2 https://ru.wikipedia.org/wiki/KeePassX
Keepass is the first version. Only old-format databases are able to do it (they seem to be easy to decipher).
Keepass 2 is the second version supporting the current .kbdx format, they cannot be decrypted (or rather, I have not seen any options).
KeepassX is the first version of Keepass rewritten in C, like its progenitor, it can only .kbd files, but it is cross-platform.
Since the second version, KeepassX can also do .kdbx (keepassx.org/changelog)
I myself use KeePass 2, as I am more impressed by this interface and my other whims. So I recommend it. Remember these three fundamental things about passwords.
Let's talk about digital signatures. Let's go back to our VeraCrypt. How do you know if the site is really official and the software comes from the developer?
A simple and rather tricky way to find the official site is to find the software on Wikipedia and then follow the link to the official software site. However, we can also click on the green lock and see the certificate that it was issued.
The digital signature is the hash value. It is the result of a fixed size hash function that is encrypted with the sender's private key to create a digital signature or signed message. Technically speaking, a digital signature is a mark that confirms the person who signed the message. This is the issuance of a guarantee for an object that was signed with its help.
For clarity, what a digital signature is, I give you a little reminder. We look at the signing:
Signing: What you can see in the picture above, but based on our file we are parsing:
Hash Algorithm -> Hash Value (6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b49e3897677896e) -> Private Authentication = Digital Signature
If the encryption object is digitally signed because the encryption object is signed encrypted with a private key that only the owner of that private key can encrypt. This is authentication. It ensures that no denial of authorship is possible, since, again, the sender's private key is used. And it provides integrity because we are hashing.
A digital signature can be used, for example, in software. Can be used for drivers inside your operating system. It can be used for certificates and confirm that the signed objects come from the person specified in the certificate, and that the integrity of the data of these objects has been preserved, that is, they have not undergone any changes.
But how can we make sure that the file really comes from the developer, in our case VeraCrypt? That is, so that in case of deception, you could say with 100% certainty that you used their software, and it was signed by their digital signature.
The certificate can be verified, but usually it is verified automatically:
What we see here. The certificate was issued to: to whom - IDRIX SARL, by whom - GlobalSign. So GlobalSign is the company whose private key was used to digitally sign this program. GlobalSign says: "This software is legitimate and has not been modified." It says here: "The certificate is intended to certify that the software comes from the software developer, the software is protected from modification after its release."
To find out if this is a valid digital signature or not, we need to reverse the original process.
That is, we look again at our memo:
Verification: What you can see in the memo above, but based on our file that we parse:
Signed message → Public key (This .asc file usually has the following form - idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc, private the key also looks like) = Hash value, that is, it should look like:
Code:
d55c26807a591643dd4c21ac0ffaaa733aafa52307d36ed9a95ed0a5ef35e4fe
After that, this hash value will need to be verified with the specified hash, that is, we open the QuickHash program there, run our file and in the algorithm that it is presented to us, everything should match, if it does not match, then the file itself has been changed, and there may be a virus , or something to wiretap us, or something else not very good.
Code:
SHA-256: d55c26807a591643dd4c21ac0ffaaa733aafa52307d36ed9a95ed0a5ef35e4fe VeraCrypt Setup 1.23-Hotfix-2.exe
I checked the received hash, and as we can see in the screenshot below, they are identical. Therefore, the files are legitimate and correspond to the developer's digital signature, and this file definitely comes from him.
And this software will be to blame (more precisely, its creator) if your computer gets infected with WannaCry or some other not very good virus. Read it several times if you do not understand, and try to understand. This moment is really important.
And what we saw on our wonderful memo is that Windows verifies the certificate for authenticity, that indeed such a certificate is registered with such a number.
Let's use an analogy to understand what Windows does when it writes these lines in a certificate:
You came to the bank with counterfeit money, and they check the money through special solutions or devices, and then the paint is suddenly washed off, or the watermarks do not show through and they tell you that your bills do not match and this is a fake, so is Windows. That is, if someone else rewrote all the certificate data and made a copy of the certificate for signing, with such data, then it would not correspond to reality, and this is a more complex topic, but I think that everything is clear.
And if verification fails, you usually see a warning like this:
This means that either the file does not have a digital signature, or Windows (Think of a bank employee) does not trust this digital signature (And in the case of a bank employee, he does not trust your bill). You can check it, the method I described above (And the bank employee can check on his device or there by applying solutions).
In Linux, everything is simple with this, since you just do not install proprietary software, since all software is usually installed from the official repositories, where all testing is carried out.
I'll tell you about Linux and its benefits in more detail later.
Let's go through this material again, because I'm sure some of this may seem rather difficult to understand. We look again at our memo. We see "Signing".
So, the hash value (of the program itself. That is, if a person himself ran it through QuickHash), which was encrypted using the private key (His private key) of the sender or software release. This is a digital signature. It provides authentication, non-repudiation, and integrity. And if you encrypt something and in addition digitally sign it, you can achieve confidentiality along with authentication, non-repudiation, and integrity. Digital signatures certify that a program or something else came from a specific person or publisher, and they protect software or messages from modification after they have been published or sent. On this I think we figured out the digital signatures.
Let's now move on to End-to-End encryption (E2EE).
End-to-End encryption is that data is encrypted by the sender and only decrypted by the recipient. If you want to avoid tracking, mass surveillance, hackers and so on, then you need this type of encryption of the transmitted data.
Examples of End-to-End encryption technologies are things like PGP, S / MIME, OTR, which stands for “Off the record”, ZRTP, which stands for Z in the RTP protocol, as well as SSL and TLS implemented correctly, these can all be used as End-to-End encryption.
Companies that develop software that use End-to-End encryption and zero knowledge systems cannot disclose the details of the data exchange to your enemies, even under duress, even if they wanted to. This is the advantage of zero knowledge End-to-End encryption. End-to-End encryption provides security while data is in transit, but obviously it cannot protect data once it has been received. Next, you need a different protection mechanism.
Use End-to-End encryption wherever possible.
The use of secure HTTPS on all websites is becoming increasingly necessary, regardless of the type of data transferred. A digital certificate is the same as a digital signature, there are a number of differences, there are certification authorities and so on. You usually do not come across this, I will not describe who is interested - type "Key and HTTPS Certification Authorities" and "Digital Certificates" into the search engine.
A green lock in a URL or HTTPS means that your ISP or, say, the government, they can only track the target domain. What does it mean? Let's say there is an attacker between us and Google. It won't be able to find out what exactly I was looking for because this is end-to-end encryption between my browser and server.
Let's see an example. To begin with, we will use an example of a non-encrypted connection using an HTTP connection.
HTTP, HyperText Transfer Protocol is a widespread data transfer protocol
originally intended for transferring hypertext documents. By default, the HTTP protocol uses TCP port 80.
In the screenshots below, I will use WireShark, a program for analyzing network traffic.
For the experiment, I took a site based on the government.ru HTTP protocol, after I click on the link, the request from the site will be displayed in the WireShark window under the number one, but let's immediately analyze what each window of the program is responsible for for better assimilation of the material.
1. This area is called the Packet List - in it you can see which server is exchanging data with, the protocol that is used and general information about frames.
2. The next area is called Packet Details - it displays the details of the packages that were selected in the Packet List.
3. And the last area is called Packet Bite - it displays the hexadecimal display of this packet, the offset is also displayed in the form of ASCs, and also, if we right-click on this area, we can see how it will all look in bits.
Let's take a closer look at the received packets and learn more about surveillance, analysis, and so on.
1. Packets forwarded by our HTTP filter.
2. Target domain, that is, the main page of the site without any heresy after the slash "/".
3. User Agent, that is, browser settings, operating system version and other parameters.
4. Referer - indicates from which page we went to this page, since we went from a secure page, there were many packets with redirects. Ultimately, we referred to ourselves from the same page, if, for example, I went from the main page of the site to this one, then the Referer would have the main page of the site.
5. Cookies or session. Here is your password and sailed (Blurred). You can go under your logged in session and rummage around.
6. Well, this is the final page where we are.
If you think that this is the ceiling, what this software can do, then I'm afraid to upset you - this is just the tip of the iceberg. In order for you to have no doubts after reading what I have read, I decided to disassemble these points by going from one page of the website to another.
And as we can see:
1. Referer - indicates the previous page, which we parsed from it, we came to this page.
2. What page we are on now.
As we can see, the HTTP protocol itself does not imply the use of encryption to transfer information. However, there is a common extension for HTTP that implements the wrapping of transmitted data in the cryptographic SSL or TLS protocol.
The name of this extension is HTTPS (HyperText Transfer Protocol Secure). For HTTPS connections, TCP port 443 is usually used. HTTPS is widely used to protect information from interception, and also, as a rule, provides protection against Man-inthe-Middle attacks - if the certificate is verified on the client, and at the same time the certificate's private key was not compromised, the user did not confirm the use of an unsigned certificate, and the attacker's CA certificates were not embedded on the user's computer.
1. Google - uses a secure connection protocol HTTPS.
2. Data request packet over the secure HTTPS protocol.
3. As we can see in the details of the package, we only have Encrypted Application Data.
We do not have any other information that is contained on the web page, or where the person is.
4. Since we have an IP address, with which server the packets are exchanged, we look at what this IP address is and, based on the data received, we can conclude that the person is on the Google landing page.
Basically, using HTTPS is safe and as I said earlier:
Companies that develop software that use End-to-End encryption and zero knowledge systems cannot disclose the details of the data exchange to your enemies, even under duress, even if they wanted to. This is the advantage of zero knowledge End-to-End encryption.
SSLStrip - HTTPS stripping. But also based on this, there are attacks to remove SSL. Let's see what it is. Any attacker who can position himself between the source and destination of traffic, in our case, a computer and a server, then this attacker can perform an attack of the “Man in the middle” type. One of these attacks, which requires very little skills and resources, is called SSL Stripping. The attacker acts as a proxy here and replaces encrypted HTTPS connections with HTTP connections.
Let's open the screenshot and see what it is:
1. As we can see, we are sending the request with HTTP.
2. It goes through SSLStrip and does not change, also goes further.
3. The server sees that you came over an insecure protocol without encryption and changes it to a secure one using encryption. That is, on HTTPS (301 or 302 Redirect is done - this is configured on the server)
4. SSLStrip sees that the server has sent you a request to HTTPS (See point 3) and automatically also changes it to insecure - to HTTP. Thus, removing TLS encryption.
SSLStrip here proxies the response from the web server, simulating your browser, and sends you back the HTTP version of the site. The server will never notice the difference. Since the server thinks that you are communicating over the secure HTTPS protocol, since it does not see that the attacker (SSLStrip) changed the protocol for you to an insecure one.
And what you will see - it will be almost indistinguishable from the original site. Let me show you how a website should look like:
1. We see a secure version of the site, that is, with End-to-End encryption (left).
2. Now I have done HTTPS-stripping. And this is the version of the site after the attack (right).
As you can see, the difference is that you no longer have HTTPS and most people won't notice the difference. And as I said, the server will never notice that something is wrong, because it is talking to a proxy that behaves exactly the same way as you would.
Another interesting way to carry out this attack is when the attacker is on your local network, so this either happens over an Ethernet cable or wirelessly over Wi-Fi. They can trick your machine into sending traffic through them, and this is known as ARP spoofing, or ARP poisoning. The attacker sends ARP packets impersonating the victim's default gateway.
This works because Ethernet does not have mechanisms for authentication, it does not have this functionality, so any machine, in principle, can send what is called an ARP packet and report that it is one of the machines on this network, for example, a gateway or router. and this causes you to start sending your traffic through the fake router, which then forwards it, stripping SSL along the way, and then forwards the traffic back to you, as we have seen.
In a nutshell, what is ARR spoofing and how it works in simpler terms. Everything that goes to the Internet has a physical address, that is, a MAC address. Hence, the computer has a network card or Wi-Fi card, and it has its own MAC. The MAC address is usually written like this - 00: 07: 5B: 3C: 88: 91, there can be a colon or a dash between the numbers, these are 6 pairs of characters, 8 bits for each pair, that is, 48 bits in total.
Therefore, 2 ^ 48 = 281 474 976 710 656 - and this, in turn, is 281 trillion 474 billion 976 million unique addresses. Also, the first three octets are the organization identifier, the next three octets are selected by the manufacturer for each instance of the device (Except for SNA networks).
Also, the MAC address can be easily changed to any other. Why am I telling this? And for the fact that knowing only the IP address it is impossible to contact the device on the network. And if I know the IP address of a device, for example, my router, then I cannot exchange information with it until I know its MAC.
For these purposes, the ARP protocol is used, which sends a request from your device to another device as if you have IP 192.168.1.1. Then he sends him his MAC address and it turns out that the connection is established.
For clarity, the attack proceeds as follows:
The IP address and MAC address of the computer under the number 1 is different from the IP address and MAC address of the router under the number 2 from your real router. The attacker creates a virtual router under the number 3 and ties your entire network through itself, and the computer sends an incorrect request, which goes not to the real router, but to our hacker (Fake router) and also in reverse order. It turns out that all traffic goes through our attacker.
Now let's think about what can be done to prevent all this? Well, on the client side, you can try to notice when you don't have HTTPS, but if you're busy, you probably won't be able to notice it. Nevertheless, you should pay attention to this. But then I will tell you a method to protect yourself.
A more secure method is to use a tunnel or an encrypted tunnel so that it is not possible to remove SSL because the traffic you send will be encrypted in a different way. For example, you can use SSH tunneling. VPN technology like IPsec can be used. In general, you should pay attention to End-to-End encryption.
Among other things, you are better off not connecting to questionable networks without using tunneling, VPN or encryption, because that is exactly what can happen if you don't have them. Your SSL can be removed and all your traffic is exposed.
The presence of ARP spoofing and sniffing on your local network can be detected to some extent, and there are a couple of example tools you can use. This is ARPWatch. It monitors your Ethernet network for ARP spoofing or poisoning. And there is another tool, Sniffdet, which detects whoever is watching network traffic.
On the server side, you may not have control over the server side. That is, you cannot always control the HTTPS connection so that it always has a green padlock. It is possible to activate strict security, data transmission via the HTTP protocol, or HSTS for short, this mechanism uses a special header to force the browser to use only HTTPS traffic.
This only works if you have previously visited the site, and then your client actually remembers that this site only accepts HTTPS traffic. And if you all remove SSL, you will get an error message because strict HTTP transport security has been activated on this site.
In general, let's make a short epilogue. Encryption is a fantastic tool for privacy, security, and anonymity. In fact, this tool really works and attackers (Hackers) will try to avoid it. That is, no fool would make a direct attack on encryption. As they say, a smart one will not go uphill, a smart one will bypass a mountain. And you should bear this in mind.
And all they can do is find weak points. Remember the case of Ross Ulbricht, the creator of the Silk Road, he got caught on Captcha. Simple. That is, no one will ever Brut 'your passwords and so on. It is much easier for them to install KeyLogger on your system or send you a link to a website with infected JavaScript and launch an attack, or a PDF file, and so on.
No one ever wants to break encryption. Attackers will simply try to bypass the encryption. You should keep this in mind.
Security is a so-called weak link phenomenon. It is as strong as the weakest link in the chain. Strong encryption is often the strongest link. We human beings are usually the weakest link. As the saying goes: "My tongue is my enemy."
How a MITM attack is carried out:
FAQ:
A: When an attacker creates a virtual router, can the victim notice it?
B: Maybe, of course, but usually this is noticed with the help of plugins, firewall and other software. ...
A: How to apply this information in your work?
B: Absolutely different. You must understand that you can only trust yourself and if you do not have understanding, then you will not have a guarantee of your safety.
A: How can I transfer all the information to a encrypted disk?
B: Just grab, drag and copy. Before that you need to mount it.
A: Which plugin should you use to securely identify authentic certificates / check with old ones.
B: HTTPS Everywhere. Or you need to configure the firewall.
Anonymous mail services:
protonmail.com
disroot.org/en
tutanota.com
mailfence.com
An introduction to security. Choice OC. Lesson 3.
I will try to explain in simple language how you can theoretically be hacked. I will do without complicated terms, for ordinary users. Also, I will give you a brief introduction to hacking the operating system, and more advanced users will read technical information between the lines.
I believe that users of any operating system, and even more so those who are associated with this at work, need to understand that professional viruses are not an executable file that has been renamed into a document and asked you to run it. And not always blocking macros will prevent an attacker from executing code on your system.
I myself use various operating systems, from Windows to Linux. I work on Linux but use Windows sometimes. Further, there will be a lot of negativity about Linux, but it is not associated with any fanatical beliefs, I just want to objectively tell and convince you that no matter what operating system you use, you can be hacked everywhere.
Your choice of operating system matters to your security, privacy, and anonymity. Different operating systems suit different needs. The purpose of this section is to help you understand this difficult situation. Answer the questions, which operating system suits your requirements based on risks, and what you want to use it for, for a specific situation, for specific requirements.
Let's talk about our choice of operating system and how it affects your security, because the operating system is the real foundation of your security. There are many misconceptions when it comes to operating systems and security. You've probably heard, for example, that MacBooks cannot be infected with viruses. Also, a lot of people are constantly discussing how leaky the Windows operating system is. This can be argued for years, but wondering how secure is Linux?
And there are people, let's call them Linux camp, who think Linux is the best operating system. If you ask Linux lovers if you have an antivirus, the answer will be only laughter. Their argument is that Linux was created by professionals, and everything is protected according to the standard. We plant our beloved dog for Ubuntu and you can not worry about its data.
In general, there are two things that are infinite, the universe and fools. Everything is clear with the universe, but what about the latter? How to explain to various Windows users that they cannot work without antivirus protection? And how to explain to the creators of antivirus software that it is impossible to protect against hacking by the access matrix (When reading or writing of some files is blocked, that is, access control) and that hacking is not always: “A threat has been detected: The autorun.exe process is trying to write to the system branch registry ".
Your security looks good only in theory. Let's say you are the same Ubuntu user, you install this OS on your beloved dog's PC. Then many argue the following - if the dog receives a message myDocument.docx in the mail, then even if it turns out to be an executable file, and he starts it according to the instructions, nothing will happen - after all, for most actions, a password is required - root (Administrator password in the sense). Are you seriously? Are you protecting yourself from the invasion of representatives of the elementary grades of school? Or do they control large financial flows and in general from malefactors who are members of criminal gangs?
A long time ago, when Linux was in its infancy, most of its users were professionals. But over time, distributions that were convenient for a simple user appeared in the work and the number of housewives began to grow. What does any housewife do? That's right, makes online payments, and where there is money, they flock there, like bees to honey, a swarm of various rabble, which wants to improve their finances free of charge. 90% of housewives use Windows - and viruses are developed for this operating system, and if at least 20-30% of housewives switch to Linux, then big finances will immediately be poured into it for the development of malware. And reports from antivirus companies show a slow but increasing number of such programs.
Okay, back to our dog. The only reason not to worry about your security is that developing a virus under its OS is unprofitable. And so - it is economically unprofitable, the possible income of the attackers will be less than the costs. How long this will continue is a big question. But still, technically, how likely is it that our dog will be hacked and taken away? If the strong point of our dog's safety is that no one needs it and viruses under its OS have not yet been written, then this is a game of Russian roulette.
Let's simulate such a life situation. Let's say, the other day, you met a pretty girl on the Internet, you communicate with her for some time, share your secrets there, and so on. For example, at some point, she finds out that you have a tidy sum of BTC coins on your account. Let's imagine that a friend's name is Katya, and Katya has a friend, a programmer who is pretty good at computers. Then they decide together with a friend to figure it out for two. What they need for this: a small start-up capital, the direct hands of a friend (Let his name be Anton) and a little courage.
Katya knows that you are using Ubuntu 14 LTS. How do you imagine the hacking process? You, like most users, think that Katya will send you a file with an attachment in your mail, which will ask you to run, but since you are not stupid, then, of course, all your data is safe, and we will not run this file!
Then Katya goes to some unnamed and shadow resource and buys from Someone a vulnerability to your favorite browser for N-th amount of money. Someone not only provides your new friend with technical information about the vulnerability, but also sends Anton (Katya's accomplice, who has forgotten) an example of how to start all this.
The vulnerability that a friend gets is a zero-day vulnerability in the Google Chrome browser. For example, open holes CVE-2015-1233 or CVE-2014-3177, CVE-2014-3176, CVE-2013-6658 (See above) and how many of them have not been closed yet is a big question.
As you can see from the description of the vulnerabilities, Katya can execute the code in the context of the process and this will work not only in Windows, but also in Linux and Mac OS. The vulnerabilities are taken at random as an example. Once again, these are browser vulnerabilities.
Anton draws up a script (JS - Java Script) and writes there the Shell-code (a set of lines that are written in the command line), which should be executed on the target system - your PC. To do this, he needs to somehow transfer the link. We immediately dismiss the first option with mail - you are a careful user and do not open links from mail.
Then they decided to improvise a little. They know that you are an ordinary person and do not suffer from paranoia. Therefore, most likely, you will still follow the link if a more or less familiar (in our case, Katya) person on a social network throws it off. In fact, it can be played in different ways. It all depends on your imagination. There are really a lot of options.
After you visited the link, in the context of your browser process, a small code was executed that Anton wrote - literally a few commands that later downloaded the virus body and went on to execute it. But how. Are you sure that Katya is just
showing you her photos, no files are uploaded to the disk, there are no warnings, no one asks for root passwords.
We increase privileges. After Anton's development started executing its first instructions on your processor, the question was, what to do next? In your theory, even if an infection occurs, then nothing will happen to you, you have set a complex password for root access, and you will not enter it immediately and suddenly.
Anton and Katya foresaw such a question and decided it in advance. The same Someone told them that he has a couple of zero-day vulnerabilities in the Linux kernel, like the fresh vulnerabilities in the kernel versions 3.17 and 3.14 - CVE-2014-9322, CVE-2014-3153.
After reading the description of the vulnerabilities, Anton realized that they would allow him to execute code in the context of your OS kernel. And all he needs is for his malicious application to take advantage of these fresh holes and execute the code in ring-0.
While you are unaware of anything and are looking at Katya's photos, Anton's code has already seriously invaded the vastness of your system and neither antivirus (It simply does not exist) nor anything else can even display an intrusion message. Since Anton decided not to stop there, he went further. Having got to the lowest level of your OS, in which only trusted code is supposed to be executed, Anton began to search for the file that is responsible for starting the OS. Once Anton's software has found this file, it modifies it so that when you restart your PC, Anton's code continues to run.
Rootkit (in Russian, "rootkit") - a program or set of programs to hide the traces of the presence of an intruder or malicious program in the system.
And so Anton and Katya got access to your PC running Linux, but how can they hide their presence? To do this, Anton decided that he would overwrite the code of the operating system itself, which is loaded into the memory of your PC, but how? After all, if the same actions are carried out on Windows OS, then one small system component will detect this and forcibly restart the PC.
Then Anton opened the documentation for the processor that is on your PC and began to study. He knows that your processor architecture is x86, but what does it do? After all, there is write protection on the pages it needs in the kernel. Then Antom drew attention to the cr0 register - a small block of memory that stores the data with which the processor works.
And what will happen if I set the hexadecimal bit to zero, quickly overwrite the necessary kernel methods and immediately restore the register - Anton thought. And so he did, as it turned out, if you reset this bit to zero, then write protection can be temporarily disabled.
Thus, Antom has full control over your OS. Yes, the vulnerability was later found and fixed, but the program code that stuck in this way in your OS can no longer be detected. Minute integrity control shows that not a single file in the system has been changed - Anton's program simply replaces it when reading. There are no new processes - the malicious process is simply hidden, and if there are solutions on another OS that have been detecting such techniques for a long time, then there is no such thing under your OS.
In general, in conclusion, Katya and Anton were able to easily access all of your payment systems, withdrew all your money. And then they also deleted all your files. Conclusion - be careful, especially with Katya.
I wanted to show simple principles with this simple story. How all this happens, that it is necessary to clearly separate virtualization, because virtualization is another large-scale thing in the parameter of your security. We will return to this later. Do not try to surf the Internet on your PC, open suspicious links and download some dubious software, and it’s still not entirely clear from where. Be careful about your security concerns about JS and only enable it on trusted resources.
BUT! Usually such vulnerabilities cost a lot of money, and the fact that you are the one to be hacked decreases. Despite the fact that they will be interested in you, the probability is extremely small. As I already wrote at the beginning of the encryption lesson - all this information is needed even when you have achieved some kind of success, there are always large sums on your wallets, and you have a whole arsenal of different techniques.
(For example, I have several PCs on different operating systems. One PC is a test one, on which I test different methods of work, programs, links, etc. It does not store any important data, to all this it is connected to a different network. The second and the third PC is exclusively for work. Well, and the fourth PC for myself is social networks, games, the Internet, etc. It also does not have any important data, and it has nothing to do with work, so if it gets infected somehow, then I won't lose anything).
By the way, a little more information. If you are concerned about your security and anonymity, then you must be very careful on the Internet. First, always keep in mind that the Internet is the abode of deception and lies (especially the shadow Internet). Forget about such things as meeting people on the Internet, because you cannot know who is sitting on the other side of the screen. Friend or comrade major. Second, always remember that your social media friends can be hacked. And, you will be lucky if you just fall for another divorce, where you will be offered to transfer money to the card. And it will not be lucky if, on behalf of a friend, using correctly SI, they can find out some data from you (the same link).
So, okay, we closed this topic. And now I would like to make some kind of risk assessment and based on these moments, so that you can also do it yourself without any special skills, purely by your own logic.
Perhaps you are interested in the question, which of the operating systems will we consider the weakest? Windows, OS X, or various Linux systems, perhaps the Linux kernel, which has been the most vulnerable in history?
cvedetails.com is a free CVE vulnerability database / source (This is a generally accepted standard for naming vulnerabilities found in commercial and open-source software). You can view information about vulnerabilities by CVE number, exploits, links to vulnerabilities, a complete list of vulnerable products and CVSS assessment reports and most common vulnerabilities over time, and more.
Let's try to work with this site. To begin with, we will go to this page of the site - cvedetails.com/top-50-products.php - there is a list: “Top 50 products by total number of vulnerable vulnerabilities” (from 1999 to the present).
And as we can see on the second line, we have the Linux Kernel. Simply put, this is the Linux Kernel, as we can see it ranks second in terms of quantity. And you probably ask, why?
The numbers shown in the right column are the number of vulnerabilities found in a particular operating system or application.
Let's go down to the very bottom of the web page. We see the following there: “The total number of vulnerabilities is 50 products by manufacturer”. And, as we can see, Linux no longer occupies the first line, but you say that Windows (Microsoft) is constantly updated, and it also has a bunch of products on the Office market and other programs, and Apple has different versions of the operating system, and there are also some nuances.
Yes that's right. All of you will be right, but Linux has a ton of stuff too. Let's take a closer look at the specifics of this use. Let's take it all out in practice, and then, I think, you will all understand what I want to tell you about.
Go to the page: cvedetails.com/vendor.php?vendor_id=33
This page shows the statistics of vulnerabilities in Linux. What you should pay attention to:
1. Number of vulnerabilities by year.
2. Vulnerabilities by type.
Now it is necessary to analyze what parameters should be paid attention to:
The first thing we should pay attention to is the number of vulnerabilities by year, as we can see that every year there is a trend towards an increase in the detection of vulnerabilities.
The second thing we should pay attention to is the severity of the vulnerabilities, as we can see the serious ones here are execution of the code (Execute Code) and buffer overflows (Overflow).
Red and orange:
• The red column is the execution of code on the client's side without his knowledge, I think there is no need to tell what exactly this is fraught with.
• The orange column is a buffer overflow, which is a phenomenon that occurs when a computer program writes data outside of the buffer allocated in memory. It is fraught with the fact that there will be an increase in the level of privileges and a lot of other things.
More details can be found here: https://ru.wikipedia.org/wiki/Buffer_overflow
And for the sake of completeness, we can go a little higher and see a table with trends in vulnerabilities over time. Based on structured data, we can easily analyze, since we can see the ranking of data by time cycle, as well as by the degree of danger of vulnerabilities (Columns). You can click on these numbers and see detailed statistics about the vulnerabilities.
Now we have a small picture of how everything works, we analyzed it on the basis of Linux, but several candidates are required for the analysis. Now I will consider in a concise, capacious manner using the example of three main developers, namely:
• Linux
• Microsoft
• Apple
As we can see, in the general statistics of vulnerabilities for all products:
• Microsoft - 10947 vulnerabilities.
• Apple - 6595 vulnerabilities.
• Debian - 2619 vulnerabilities.
Based on facts and statistics, let's try to figure out where we really come when it comes to the security of these operating systems.
Windows
So, the first we will disassemble Windows, how full of a leaky Windows operating system can be argued for years. Just look at the statistics previously described. And the very red light should light up in your consciousness, which would signal to you that, perhaps, this is not the best option. But statistics are statistics, but let's see why. She initially had a weak security system. Give her credit. In later versions of Microsoft operating systems, they began to take security seriously.
And with the latest products, the latest security features like BitLocker, EMET, Device Guard, Windows Hello, and Windows Trusted Apps, there is now a pretty solid set of security features. But is it really so? In general, I agree, the security of operating systems of the Windows family is gradually improving, but this is not enough, and even more so for us.
In these operating systems, everything is closely interconnected with the Microsoft servers, all your actions in the system, as they report to the Microsoft servers by strings, also fail Windows, especially in the current version of Windows 10, problems related to surveillance and privacy, this is not particularly related to the means safety, but it turns off some people, what to say already about us.
An important point: If you read the licensing agreement from Microsoft that comes with every operating system in the Windows family, you will see that they will give your encryption key from BitLocker at the first call from law enforcement, and this in turn stumbles upon the idea of what the fuck Windows ?! Why do you store my encryption passwords on your servers, what are you doing?
The fact is that by ticking the box in the licensing agreement with Microsoft, users give the corporation the right to dispose of their data.
“We may access, disclose and store for ourselves your personal data, including any content, any files on your devices, in your letters and in other types of personal communications, if we have reason to believe this is necessary to protect our customers or to comply the terms and conditions governing the use of our services ”is
stated in the license agreement.
In other words, whatever you say on the network - write, save, create or download on your computer or any other device with Windows 10, all this can be remotely deleted or copied from you - if someone at Microsoft decides that it is for them need to. That is, according to the terms of the Microsoft EULA, intervention in the privacy of customers and control over it does not even require government sanctions! All that is needed is permission from users who are too lazy to read the entire license agreement when installing the OC. This is probably all there is to know about Windows.
Mac OS X
Next, we have Mac OS X. Today, again, like Windows, it contains reliable security tools. Stuff like address space allocation randomization, app launcher sandboxing, FileVault 2, privacy settings, and Apple's AppStore. All strong security features.
But if not for one "BUT", Mac OS X also has problems with privacy. If you've upgraded to Mac OS X Yosemite (10.10) and you're using the default settings, every time you start typing Spotlight (To open an app or find a file on your computer), your local search terms and location have already been sent to Apple and third parties (including Microsoft).
The Washington Post also posted a video demonstration of Yosemite's live tracking:
washingtonpost.com/posttv/business/technology/how-apples-os-x-yosemite-tracks-you/2014/10/22/66df4386-59f1-11e4-9d6c-756a229d8b18_video.html
Let's analyze this video:
1. For example, a simple Spotlight search output. (This is a tool for finding files on your operating system) now sends your location and the names of the files you are looking for to Apple on a permanent basis. You may notice that your location is being transmitted to Apple even though you are not shown the corresponding notification icon. They decided to hide this notification under the pretext that users would be overwhelmed by too many notification messages. This means that if you agreed to use the location services, then you also agreed to share your location with Apple.
2. You may notice that data starts to be sent before you type, and also when you press the keys. That is, as you type, data is sent too.
3. As we can see, the author of the video says: “I'm looking on my computer for a document called" The Secret Plans Obama Leaked Me ", and Apple receives information about this along with my location and user ID, which is a unique string of letters and digits used to identify me. Apple tells us that this value changes every 15 minutes, but we have to trust that the new value does not bind to the previous one. Again, they receive information about our location, and as the author shows that he is indeed at the Washington Post office, based on the coordinates transmitted.
How can we turn off these surveillance things? To disable these things, we first need to go to System Preferences> Spotlight. There we see all the places Spotlight looks to search for you. This can be very helpful. However, this can also be a privacy issue, as you can see just now. I would recommend disabling everything, but if you need something, you can, of course, leave it.
If you are using Safari, then you need to disable the following, click Safari> Preferences> Search and you need to uncheck Include Spotlight Suggestions.
Linux
Linux-like operating systems, Unix-like operating systems. There is a wide variety of them, I group them all in one category. If you are looking for the most secure operating systems, then you will find them only here (Will be below).
Things like SELinux are good examples of this. It is an implementation of Delimited Mandatory Access Control (MAC) that meets the requirements of the government and the military.
Mandatory access control (MAC) is a differentiation of access of subjects to objects based on the assignment of a confidentiality label for information contained in objects and the issuance of official permissions (Admission) to subjects to access information of this level of confidentiality. Also, it is sometimes translated as Enforced Access Control. It is a combination of protection and restriction of rights applied to computer processes, data and system devices, and designed to prevent their unwanted use.
SELinux is a kernel-level enforcement access control system. This is not so much an important point for you to focus on at this point.
Let's take a look at more standard operating systems: Ubuntu, Debian, Fedora, Arch Linux, Tails and others - again, they all have fairly reliable security features.
When we look at Windows, Mac OS X, and Linux, they are all in similar terms. But when it comes to their existing security features and functionality. When we add privacy to our security suite, we need to start looking at Linux distributions.
I would recommend using Linux distributions for security, but you will have to sacrifice interoperability and usability. For example, you will not be able to use Photoshop or Microsoft Office, although this can be solved using “Wine” - you can watch what it is on YouTube.
In a nutshell, if you don't know, there are many, many operating systems that have evolved in some way since the mid-1960s from an operating system called UNIX.
Keep a list of operating systems. You can see clearly how many Linux distributions are there and from whom they originated:
Just look at how many operating systems are based on Debian, now you can go back to the statistics we did on the analysis earlier and look at them from a slightly different angle.
I would recommend using Debian based distributions - Debian, Kali Linux, Parrot OS as well as Fedora, Arch Linux.
A little about these operating systems. As you have already noticed, upon a closer look at the infographic above, the two main communities are Debian and RedHat, there are also a bunch of others, but there is one BUT: "If you have a lesser known Linux or Unix-like operating system, then you may find that the release of fixes is slower, because they are not backed by huge multi-billion dollar corporations, in which the release of all fixes is on the flow. "
Fedora Linux is a Linux distribution with one of the largest user communities of any distribution. But it is not as popular as Debian. There is a common perception among users that Fedora is difficult to use and difficult to configure. A big plus of this system is that Fedora is only free software. The Linux operating system is very often viewed as free software. But this is not 100% true. While most of the software you use is free software, some hardware drivers and firmware are proprietary. Also, there are open source components, but with a limited license.
Distribution developers determine how often their users will come into contact with proprietary software. They may include MediaCodecs, drivers for video cards and network adapters, as well as additional modules, for example, Adobe Flash, as part of the distribution kit. It will help users listen to music, play games, and surf the web, but it is not free software.
Fedora takes a principled stand on this issue. This helps to avoid legal action against RedHat. Proprietary software is simply not allowed in the repository. The distribution kit will not prevent you from installing such programs, but it will not help you either. You will have to use third party repositories like RPM Fusion. This is one of the reasons why Fedora is considered difficult. But adding a repository to the system is a matter of a few minutes.
But, for example, such articles habrahabr.ru/post/337290 are, of course, slightly misleading. Since before, non-commercial products, as far as I remember, did not fall under such prohibitions. The Fedora Project, although sponsored by the Red Hat to develop new technologies, is a non-profit structure and does not profit from its activities, as far as I understand. It's all strange.
Arch Linux is an independently developed Linux distribution optimized for i686 and x86 / 64 architectures, aimed at power Linux users.
In general, you need to be a competent user to use this system, you need to be aware of this in advance. She uses Pacman, a proprietary package manager from the creator of Arch Linux. Pacman provides the installation of the latest updates with full control of package dependencies, working on a rolling release system or Rolling Release. Arch can be installed from a disk image or from an FTP server.
Let me explain that a package manager / repository is like the App Store or Google Play, from where you can download and install the application or program you need in two clicks.
The default installation process provides a solid foundation to enable users to create a custom installation. In addition, the Arch Build System (ABS) utility provided the ability to easily build new packages, modify the configuration of stock packages, and share those packages with other users through the Arch User Repository. It is a lightweight Linux distribution. It runs predominantly free and OpenSource software and software from the community-supported AUR repository.
Ubuntu - To dismiss this question, I'll just say that Ubuntu sends your data to third parties without your consent. If you're an Ubuntu user and you're using the default settings, every time you start typing Dash (To open an app or find a file on your computer), your search terms are sent to various third parties, some of which advertise you.
By the way, you can remember the situation about Windows, which decided to distribute WIndows 10 for free, but in the end collects all the data, supposedly for advertising. That is, all your personal information and so on. If you would like more information on this system, please read at least the WIndows License Agreement. And your eye will start twitching.
For Ubuntu, to prevent sending data to third parties, you need to follow a series of instructions on this site: fixubuntu.com Following the
instructions here, here's how to change the settings you want . Above, we have already analyzed a similar situation on the example of Mac OS X.
However, I do not recommend Ubuntu in any case, I only cite this for your interest in the event that it so happens that you are using this system. Ubuntu is better for privacy and anonymity than Windows or Mac OS X. I recommend Ubuntu to people with no Linux experience and who think the above distributions are too hard to digest for them.
Debian is a Linux based operating system, it is a Linux distribution. It consists entirely of free and open source software, most of which is under the GNU General Public License.
The Debian distribution contains over 51,000 compiled software packages that are
packaged in a great format for easy installation on your machine. They are all free. It looks like a tower. At the base is the core, above it are the main tools, then all the programs that you run on the computer follow. At the top of this tower is Debian, carefully organizing and putting it all together so that all the components can work together. With this approach, your system will not knock on Microsoft home servers.
Tails is a Debian-based Linux distribution built for privacy and anonymity. It is a continuation of the development of OS Incognito. All outgoing connections are wrapped in the anonymous TOR network, and all non-anonymous ones are blocked. The system is designed to boot from LiveCD or LiveUSB and leaves no trace on the machine where it was used. The TOR project is the main sponsor of TAILS. The operating system is recommended for use by the Free Press Foundation, and was also used by Edward Snowden to expose PRISM.
Use it only to search for something on the Internet (which you yourself understand), as you will quickly get tired of it. For example, they came somewhere, inserted a USB flash drive from their OS, looked for what you need and pulled out everything.
Kali Linux is a GNU / Linux-LiveCD that emerged from the merger of WHAX and the Auditor Security Collection. The project was created by Mati Aharoni and Max Moser. Designed primarily for safety tests. Kali's predecessor was BackTrack, built on several Linux distributions. It was originally intended for use on Slackware OS, and then smoothly migrated to Ubuntu.
After that, Debian became the basis.
Parrot OS - An increasingly popular Security distribution based on Debian-Linux. Quite easy to learn, suitable for both beginners and professionals. This distribution is aimed at both penetration testing and anonymous work on the Internet. Quite a lightweight and effective tool, many Security specialists have found in it a replacement for the increasingly "gluttonous" Kali, especially since Parrot uses the Kali repositories to update. Uses MATE graphical environment and LightDM display manager.
In terms of functionality, it is similar to Kali Linux; here, too, a huge amount of special software for security testing is supplied with the system.
As you can see all the systems I mentioned above are mostly Debian based in one way or another (since Ubuntu).
How you handle security updates on Linux will depend on the distribution you are using. I'm going to talk about security updates using Debian and Debian-based systems as an example.
See here - wiki.debian.org/Derivatives/Census
All Debian-derived distributions are listed . Many of them are security critical operating systems such as Kali, Tails, and so on. The Debian project does an excellent job of providing security updates for Debian.
Security is a priority for this project and this operating system. For details of the security issues that are being patched, take a look at the security information page provided by Debian (debian.org/security).
If you go down below, you will see all the updates. You can click on any update and get more information about that particular update. You can go to the Miter CVE directory and learn more about the vulnerability you select. See here for details on this vulnerability. We see even more details here. And from here we can get to various sources for more information, and in principle, we can even find the Exploit code for this vulnerability.
We analyzed this above using the example of the site - cvedetails.com
The Debian Project claims that they process all security issues brought to their attention and fix them within reasonable time frames. They also say that many security alerts are coordinated by other free software vendors and published on the same day as the vulnerability found, and that they have an internal Security Audit team that looks in the archives for new or unpatched security bugs. They also believe that security by obscurity does not work and that public availability of information allows security vulnerabilities to be found.
This is all well and good, which is why I recommend Debian-based distributions as the main reliable operating system for everyday use when it comes to security, privacy and anonymity.
About the installation and all that stuff. Perhaps, I will not paint how to install each OS, because then we will get out of the manual. If you want, you can find everything on the Internet, on the same Youtube there is a bunch of videos on how to install this or that system.
In addition, it makes no sense to describe the installation here, since it is almost always individual and everyone will face their own problems. In general, as they say, Google is there to help.
FAQ:
A: Are there any other popular hacking paths, apart from the hacking method through left links and executable files attached to the "Normal"?
B: There are a lot of them, usually vulnerabilities are used. The question is the delivery of malicious files and the ways of implementation (As I wrote, there are an ocean and more ways).
A: Is there any hardware binding other than MAC that can be tracked? Let's say I was using a Windows 10 laptop and then decided to use it for our "Business Purposes". Will they track me later, for example, by the motherboard ID? Do I need to take a separate new hardware for our work?
B: It all depends on your volume. And will they look in your direction at all. If you imagine that you are already a potentially dangerous person and they will calculate you, then you need to think about not only about MAC. Since, for example, most likely, everyone in the apartment has a router, quite ordinary. So, this router, if you connected to it from your PC via Wi-fi, most likely sent data to GoogleMaps or YandexMaps, as well as other sources. For the first time, you do not need any of this, you need this information for the future, when your income will already be in the millions, let's say.
A: Which link is better to use for our work? What is the Linux distribution, and is Windows really needed in a virtual machine, or is a browser with a substitution of the identifier enough?
B: IP → VPN → TOR → SOCKS, IP → VPN → SOCKS, IP → VPN → TOR → VPN → SOCKS.
Better to do isolation, of course. That is, let's take for isolation, for example:
VPN, TOR, SOCKS, VPN + SOCKS. Regarding the browser, Windows and so on - everything is individual, since everything beats in different ways.
A: Is it better to install Debian as the main one or on a virtual machine and work from it?
B: Basis. On a virtual machine, only if for training.
A: What computer characteristics do you need to work comfortably with Debian?
B: At a minimum, you need 8 GB to work, since you will also have a virtual machine. The best option is 16 GB of RAM. And so, in fact, the more RAM, the better.
A: Is there a semblance of an antivirus on Linux?
B: No, why is he? There is an application store, all applications are open source, and there is also a large community (30+ million people who constantly follow the replenishment of this store). In addition, when you want to download a program, the hash is automatically checked. If the verification is successful, then the program will download and everything is fine, but if not, then an error will be issued. This means that, most likely, it was malicious software.
A: I am a complete zero in Linux - which one should I set?
B: Don't install Fedora, look towards Debian-like distributions. Check out any distro with a pleasant interface for you. You can see which graphical shell you want: losst.ru/luchshie-graficheskie-obolochki-ubuntu
A: If we are talking about programs such as PSI and searching for "Something like that" on the Internet, then it is better to do it with a virtual machine of some kind, or you can safely on the main one, but the
browser, for example, can be stored on the hard disk, which encrypted?
B: It is possible and so, but it is better to store logs and everything else on an encrypted medium, not trying to store some kind of private information that can harm you on your medium without cryptocontainers.
A little more about safety:
1. Do not use your tongue, not on the Internet, not in life. No one ever needs to know where you are from, what your name is, how many children and any other personal information, it does not matter at all who asks - a friend or acquaintance, anyone may be not who he is positioning himself to be, and even me.
2. Do not use the Nickname that you took from your ID in VK, Steam, Email or any other service or site. Used in the white sphere Nickname - can bring people out of the gray sphere at you.
3. Do not register mails and accounts on your phone number, services that provide mailbox services will easily give out information on demand. To receive SMS, you can use online services (I will give you links). Do not use personal mails when registering on gray sites and stores, create separate ones for these purposes.
4. You should never think that "I am not such a big fish to be looked for" - often such people then look for money for lawyers, do not be mistaken, never neglect safety, because it is better to sleep peacefully.
5. Accept parcels only through intermediaries, forwarding services or dummies. Don't shine your names anywhere.
6. Jabber and all other means of communication are best stored in a virtual machine, if you store on the main one - it is better to disable saving history and passwords.
A virtual machine for searching the shadow internet. Lesson 3.1.
I personally recommend using VirtualBox or VMWare. Do not forget to enable virtualization in the BIOS of your PC - otherwise the virtual machine will not be able to work.
It is best if you put the virtual machine image in an encrypted media or container. For carriers, the best parameters are USB 3.0, 32-128gb.
We will encrypt with the following software:
TrueCrypt 7.1a or VeraCrypt
Here, the choice is, let's say, yours. See which one suits you best.
TrueCrypt versions are only 7.1a, the rest are not very secure, and VeraCrypt is a continuation of the TrueCrypt genus, since it was abandoned by the developers. I am using VeraCrypt.
We encrypt the media / SSD or create a container on a PC, then put the virtual machine image inside the container. Now, before starting the virtual machine, you will first need to open the encrypted container using a password.
How to encrypt - you can look in the help of the program itself or search on the Internet, it is not very difficult and requires pressing just a few buttons.
There are two alternatives to containers, namely:
• Encrypt the entire hard drive on your computer.
• Creation of a hidden OS.
With ordinary containers, the encryption key can be pulled out of the hibernation file and removed from RAM, so we disable hibernation on our computers. But when using a hidden OS, you can put all the information and files inside it, and even if you are tortured, you can give out the encryption password from a regular white OS, while the hidden one will peacefully store your files.
Encrypting the entire hard disk is a long one (it takes about 6 hours for 1 TB of memory), but a reliable tool, since the keys cannot be pulled out from hibernation, even if it is enabled, and in order to have time to remove from RAM, you have to try very hard, only Brute remains , and here we move on to the next security point, namely passwords.
With a hidden OS or disk encryption, to start the system, you will need to enter the password in the Boot-Loader, that is, even before the Windows account password, before turning on the system itself.
On any forum, page on a social network, mail or hidden container, you must follow the mandatory points when choosing a password:
1. It is at least 15 characters long, preferably all 30.
2. Upper + Lower case, numbers and special characters.
An example of a good password: sHO & D = 633qwvBB! AC {6} - this password will take decades, if not centuries, to Brute.
3. For one forum / store / site - one, unique password.
4. Two-factor authentication - use wherever possible.
If you use the same passwords, there is a good chance that everything you can get cracked. No one is safe from leaking or selling a database on some DS (Dedicated Server) store, for example. Attackers simply get your password, and then let them go around all the services / forums and take everything they can.
However, a strong password is not a panacea, because it can be intercepted right from your system by picking up a Stealer, malware or other virus on it. The way out is trivial and simple
- create a separate virtual machine (in general, any one) specifically for software and dirty, unverified files.
And run everything only on this virtual machine, let it suffer better than your computer. Observing basic hygiene rules is much easier than losing accounts or paying to the victims later, so don't be lazy and do it, but you will sleep peacefully.
The purpose of the virtual machine for you will be divided into two points, namely, the first is for searching through shadow resources and communicating in this environment (Forums, sites, shops, and so on), the second is for the drives themselves and work. The virtual machine setup for these cases is different, but still a bit similar.
What do you need to configure your virtual machine for the first option (search by shadow resources):
1. VPN. It is best to put your own. How to do this and all the nuances will be below in the guide.
2. TOR Browser
3. Jabber / ICQ
4. Replace your DNS, for example, with Google - support.li.ru/google-dns/win7/
They can also be added to the router. For the best effect, you can generally use the DNSCrypt software. Remember this program, you will have to use it often.
5. Browser for searching. (I always use FireFox)
6. Disable WebRTC. WebRTC allows third-party users to determine the IP address of a network user at once, bypassing the software barriers of VPN, TOR, SOCKS and other network defenders: whoer.net/blog/article/kak-otklyuchit-webrtc-v-raznyx-brauzerax/
7. If you use SOCKS or SSH tunnels, then Proxifer + Plinker (these programs will also be discussed below).
8. You can also close the Internet through a firewall so that when the VPN falls, the virtual machine does not have access to the network, and your real IP does not leak.
Setting up a virtual machine just for work will be already below. As detailed as possible and in different variations.
Terms:
AntiFraud - AF, antifraud. Our main enemy, who does not allow us to calmly withdraw money from the SS.
BTC - Bitcoin, cue ball.
Checker IP - checks the IP for purity and suitability.
IP - IP, ip.
SOCKS - sock.
SSH tunnel - tuna.
DS - Dedicated Server, Dedicated Server, Grandfather.
Pure IP is the backbone. Lesson 4.
The topic is simple. The final part on your Carding security is anonymity. First of all, you need to understand that you have two different concepts of anonymity.
The first is personal safety, so that you are not taken by the ass, so that you are not leaked by your provider. For these purposes, we will create a personal VPN. What will he give us? He will let us hide our real data. When you disable logs on the server, VPN will remove all your "Travel" in the network from the provider.
The second is anonymity, which must have a number of parameters in order to bypass AntiFraud when typing. Later you will get to know AntiFraud better. In a nutshell, AntiFraud is a system against fraudsters like us. She has a number of parameters that are individual in each store, but our task is to be her “own”, to be an ordinary KX for her. If we do not have any requirements for the IP of our VPN, except that your VPN must be set up outside the CIS, then we have the strictest requirements for the IP to bypass AntiFraud - cleanliness, absence from blacklists, minimum or no Fraud level ' and so on.
Regarding security. If you work in Russia, then sooner or later your priest will be in a bad situation, because everyone is watching, plus or minus. As for the United States, the work on it is therefore safe for us, that in order to attract you it is necessary to spend a lot of money on the investigation. It costs more to attract you than your hammered phone. Well, as you may have noticed, the level of security in Russia is on average higher, because we missed the initial stage of introducing banking technologies, and, one might say, we got to the level when the data, plus or minus, began to be protected.
The initial level of anonymity is to use TOR for shadow resources. Although, we are not held accountable for visiting sites, nevertheless, if you suddenly find yourself on the pencil to the security forces, then the first place where they will come is your provider.
torproject.org - link to download the TOR browser. This condition is optional, but forewarned means forearmed. Also, I'll also point out why we need a personal VPN. Logs. All these paid VPNs are great and convenient, but in fact, no one will give you a guarantee that they will not write you. The probability that they write is approximately 95%.
Get used to working to a minimum, without using services that you can do without. You will be able to put yourself your own personal VPN (This will be in the guide). For $ 5 per month (server rental). At a speed higher than many paid ones. Will work on the phone too. Therefore, if you haven't started a BTC wallet, start it. Calculations in our area are mainly made in BTC, and quite often through QIWI.
Exchangers (cryptocurrency):
bestchange.ru
localbitcoins.com/ru/
risex.net
It is not worth keeping money in BTC all the time, as the rate can both rise and fall. Therefore, assess your risks and desires yourself.
By the way, QIWI - not everyone accepts it for payment, but it is possible as one of the options.
Pros: Possibility of direct withdrawal to the card, if you do not shine the phone number, it is almost impossible to steal
Cons: They can block the wallet, the Russian payment system, which means it will give out any data on demand, therefore I strongly recommend it, if it is used, then only in the following format: left SIM, left mail, don't use your phone, buy a left one or use a virtual SIM. Display only on a dummy card. Do not use your IP and PC (you can use a virtual machine).
If we talk about withdrawing money through BTC, then the situation here is a little more complicated, but you can still withdraw money:
1. Through the exchanger, you can exchange money from BTC to a card, QIWI or bank.
2. You can withdraw in cash, but you need to look for a good seller, let's say.
The fact that BTC is anonymous is a myth and misconception, all transactions in BlockChain, at a glance, are not very difficult to track, just no personal data is needed to register.
Therefore, to preserve the anonymity of funds, I recommend using BTC mixers.
FAQ:
A: Do I need to change IP if I live in Europe / USA? How reasonable is it to use the public Internet - in a cafe, shop, subway, and so on? And if you break Wi-fi networks and sit from them? In short, does it make sense?
B: It is necessary to change. Firstly, you need a personal VPN so that your IP does not shine anywhere. Secondly, when driving, you will need an IP for a certain area. It is better to use a VPN in a Wi-fi cafe, otherwise your traffic may be leaked. It is possible to break Wi-fi, but not everyone can - this is a separate topic. We will not touch on.
A: And how to start a BTC wallet so as not to burn your personal data anywhere, because they often require passport data and other nonsense? Is there any way to get around this? Or just buy left-hand documents and register on them?
B: Yes, to buy documents from 30 to 80 rubles. And register. In the process, everyone will find their own methods.
Many of you have already felt Jabber, but links to clients and descriptions will not be superfluous. Today this is perhaps the best way to communicate anonymously, but of course, do not forget that the servers should not be in Russia. Better start a few. Two is
enough so that if the server falls on one account, then you are not lost.
Some more information about Jabber:
OTR - https://ru.wikipedia.org/wiki/Off-the-Record_Messaging
Jabber clients - jabberworld.info/Jabber_Clients
The most convenient ones are PSI and Pidgin.
securityinabox.org/en/guide/pidgin/windows/ - about security in Russia.
ru-sfera.org/threads/nastrojka-otr-na-psi.2658/ - PSI and OTR guide.
As for passwords, account data, CC and other information, it is convenient to use the Keepas program.
keepass.info/download.html Keepas
works simply - a file is created to contain your data, it will be encrypted. You will have a master password from it in your hands. It can be used both on a PC and on a phone. The thing is extremely convenient. To always be at hand, you can upload it to the cloud, DropBox, for example, and files on the cloud can be encrypted with BoxCryptor.
boxcryptor.com/ru/
Provide BoxCryptor'u access to your cloud and perform encryption on it, even if the cloud is hacked, they will not be able to access your files.
Let's talk about the second point of anonymity, more precisely, about the IP and the requirements for it. Checker IP sites will help us with this:
Checkers IP:
whoer.net/ru - Basis.
witch.valdikss.org.ru - I don’t trust much, but sometimes you can check.
whatleaks.com - DNSLeaks.
check2ip.com - Check for blacklists.
ip-score.com - Fraud Points.
getipintel.net - Fraud points and check for open ports.
ipqualityscore.com/user/proxy-detection-api/lookup - Important check! (registration required)
dnsleaktest.com - Check for leaks.
fraud.cat/Home/Faq - Paid (by subscription)
What do these sites give? They help us find out information about our IP, not only the IP and DNS itself, but also others that can shoot us down. Based on these sites, we will configure our systems and addresses. We must adjust all the parameters so that AntiFraud does not fire us and does not give us unnecessary Fraud points. If there are a lot of such points, then the Decline will fly to us automatically. The main rule is that the IP must be clean. The IPs of popular VPN services are blacklisted or marked as anonymizers,
as they are used by a huge number of people for a variety of purposes. Websites Checkers IP will show you this.
A little about Telegram. Telegram, as you understand, is not an anonymous thing. Anything that you do not control is inherently dangerous. Therefore, I do not advise you to once again use it to carry out any illegal business. By the way, those who have not heard recently found a vulnerability in secret chats, the bottom line is that they are not so anonymous.
So, if everything is clear with the first point on anonymity - we will create a personal VPN, then to work with the second point we will use special tools:
1. SOCKS.
2. SSH tunnels.
3. Dedicated Server - dedicated server.
4. VNC.
1. SOCKS. Proxy server.
Cons: Short-lived, live up to 3 days. Traffic is not encrypted. They can die in the process of driving, it happens.
Pros: You can buy a subscription and use many different IPs. Suitable for the type of work hammered and forgotten. Suitable for the SS.
2. SSH tunnels.
Cons: Difficult to find clean ones.
Pros: They live for a long time, for months. They cost about one dollar. Well suited for bank accounts and PayPal, those places where it is desirable to have one IP for a long time. To swing your account, that is, to have constant access.
3. Dedicated Server is a dedicated server. In simple words, this is someone else's computer. Connecting to DS we find ourselves on someone else's desktop and our IP will correspond to IP DS.
Pros: Same as SSH tunnels. You need to take it with administrator rights so that there is no one else on this DS except you.
4. VNC - https://ru.wikipedia.org/wiki/Virtual_Network_Computing... Very similar to DS. With a significant difference, when we connect, we sit directly in the session of our KX, which means that we have not only IP, but also Cookies in common. This can make driving a lot easier. However, there are not many of them on sale and I personally met their prices from 10 dollars and more.
How they look: 122.156.2.14:22@user:1234
Where - ip: port @ username: password
When using a colon and a dog you do not need to enter (122.156.2.1422@user1234) Ports can be different, for SSH tunnels 22, for others tools any free ports out of 65535 possible ports.
A little about ports - https://ru.wikipedia.org/wiki/TCP_and_UDP_port_list
whatleaks.com - you can check yourself now. The site will show your open ports. Just for the sake of interest, driving does not affect.
We have the following working methods (Everyone chooses what is more convenient for him, but I advise you to try everything):
1) Use DS and, if necessary, SOCKS and SSH tunnel to it.
2) Use a virtual machine, that is, run a SOCKS or SSH tunnel on it.
3) Use a separate PC with English Windows and run an SSH tunnel or SOCKS on it.
4) Use different Anti-detected + browsers (SOCKS or SSH tunnel), which can be very flexibly configured not only by IP, but also many other parameters that are important to us. An example is Linken Sphere (more on it later).
FAQ:
A: What is pure IP? Will the payment be canceled if I try to drive through the native system that I have now? Or through a friend's / girlfriend's computer? And, as I understand it, Telegram is not an option at all, if you want to discuss with a person, at least some kind of criminal case?
B: You can connect any public VPN and go to the Checker's IP sites. They will show you that your IP, most likely, is not "Native", which means that the store will give you Fraud-points and cancel the transaction. When there is a lesson about AntiFraud, you will understand why you cannot drive a girl from a PC, because AntiFraud looks not only at the IP, but also at the fonts in your PC, Finger Print, Java fills, DNS Leak has such a parameter and all this needs to be taken into account.
A: And how much money do you need for software (Not for CC), if you take the ideal, average and beggarly option?
B: If you take a subscription to Anti-detected, then there is $ 100 per month. And if the bundle is virtual machine + SOCKS, then the virtual machine is free. SOCKS from $ 0.5 each. If DS, then a normal DS from $ 5 and above with administrator rights.
A: And if you take DS without administrator rights, they burn it? Is it so critical?
B: They will burn you if you try to sort out passwords on this DS or start watching movies in high definition. Essentially, DS is your shared PC with KX. And it is logical that KX does not get nervous, it is necessary not to load his system.
A: Is it possible to somehow find out if I have some cunning guests now?
B: You will see if there is another person in your account. He, as a rule, will instruct his programs and engage in other activities.
A: What is DNS?
B: Domain Name System. This is the domain name server that we refer to when we try to visit a site. Better to watch a few videos to understand well. You should have a clear picture in your head.
A: And how does the DNS change if it does not correspond to the SOCKS country?
B: In Anti-detected browsers, you can change DNS in case of mismatch. And in Double SSH Manager programs.
SSH Tunnels:
sshseller.tk
getssh.net
farsh.biz
tunastock.ru
getssh.net/en/ssh
@sshTAMAPA
@sshseller_tk
@@amigo_trade
@@ almaz_00
SOCKS:
vip72.org
911.gg
faceless.cc
luxsocks.ru
DS - Dedicated Service:
f-pc.net
dedicatesales.com
xdedicvhnguh5s6k.onion Driving
tools. Lesson 5.
So. Let's talk in more detail about the programs that will help us establish connections. Software tools for driving. What tools for changing IP have we reviewed?
1. SOCKS.
2. SSH tunnels.
3. DS.
4. VNC.
Everything is correct. So that our provider does not notice us, where and what we do, and our foreign friends do not catch us. If suddenly SOCKS falls, under it will be the IP of our VPN, and not the real IP. We have tool pie. At the very bottom is a personal VPN for security, and on top of it SOCKS / SSH tunnels / DS for AntiFraud.
Consider such a case that we have chosen to work with a virtual machine, on which we will install the operating system with which we will do it by driving. If we work in the USA, then we need to install the English version of Windows, but our system is English, and the IP remains the same, so, to change it to the US IP, we must use an additional tool. Its name is a proxy server. SOCKS and SSH tunnels. If we have the opportunity to install English Windows on the main PC, then the need for a virtual machine disappears by itself, but we still use SOCKS and SSH tunnels to change the IP. It is better not to connect your personal PC with Carding. Personal is
personal and work is work, so either a second laptop or a virtual machine. Alternatively, you can use DS.
By the way, you can also make DS from your PC, connect to it from another PC and also work. The principle of operation is close to that of TeamViewer, who used it will immediately understand what is at stake. Thus, when we launch DS, we find ourselves on someone else's desktop, and we are already working on it. DSs are mined by Brut of PC ports. Most often, Brute is a hack carried out through the selection of a username and password using special programs. DS can be purchased by country or state. The DS survivability is usually about two weeks, sometimes less, mine once lived for a month, but I did not load it and worked occasionally. Also, you need to consider a tool such as browser Anti-detected. For example, as I already wrote - Linken Sphere - LS.
This is a browser that allows you to change the data that AntiFraud fills. For example, IP, DNS, time zone, WEBRTC, system emulator, that is, you can configure that we will be seen as if we are working with IPhone, Android, Windows, Linux and so on. He has a lot of opportunities, he goes by subscription, on the site the prices and the description are detailed.
LS helps us change a lot of parameters, but we still need to purchase separate SOCKS or SSH tunnels.
As a result, SOCKS and SSH tunnels are required in almost all cases except DS, since DS already has the IP of the country you are buying, but in order to more accurately position your IP, you can hang an SSH tunnel or SOCKS. This is necessary if DS is in Ohio, and you need to beat in New York.
Summary - options-bundles for work:
1. Virtual machine (or a separate PC) + SSH tunnel or SOCKS on it.
2. DS + SOCKS to change the IP if needed.
3. Anti-detected + SOCKS or SSH tunnel.
And in front of each bundle is our personal VPN. It should always be there to hide our real IP. VPN is always installed on the main machine, not on the virtual machine and not on the DS. If you put a VPN on DS, then your chain will look like this: your IP - USA IP DS - IP of your personal VPN. It is in order to encrypt the connection to DS that we put on the main VPN system.
We turn off the logs so that the VPN server does not store the compromising evidence of our connections in the log. This is evidence.
If you use LS or another Anti-detected, then the software is not needed there. We will disassemble the connection of each program if someone has problems. I once spent a lot of time working on them. I advise you to try to use everything.
See all the pros and cons.
Connection to DS. You can use the standard Windows method. Run command on the Start menu, where we enter mstsc. A window will open in front of us where it will be possible to
connect to a remote desktop, and there we enter data from our DS - IP + Port, login, password. Instructions - akak.ru/recipes/6577-kak-vyipolnit-vhod-na-dedicated-server-dedik. Or you can use programs from xDedic, the principle is the same, only the question is to whom, which is closer.
xDedic RDP Client v1.0 - for connecting to DSs.
It is important to understand that DS are different in capabilities, they have different OCs, with or without administrator rights, just like our PCs are different for everyone. In order not to leave traces when connecting to DS, you can use Log Cleaners.
xDedicLogCleaner - for cleaning system logs.
It is better not to store files compromising you on it. Remove all unnecessary, use Portable versions of the programs, so that everything is quiet and invisible to KX. For the best work, you need to take DS with administrator rights. This will allow us to create our accounts, hide them, which will provide us with an increase in the lifespan of DS'a.
xDedic Log Cleaner is designed to clean up system logs, clean up temporary folders, for example, temp, you can also delete an account from DS along with all the files that you created during use. Cleaning is done not on behalf of your account, but on behalf of the system (System).
Attention, very important: The program works ONLY on servers with administrator rights! OS: Windows Vista or higher.
Description of buttons for xDedic Log Cleaner:
[Flush] - cleaning logs in one click. There is no point in explaining further, and so it is clear!
[Auto Flush] - clears the logs at a specified time interval, that is, choose the time, click OK and that's it, the program can be closed, the logs will be cleared every N minutes.
[Flush & LogOFF] - clean the logs and exit the account. It is useful if you did not create an account for yourself on DS, but work under a purchased account, that is, you disconnected from DS, and the record that you disconnected remained in the logs, it must be erased. Finished working with DS - chose an option, set the time, clicked OK, disconnected from DS. The program itself will cover up the traces and disable the account.
[AccountDelete] - A useful and dangerous function at the same time. Usefulness:
1) Disables your account.
2) Removes it from the system.
3) Deletes your account folder from C: \ Users.
4) Cleans all logs. Complete covering of tracks on DS.
Danger: You will no longer be able to log into DS with this account. Also, if the only account on DS is Administrator, and you delete it, no one else will be able to log into the server, only reinstalling the system will help.
Dedic RDP Patch v2.1 - to create a hidden account on DS.
DS characteristics and rights are negotiated upon purchase. DSs are divided into - server: Windows Server 2008/2011/2012/2016 and home: Windows 7, Windows 8, Windows 10. Several people can work on server rooms, only one at home. Also, for a better understanding, you can read: dedicatesales.com/faq.html
And a little about VNC. VNC, in fact, also connects like DS, only through its client. DS has RDP, VNC has VNC. The difference is that you are sitting with the user in the same account, but in different sessions. That is, in fact, you and KH are like one person, which, of course, successfully influences driving, because you do not invent - you collect a personality, but use a real KH.
So, we connected our VPN, connected our bundle and got an IP that will be used on the drive. Our IP has such a parameter as RiskScore. Its value is from 0 to 100, the smaller it is, the better for us. RiskScore measures how fraudulent our IP is (Indicates how likely it is that the IP address is associated with high-risk transactions). There is a service, its name is MinFraud, and it is engaged in determining the RiskScore of our IP. It is better not to check the RiskScore directly, but rather to check such an indicator as the Proxy Score, knowing the Proxy Score you can approximately find out the RiskScore.
"If Proxy Score 0 - RiskScore will be 0-10. Proxy Score 1-2 - RiskScore will already be about 60"
Let's talk about Proxy Score. IPScore is used by more than 7000 online stores to identify fraudulent transactions, if from some IP address they made purchases under someone else's name, such IP is entered into the database, and the next purchase will be carefully checked by the store employees, and the chance that the drive will be successful is minimal. Proxy Score ranges from 0 to 4 and shows the probability that the user's IP is a public proxy server. A Proxy Score of 1 or 2 indicates a medium risk, a Proxy Score of 3 or higher indicates a high risk. Proxy Score 0 shows completely anonymous proxies.
0.5 15% / 1.0 30% / 2.0 60% / 3.0 90%
There are services for checking Proxy Score - fraud.cat
FAQ - fraud.cat/Home/Faq
maxmind.com/en/explanation-of-minfraud-riskscore - a little about how the systems that check us work. Also, IP has such a topic as blacklists. The absence of your IP in these lists has a beneficial effect on driving, on its success.
ip-score.com/ - go to this site. Right column - Blacklists check. If more than two indicators are Listed, then it is better to change the IP. Whoever has zero and one is good.
Let's go further - getipintel.net. Come in, scroll down to the line where you need to drive the IP. If the IP indicator is higher than 0.6-0.7, then it is not suitable for driving. One is the maximum, the maximum
- badly. This means that we are being fired to use a proxy server. which is not good, because ordinary KX rarely uses proxy servers. This value depends on the provider, on your connection, on SOCKS. Remember, if the IP indicator is higher than 0.6-0.7, then it is not suitable for driving.
Then we go here (registration is required) - ipqualityscore.com/user/proxy- detection-api / lookup
Our IP will be in the window. We select item 3 in the options and check. There will be four parameters:
Proxy / VPN Detection: false VPN: false
TOR: false Fraud Score 0
100 is bad. We read.
In short, everywhere should be False, and Fraud Score less than 60, then it makes sense to use this IP for driving.
ipqualityscore.com/user/proxy-detection-api/documentation - How bad IPs are calculated.
In fact, you now understand how, by running your IP through the Checkers, the AntiFraud site decides to give you a product or make a cancellation when you drive in.
FAQ:
A: That is, you can clog your IP under VPN until it becomes "Dirty"? Or how?
B: You can beat it while it's clean, but you don't need your personal VPN, it's not for that.
A: Is it desirable to drive IP through the entire complex of your designated resources?
B: It is desirable, because what one does not see can be seen by another.
A: It turns out that while the IP is clean, you can not hide at all and try to drive in or what?
B: Your IP is IP RU, which means it is clean for driving in by RU. Ideal, but you must admit, it's strange if KH from the United States will shop while in Vladivostok.
A: What if I'm in the USA?
B: And if you are in the USA, sooner or later they will grab your ass. Working in the country where you live is a lot of problems.
Additional material:
About anonymity on the Internet:
habr.com/post/190396/
habr.com/post/190664/
habr.com/post/203680/
habr.com/post/204266/
sourceforge.net/projects/whonix/ - What very important for anonymity.
myshadow.org/trace-my-shadow - What can be tracked over the Internet.
panopticlick.eff.org - Check if your browser is collecting data.
A little about Cookie:
habr.com/post/126643/
habr.com/post/104725/
habr.com/post/190488/
Logs:
habr.com/post/332502/
thesafety.us/ru/vpn-logs
The necessary software to run on a virtual machine:
the VMWare:
mega.co.nz/#!gwRFRY4I!6SvVM9QIX0LLeXjcz5XgrG1HDxOSEtiY6Kg_0uaSVK4
nnm-club.me/forum/viewtopic.php?t=964361
nnm-club.me/forum/viewtopic.php?t= 931454 (for MAC users)
Installation:
Download different OS:
nnm-club.me/forum/viewtopic.php?t=337306 (Windows 7)
rutracker.org/forum/viewtopic.php?t=4461985 (XP x32)
rutracker.org/forum/viewtopic.php? t = 4602474 (XP x64)
Installing OS on a virtual machine:
Other required programs:
mozilla.org/en-US/firefox/new/ - Firefox
portableapps.com/apps/internet/firefox_portable - Firefox Portable
ccleaner.org.ua/download/ - CCleaner
sendspace.com/file/lf3rvd - Plinker - program for launching SSH tunnels,
Proxifier - a program that allows programs that do not have the ability to work through a proxy server to bypass this limitation
Bitvise SSH Client 6.08 and Proxifier v3.31 work well with each other, so try to comply with the versions. Different versions react differently to each other. This bundle works.
Connection to DS. Questions and answers. Lesson 5.1.
You can connect to DS using the built-in Windows utility: Remote Desktop Connection. Start => Programs => Accessories => Communication => Remote Desktop Connection.
You can also do this: Start => Run => mstsc.
Another utility for connecting to DS is [BL4CK] VNC Viewer: Authentication Bypass.
Just start it up and enter the IP address of the DS.
How to upload software to DS?
Also, there is nothing difficult. If it (Soft) is on the Internet - then you do everything as on your PC - open the browser and download, if it is on your computer - then first you need to upload it to any file hosting service (dump.ru, sendspace.com), and then using the received link from the DS browser - download it again.
Also, you can connect your local disk to DS drives using the mstsc options (Menu - Options or Advanced). We select which disk to connect and then connect to DS. On DS, open My Computer and there we see our disk, from where we copy what we need.
After purchase, it is recommended to change the password to any of your own.
How do I change my password?
On DS press "start" "run" cmd. Enter: net user, user, password and Enter.
How do I create a new user on DS?
I must say right away that extra accounts are an additional reason to lose the server. For example:
Click: "start" "run" write cmd and enter:
Code:
net user sql 1234567 /add
net localgroup Administrators sql /add
In this case, an SQL account with a password of 1234567 will be created.
What if the clipboard does not work? You cannot copy text, links, and so on. Execute:
tscc.msc> connections>% connection_name%> client settings> clipboard mapping
Effective after restarting the RDP service.
It happens that rdpclip.exe works crookedly. It only helps to reboot the process (Kill in the task manager and Win-R -> rdpclip.exe)
What to do if it displays a message when connecting:
Code:
terminal exeeded the maximum connections?
In this case, in 99% of cases, the so-called console connection, or connection through a zero session, will help.
To do this, in Start-Run, type:
Code:
mstsc /v:0.0.0.0 /admin и бьем ENTER
Or: mstsc /vternet.0.0.0 / f -console (of course, instead of zeros, we type IP DS).
When logging into DS, it is not possible to change the layout.
To enter your username / password in English. The solution is as easy as shelling pears. After dialing the IP, do not press the connection to DS, but go to the "Advanced" option, where we enter the login on the desired layout and only then join the DS and enter the password (it will be entered in the same layout as the login).
What does "Log in to local computer" mean?
In this case, when logging into DS, after entering the password, you need to select another line in the field that is under the password, the one where it says "...... (This computer)" and after that we already enter the server.
What if I see other "left" users in the purchased DS?
In this case, there is no need to panic and rush to accuse the service of selling “Not in one hand” - this has never happened and will never happen. First, you should definitely be sure that these are NOT local DS users (the owners themselves). Secondly , it is quite easy to get rid of unwanted neighbors and with this request you should contact a consultant in ICQ 311582 and you will definitely be helped.
How to work correctly?
The main thing here will be:
• Hide your software deeper in system folders, such as c: / windows / system32 .
• Do not create a number of additional accounts in addition issued to you when you purchase.
• Rename your .exe files by analogy with the system, such as svchost.exe.
• Warn Anti-Virus alerts - immediately configure them to work together with your software.
• Do not touch accounts already existing on the server.
• Do not overload the server unless absolutely necessary.
• Avoid heavy processor load (up to 50% dangerous maximum).
• When installing programs, make sure that shortcuts do not appear on the desktop and in the Start Menu, or manually delete them from the All users profile.
Configuring Linken Sphere (LS). Lesson 5.2.
I will say a few words about Anti-Detected. In my opinion, the thing is very useful and necessary in our craft. However, they are divided into two groups. Those that hide the hardware (Processor, video card) and those that replace the browser for us.
Of those that replace hardware, I can recommend Aff Combine. It costs $ 1000. Maybe someone needs it.
And those who replace the browser - there are quite a few of them, but I can only single out Linken Sphere, because they have some of the most reasonable prices, they have technical support, frequent updates, and you can also buy config (more on that below). I am silent about other Anti-Detected, since their prices are $ 2000, and they work worse than the same Linken Sphere. In general, decide for yourself.
So, one of the tools that simplify our work is Linken Sphere (LS) ls.tenebris.cc.
The site has a short FAQ for the product. The cost of the product when paying for one month is $ 100. If paid for 6 months (Pro Version) - $ 500.
What does the Pro version give? By purchasing a license, you get the opportunity to buy private config'i on their website. The cost of one config is $ 3. Config is a "model" (assembly) of characteristics - OS version, browser version, and so on. That is, it is a config merged from a real machine.
It all works quite simply. We bought a CC, made a separate config for it, put an SSH tunnel or SOCKS in config - and off you go. In LS itself - like in a browser, tabs are also opened, and you can open tabs of different config '. With LS I drive in the best stores, with the strongest protection, if anything. You don't need a virtual machine to run Linken Sphere.
Let's continue. So how do you set up LS? First, open it, go in, click Setup New Session.
After opening, we will see a window like this:
This is a new design, then the photos will be with the old design, but nothing much changes there.
Next, select our User Agent (you can add them yourself): useragentstring.com/pages/useragentstring.php?typ=Browser
Then click on the Config Manager button:
We see the options that are available to us:
We selected and click the Generate button:
What we got:
Going to WebGL from the screenshot above. In WebGL, we check that WebGL got up by itself. If we see this at once, then he stood up:
That is, when we opened this window, what we see in the red rectangle should already be up. If he did not get up right away, I delete this config.
Delete config:
Then back here:
Next, we expose our SOCKS or SSH tunnel. Example with SOCKS:
(1) - this is a note, I myself write an SSH tunnel (SOCKS) there, it remains there and so on, this is just a field for comments. Below is where we enter our SOCKS or SSH tunnel
- its IP and its port.
After that we press Check Proxy (button 2). And we get the result (indicated by the number 3) that the tunnel or SOCKS is alive and its ZIP.
The time here (in the green frame) is automatically pulled from the tunnel / SOCKS, you can also change it here yourself. If everything is as we see now, press the Save button in the lower right corner.
We get an open window:
How do I:
1) I go to Whatleaks and see the quality of the SOCKS (SSH tunnel)
2) I look at the open ports and so on.
3) Close config.
Pressing Setup again. Looking for my profile "No name"
I choose and change the name:
For convenience - under the name of KH. Save again and go to config. What else is interesting here? For example, you can put GEO under KX.
In this place. Where can I get it? GoogleMaps to help:
We drive in the address of the KX and on the maps we get GEO to this address. It is necessary to click the mouse next to the position of the house. We take this information and paste it here:
GEO and other details - you don't need this for the first time. It is enough what I described above.
Creating a personal VPN. Lesson 5.3.
VPS servers (Buy):
my.blazingfast.io
cp.king-servers.com
abusehosting.net
morene.host
abuhost.net
vps.ag
profitserver.ru
Open your personal account at my.blazingfast.io. Before that, you should already buy yourself a VPS server. Usually it costs from $ 3-5. (Now it's better not to take a server there)
Click on the panel, get our server, click on it.
We receive data from our server, we are interested in IP and password. We save ourselves somewhere in a notebook for convenience. Open PuTTy, enter the IP of your server into the HostName window.
We press Enter. Next, we entered the IP into PuTTy, clicked the Open button. In a new window, you will need to enter a login - we write the word root. We press Enter.
IMPORTANT! After pressing Enter, you were prompted for a password. Copy the password, and right-click on the terminal and Enter. By default, passwords are not displayed in terminals. If Access is denied twice, then close PuTTy and re-enter.
Now enter - wget https://git.io/vpn -O thisiseasy-ru-vpn.sh && bash thisiseasy-en-vpn.sh - ALSO RIGHT BUTTON AND PRESS ENTER. We press Enter. We are offered to choose a protocol - we leave it by default - press Enter. Next, we are offered by default port 1194, we also press Enter. Further, we see that we are offered to choose DNS for our VPN, we put the number 3 - we are interested in DNS from Google. Press Enter.
Next, you will be prompted to enter the name of your client, enter whatever you like.
We press Enter. We are waiting for the process of creating the config file to be completed. Will write Finished and a terminal line will appear.
Now minimize your PuTTy. We go into the WinScp program.
Enter IP, your password and username (root).
Here, we see the contents of our server on the right, and our PC on the left.
Let's immediately edit our config for logs. Open ClientName.ovpn. OpenVPN config files have the .ovpn extension. Find the value of verb 3, correct verb 3 to verb 0. Enter (Go to the next line). Add log / dev / null
We save the changes. Now we will transfer our config from your server to your PC. Go to your PC at ProgramFiles / OpenVPN / config. Copy your config to this folder. (If you can't copy it, then first transfer the config to the desktop, and then to ProgramFiles / OpenVPN / config. That is, we created a config in PuTTy, then found the config file through WinScp, edited it so that no logs were written. Now we copy our config from the server of our VPS to our PC. Launch OpenVPN.
Find the monitor icon and connect. Open the whoer.net browser.
So, reopen PuTTy. In PuTTy we now insert again - wget https://git.io/vpn -O thisiseasy-en-vpn.sh && bash thisiseasy-en-vpn.sh Now we create the second config. Now we add a new User. Therefore, we create a new config. Thus, we will have two config'a on one VPS server. This is necessary in order to sit on the PC and on the phone at the same time.
A new config is created. Open WinScp and see that our new config is next to the previous one.
Now we are ruling again. Verb 3 to Verb 0. log / dev / null.
So, who created the second config and edited it, you can safely copy it to your phone, download OpenVPN to your phone, find the path in the program where your config is on the phone and connect.
So, let's make a summary of creating a personal VPN.
We need the PuTTy program in order to log into our VPS server and create a config.ovpn with certain characteristics on it. PuTTy is essentially an SSH client. Instead, it can be any similar, for example, Termius. It is for information only. You can put it on your phone and also go to your server while sitting on your phone. This happens if you don't have a PC at hand, but you need to create a VPN.
WinScp is a program for connecting to the "file" component of our server (in fact, the GUI). That is, we need it in order to transfer our config to the desired directory on our PC. OpenVPN is the GUI of the OpenVPN client. We need it for convenient connection. In fact, all these actions can be performed in the terminal, but you can easily master this if you are interested in Linux.
There is such a thing as DNSLeak. DNSLeak is your real IP leak. For example, you have connected to SOCKS, and the Checkers' sites of your IP give yours that your IP is USA, and DNS is USA and Russia. This is bad for us, because what good is our crystal clear IP if you can be seen behind it by DNS. Read more about DNS on Google - it's the domain name system. DNSLeak arises due to the fact that your requests to the American do not go directly, but through the You-Russia-USA chain. As a result, some Checkers are able to see the entire chain, which we don't need. How to beat this?
comss.ru/page.php?id=2814 - we use the DNSCrypt program.
Installing the DNSCrypt-proxy service on Windows, Linux and MacOS to encrypt DNS traffic between the user and secure DNS servers. This prevents snooping attempts, DNS hijacking, and MITM attacks. That is, your DNS traffic is encrypted and not tracked.
You can check your connection for DNS leaks here - dnsleaktest.com
Information that can be obtained via the Internet - myshadow.org/trace-my-shadow
How to clean the logs on the server? Lesson 5.4.
Let's talk about the logs on the server, not only the OpenVPN logs, but also about all the logs that are written on the server. A good help for us will be an article from Habr, describing the types of
logs and their purpose:
habr.com/post/332502/ - logs and their purpose.
Note that most of the log files are contained in the / var / log directory. We do not like logs and therefore we ask a question. Is it possible to delete all the contents of / var / log and not worry about the logs? Not. This can lead to crashes and frequent error messages. If we cannot delete them, then we need to clear their contents. Thus, by clearing the contents of these files, we actually clear the main logs of our actions on the server. What types of logs in the / var / log directory we are interested in:
----- / var / log / syslog or / var / log / messages contains a global system log, in which messages are written from the moment the system was started, from the Linux kernel, various services , discovered devices, network interfaces and much more.
----- / var / log / auth.log or / var / log / secure - information about user authorization, including successful and unsuccessful login attempts, as well as the authentication mechanisms involved.
Since we are working with OpenVPN, it's worth dwelling on it in more detail. OpenVPN is a tunnel creation program. She writes logs - who initiated the connection to the tunnel and from where, how the connection went, and so on, that is, writes logs throughout the entire work. We can tell it the file where the logs will be written, but if this is not done, then by default the OpenVPN operation logs are written to / var / log / syslog.
So, we figured out the types of logs. We also figured out where the OpenVPN logs are written, now about how to clear them.
Launch PuTTy. Enter your username and password. And, thereby, we connect to our server. We know that all kinds of logs are kept on our server, and we know the / var / log directory.
Let's see the contents of this folder, enter the command in PuTTy: dir / var / log / -l
You see a bunch of log files, which are described in detail in the article on Habr that I gave.
These are all logs. Where we see numbers after the name or the .gz extension, we can safely delete it. The service will not be affected. Now we will not do this, because these logs do not bother us. These are basic logs, but now we are only interested in the contents of the syslog file, because OpenVPN sends a report on its work there by default. We want to see what kind of logs have accumulated there.
We enter the following command:
Code:
cat /var/log/syslog
Now let's check if our OpenVPN logs are written here. Connect your OpenVPN config that we created. Now let's go back to the terminal, to see the changes in syslog, you need to restart OpenVPN with the command:
Code:
/etc/init.d/openvpn restart
The server gave us a message that OpenVPN was restarted. Now we have to look again at the contents of syslog, and we will find our old log + OpenVPN log:
Code:
cat /var/log/syslog
That the first, that the second, as we can see, are written to Syslog. Now that we have clearly seen that the log of our connection is being written to Syslog, our task is to clean its contents. Enter the following into PuTTy (command line, terminal):
Code:
cat /dev/null > /var/log/auth.log && cat /dev/null > /var/log/syslog
This command clears the contents of Syslog and auth.log.
How can we verify that we have cleared the logs? We must check the contents of these files with the commands we are already familiar with.
We reboot the server:
Code:
/etc/init.d/openvpn restart
We view the contents of the Syslog:
Code:
cat /var/log/syslog
We look at the contents of auth.log:
Code:
cat /var/log/auth.log
They now have 2-10 records (or even empty) instead of a huge sheet of rows. Only the log of the last connection remains.
Congratulations, you have manually cleared the logs on the server. Now I do not have a ready-made solution on how to do this on the machine, most likely, it is necessary to write a script (I can give it to anyone) and give it the right to be executed every day. But we don't need it. Clean this way once a week and you will be happy.
A summary of how to quickly clean (That is, a summary of our lecture on cleaning logs on the server):
Go to PuTTy. Enter your username and password.
We execute the command:
Code:
cat /dev/null > /var/log/auth.log && cat /dev/null > /var/log/syslog
And that's it, there are no logs. It's a matter of two minutes.
Everything that I described can be done in the WinScp program, go into the folder with logs, open, clean it manually, but why do this if we have a ready-made reliable solution, and an easier one.
And of course, do not forget that the provider of our VPN can still keep logs of our activity, which in fact does not matter much, because in order to prove something, your IP alone will not be enough. The logs on your PC and on the server are proof that we clean up.
The main
thing : - to understand, as long as the condition is fulfilled that it is more expensive to catch you than to cover the losses from you
- you will be safe.
Consider a case where you have syslog and for example syslog.1 in / var / log folder. That is, two files. To understand this, we go back to the logs directory and see what files are there:
Code:
dir /var/log/ -l
If you see there, for example, there is a syslog.1 file, then you can delete it with the command:
Code:
cd /var/log && rm syslog.1
Instead of Syslog.1, it can be the name of any file you want to delete. We figured out the logs on the server.
Let's continue. And now about the logs on your PC. Logs on your PC are written here:
Go there and see, there are usually no more than 10 lines. So little, because we have already prescribed in the config itself so that the logs are not written on your PC. If we did not correct our config after its creation, then in this file that you have on your PC all the OpenVPN GUI activity would be registered. For the sake of experiment, you can create a new config without editing it and look at its logs, what and how it writes.
Thus, you learned how to disable logs for your PC, and then delete them on the server itself.
PS: All the necessary programs are on the Internet.
VPN + TOR + VPN bundle. Lesson 5.5.
This bundle only works on VBOX.
From whom VMWARE can import your system under VBOX.
Even though you will be working through 20 VPN servers, it will only increase the time it takes to catch you. How is your identity revealed? It's simple, there is your VPN server, any VPN server has a provider. They send a request to the provider and ask who connected to this server, respectively, they find out your IP.
What is the way out of this situation? VPN-TOR-VPN, universal chain. The first VPN will protect you from various SORM systems and hide the use of TOP. Next, you have TOR, which covers your tracks. And the last VPN or DS provides us with a white IP on the output.
1.virtualbox.org - Download VirtualBox.
2.whonix.org/wiki/VirtualBox/XFCE - download Whonix Gateway. You can also download Workstation and be super anonymous working from under its environment.
3. Press Ctrl + I in VBox and import the downloaded Gateway
4. Go to Settings (gear icon) - set 380MB of RAM (then Whonix-Gateway will open in terminal mode, which is more than enough for it to work and does not eat RAM).
5. In the Systems tab, also put a check mark only in HARD DRIVE and drag it to the very top.
6. General - Advanced - Shared Clipboard (Bidirectional)
7. Drag'n'Drop - Host to Guest
8. Launch Gateway.
9. Select "Iam Ready to Enable Tor", wait for "Next" 10.
Now traffic from the main machine goes to the Whonix Gateway. Whonix will boot in console mode, no further changes need to be made in Whonix Gateway.
1. Now we connect Whonix and Windows.
2. Launch our Whonix Gateway. RMB on the Windows virtual machine, select the "Configure" item, then go to "Network", disable the first adapter -> enable the second adapter -> select "Internal network", select "Whonix" below
3. Done! Now all traffic goes through TOP and Whonix Gateway.
Again. First based on VPN, launch GATEWAY, then VPN on virtual machine again (I am using second VPN Nord) Done. (Then we hook SOCKS / SSH tunnels / DSs)
Ideally, install a virtual machine with a script in order to override the VBOX parameters.
ANTIFRAUD. Lesson 6.
Let's talk about AntiFraud. As already understood from the safety lesson, in order to complete a successful driving, you need to follow certain rules. AntiFraud - protection against fraud. Fraud is a scam. In our case, bank card fraud. That is, AntiFraud fights fraud. AntiFraud has its own settings, ranging from simple to the most complex, the more complex the settings, the tougher the transaction checks are. The simplest ones are protection by CVV code, analysis of the card by country of issue, check of the IP address. The more complex AntiFraud is, the more expensive it is for the online store, basically they pay money for AntiFraud based on the number of transactions that go through it. Automatically, we can conclude that not all stores use high-level AntiFraud, since it is not always profitable, which is confirmed in practice when driving in.
AntiFraud has a group of filters through which information passes and after that the system calculates the so-called Fraud-points. Based on Fraud points, the system decides what to do with the transaction - skip, cancel or send it to the manager for manual review. When we drive into the store, we have the opportunity to specify two addresses.
Billing address and Shipping address. Billing address is the address of residence of KX, that is, when a person issued a card, he indicated this address. The shipping address is the address where the goods need to be delivered. This must be remembered. Let's say we scored certain Fraud points when typing, for example, problems with IP, besides, our Billing and Shipping addresses do not match, that is, in the Billing address there is one address, and in the Shipping address - another, then additional Frauds will be added to our payment -points.
pochtoy.com/newbies/billing-shipping-address/ - you can still look at the addresses here.
Also, the domain addresses of our mail can be verified. What does it mean? For example, there are postal services, such as mail.com, where registration takes place without SMS verification, that is, it is quite simple to register. Therefore, it is better to use mail like Gmail, yahoo, aol.
Services of the type help us to
receive
SMS : simsms.org sms-reg.com
sms-activate.ru
@ rodik19 (expensive)
You can also use corporate mail, that is, company mail, but I do not recommend it. You can buy corporate mail here - fraud.cat
Why I do not recommend corporate mail, you can read in the material:
Three Most Popular Carder Mistakes - AntiFraudScore
Здравствуйте, Уважаемые Кардеры, с Вами Учитель и "AntiFraudScore"! Поговорим сегодня с Вами о транзакциях в среднестатистических магазинах с среднестатистическими антифрод системами, а также разберём, почему у Вас отменяют массово Ваши ордеры. Как обойти антифрод? Или почему шоп не даёт У...
carder.uk
There is such a moment with AntiFraud that ordinary buyers often suffer due to strict checks. Therefore, on peak sales days, the level of verification is reduced to the system - Black Friday, the time before Christmas - these are the days when driving in are easier. Because of this, December is considered the most favorable time for our craft.
Some stores even have such moments that the information from where we entered their site is read - through a direct domain or from a third-party source, so it is better to go to your store while typing through search engines, for example, through Google. It may be that the open tabs in your browser are firing at the moment and the time that your IP address is on the network. So to have a store in open tabs, into which they were going to drive in and with it Carding forums, would not be entirely correct.
But again, this does not bother us everywhere. Depends on the store. I will clarify that the programs on the PC, information about the hardware - all this is not noticed, if anyone thought. Only data provided by the browser. Everything that can be spied on is here - whoer.net
There is such a thing as "warming up", that is, before driving in, warm up the store. Warm up - climb through the pages, add / remove products from the cart, you can talk to online support, clarify a couple of questions - this is never superfluous.
AntiFraud often sends an order for manual check and, for example, if you have previously communicated with technical support, then the order will be checked more loyally. By Email, I will also clarify the moment that you need to do it under the name and surname of our KH, that is, so that there is a match with the Billing name.
Attributes table by which some AntiFrauds can notice us.
WHAT IS THE ONLINE STORE LOOKING FOR:
Code:
Mail similarity to billing name - От 0 до 1. (от 0% до 100%). Насколько E-Mail адрес (Без домена и цифр) совпадает с Billing именем (Почта).
Unique billing last 4 (past hour) - Количество разных 4 последних цифр CC за последний час (Карта).
Unique billing addresses (past month) - Количество разных Billing адресов (Домашний адрес КХ СС).
Email domain - Домен почты (то, что идёт после "@") (Почта).
Number of users with the same shipping address - Кол-во разных пользователей, которые используют адрес доставки, как у нашего "клиента". (Пересылка/Посредник)
Estimated email address age - Ориентировочный возраст почты "клиента". Возможно, просчитывается по словарям или базам почты. К примеру, сейчас почту: [email protected] - вряд ли зарегистрируешь, она, скорее всего, древняя. А вот [email protected] зарегистрировать легко (Почта).
Unique billing BINs (past month) - Кол-во разных BIN'ов на данном аккаунте за последний месяц (Аккаунт).
User location - Локация "клиента" по IP (IP).
Browser/OS - Система и браузер (Система).
Shipping/billing address distance - Дистанция между Billing и Shipping адресами (Дистанция между домашним адресом КХ и адресом, куда он хочет доставить посылку).
Changes in payment methods in the last day - Кол-во измененных видов оплаты за последний день (Аккаунт).
Network - IP-сеть (IP).
Payment method payment gateway - Способ оплаты (Способ оплаты. К PayPal, к примеру, доверие может быть больше у магазина, чем к CC).
Unique billing postal codes (Past month) - Кол-во уникальных Billing почтовых индексов за последний месяц (Аккаунт).
Account age - Возраст аккаунта (Аккаунт).
Unique billing BINs (Past day) - Количество разных BIN'ов за последний день (Больше BIN'ов - меньше вероятность на успех).
Unique billing postal codes (Past hour) - Кол-во уникальных Billing почтовых индексов за последний час (Больше адресов - меньше успех).
Shipping address country - Страна получения товара.
Purchase amount in USD - Стоимость заказа в USD.
Number of users with the same billing address - Кол-во разных пользователей, которые используют этот же Billing адрес (Известные адреса Drop'ов у магазинов в черных списках).
Time since previous transaction - Время между последними транзакционными событиями.
Shipping name length - Количество символов в имени получателя (Аккаунт).
Unique billing addresses (Past day) - Количество разных Billing адресов за последний день (Чем меньше, тем лучше).
Unique Billing Names (Past month) - Количество разных Billing имен за последний месяц (Чем меньше, тем лучше).
Timezone offset - Разница между UTC временем и временем "клиента", в минутах, узнается через браузер (Система).
Number of digits in the shipping address - Кол-во цифр в Shipping адресе. (Дома мало цифр имеют, если много цифр, то, наверно, определяют как посредника).
IP address - IP с которого зашёл "клиент" (IP).
Unique billing names (Past hour) - Кол-во разных Billing имен за последний день (Чем меньше, тем лучше).
Mx records from email domain count - Количество MX Records на домене почты (Почта).
Credit Card BIN And Last4 - BIN и последние 4 цифры CC (Карта).
Unique billing BINs (Past hour) - Кол-во разных BIN'ов на данном аккаунте за последний час (Аккаунт).
Number of digits in the billing address - Количество цифр в платежном адресе.
Digit-Normalized email address - Адрес электронной почты с пониженным регистром и с заменой цифр на знак "#" (Почта).
API event without page view - пользователь получил "Non-transaction" API событие. Но обошёл/не прошёл Javascript AntiFraud'а.
Signup to transaction time - Количество дней между транзакцией и регистрацией (Аккаунт).
Browser fingerprint - Уникальный идентификатор браузера (Система).
Unique Shipping Add in Orders (Month) - Количество уникальных адресов доставки за последний месяц (Чем меньше, тем лучше).
Billing last name in email - Отображается ли последнее слово имени Billing адреса в адресе почты ([email protected]) - John Smith.
Latest name - Последнее имя (Карта).
Billing address is reshipper - Является ли Billing адрес известным адресом пересылки/посредника (Адрес Drop'а/Посредника, что находится в черном списке).
IP/credit card country match - Соответствие стран IP/CC (IP+Карта).
Transaction billing last 4 - Последние 4 цифры Billing транзакции (Карта).
IP connection type - Connection of the IP block the user connected from (Проверяют не заблокирован (Для их магазина) ли у тебя IP).
Device fingerprint - Уникальный отпечаток устройства, с которого подключился пользователь (Система).
Unique Billing Names in Orders (Month) - Кол-во уникальных Billing имен за последний месяц (Чем меньше, тем лучше).
Latest changed password - Последний измененный пароль/изменялся ли пароль (Аккаунт).
Full checks are not carried out everywhere, many moments are bypassed using Anti-detect (LS), or if you beat through a good DS.
You can read a few parts: habr.com/post/253725/
FAQ:
A: If I communicate with those. support through a Google translator, then they will understand that I am a scammer or it can all be attributed to the fact that I am Russian, for example, but live in the USA. Or how does it happen?
You said that then the order is sent for verification to a specialist. So who is this specialist? The same person, like us, is only trying to protect the store, or there may be some grandmother who is not particularly versed in these Internet. And if there really is someone with brains, then what data does this specialist have, and what can he request from us in order for the transaction to go through?
B: The USA is the most multinational country, so no one there will understand anything. An ordinary store manager can request additional verification, for example, draw a map or call, for this there are services on different forums.
A: I, as I understand it, need to make new mail for each CC, but if AntiFraud notices the mail on time, what should be done then?
B: It is extremely rare to notice this, I myself have not even met this.
A: The order went to the manager for verification. Will I call 100% or can I somehow solve it?
B: Yes, they will call or draw documents will be required, but not 100%.
A: What if you do it by dialing in, it will be more successful?
B: I would not say, now it rarely works.
A: Fingerprint, device fingerprint is the MAC address?
B:https://ru.wikipedia.org/wiki/Digital_Device_Fingerprint
A little about AntiFraud: habr.com/company/payture/blog/250437/
What is FingerPrint: habr.com/company/oleg-bunin/blog/321294/
How AntiFraud works ... Lesson 6.1.
For example, you did it by driving, but for some reason it did not come in. Here's what AntiFraud found out from you, and why it understood that you are a fraudster.
This is an example of only one drive - through DS, so the information can always be different, and it depends on the store itself. But this is just so that you are aware of how strong your opponent is - this AntiFraud.
Data List:
• First and Last Name Billing. Roy Lee
• Phone Billing. 512-750-5839
• E-Mail Billing. *********@carlosrul.com
• Billing Adress. 5502 Blueridge Ct, Austin, TX, 78731
• First and Last Name Shipping. Roy Lee
• Phone Shipping. 512-750-5839
• E-Mail Shipping. *********@carlosrul.com
• Shipping Adress. 5502 Blueridge Ct, Austin, TX, 78731
• IP : port. 97.79.172.134:3391
• BIN or full CC number. 4050371112147141
• Order amount in USD. $ 432.99
• What type of online store is yours? (Giant / Large / Medium / Small) Rather large, as it has orders of this format BBB6159269514
• How to set up the system for you? (Aggressive / Untrusted Client / Neutral / Trusted Client) Aggressive
• How many orders were previously entered in the online store with similar data? (For example, before that you entered one order with the same E-Mail. Then you need to write "1".) 1
• What are you hitting? (E-Gift, Amazon, Ebay, PayPal, Clothes, Appliances, Flights, Food / Alcohol, etc.) Technique Dyson V7
AntiFraud System Labels:
Extreme Risk - multiplies FraudScore.
Medium risk - greatly increases FraudScore.
Small risk - increases FraudScore.
Neutral value - does not increase FraudScore.
Trusted value - decreases FraudScore.
Attention!
Different AntiFraud systems can work differently, not "recipes for the golden rules" are written below!
More> 60 FraudScore - Order Cancellation.
More> 40 FraudScore - the bot carefully checks your order and decides what to do with it.
More> 20 FraudScore - sent for human verification.
The rest of the orders are passed as approved.
FS - FraudScore
# Check Scores #
FraudScore: 79 out of 100 - Risky (Medium risk) [Order will be checked by bot and human, most likely call / documents needed, cancellation possible]
RiskScore: 8.65 - (Neutral)
ProxyScore: 0.00 - (Neutral value)
# Description #
USD> 600 - False (Trusted value)
The order amount is less than $ 600 (Does not exceed the standard transactions of large online stores with appliances), this is good.
The correct Billing address was specified, the distance between Billing and IP is large enough, this is suspicious.
No social networks were found for the specified E-Mail, the used KX usernames were detected. Some IP indicators indicate the use of anonymity tools.
All characteristics of the mail indicate that the mail is fraudulent - left.
The Business number is indicated, the real number is identified, the indicated number does not apply to KX - left.
3 ports are open!
# Check Location #
Distance IP / Billing Location: 73.59 miles / 118.43 km (Medium Risk)
Distance IP / Shipping Location: 73.59 miles / 118.43 km (Low Risk)
Distance IP / New Billing Location: N / A (Neutral) [Specified Faithful Billing]
Distance Billing / Shipping Location: N / A (Neutral) [Bill = Ship]
Ship Forwarder Address: No (Neutral) [Not the address of a known intermediary]
# Billing #
Address Type: Single Family [The specified billing is Multi-Family Residential]
Neighborhood: Lakewood Village [Neutral] Valid Address: Yes [Valid Address]
Billing Country Matches IP Country: Yes
Billing City Matches Shipping City: Yes ( Neutral
Billing State Matches Shipping State: Yes
Billing Country Matches Shipping Country: Yes
Billing ZIP Code Matches Shipping ZIP Code: Yes (Neutral)
Full Name: Roy I Lee III (Neutral) [Revealed full name]
Current Address: 5502 Blueridge Ct Austin TX 78731-2636; 7505 FM 215 Valley Mills TX 76689- 3114; 28343 Willis Rnch San Antonio TX 78260-6056; (Trusted value) [Address identified, KX lives at the specified Billing address; other property identified]
Previous Locations: Austin, TX; Eagle Pass, TX; Rockport, TX; Manor, TX (Neutral) [Former Cities of KH identified]
Relatives: Robert L Lee; Elisa S Lee; Lisa S Lee (Neutral) [Relatives identified; some live at the specified Billing address;]
# Social media #
Username's: royxlee, leer76 (Extreme risk)
Not found either on Billing name with associated E-Mail, nor simply linked to E-Mail (Extreme Risk).
# IP #
User Type: Business (Medium risk) [IP belongs to business; Non-consumer
IP ] IP Country Match: Yes [Country IP matches Billing]
Corporate Proxy: No [No corporate proxy used]
Proxy IP Address: No [No proxy used]
IP ISP: Spectrum Business (Medium Risk) [Well-Known Internet Service Provider for Business]
IP Usage Type: Fixed Line ISP (Neutral) [IP belongs to the cable Internet, the IP provided is not Web Hosting; IP is not commercial;]
IP Time Zone: -05: 00
IP Loc: 29.42412, -98.49363
IP Region: Texas (Neutral) [IP state matches Billing]
IP City: San Antonio (Medium risk) [IP city does not match Billing]
IP Zip: 78201 (Small risk) [IP Zip does not match Billing]
IP Continent: North America [IP Continent matches Billing]
IP Domain: spectrum.com
IP Net Speed: DSL
Proxy / VPN Detection: Not A Proxy / VPN (Neutral) [No Proxy
Usage Detected ] Hostname: rrcs-97-79-172-134.sw.biz.rr.com (Extreme Risk) [There is a given hostname - but no Ping, this indicates that the IP is not a public server, but it can be a private service of anonymity means]
Ping Hostname: 100% Packets Loss (Trusted value) [Communication with host not established, host is down; this is not a public server]
Ping: Two-way PING (Extreme risk) [Proxy use possible] Blacklist's: 0 (Neutral) [IP not found in any of 139 BlackList databases) [IP not found in Blacklists]
Server IP Domain: - (Neutral) [No Domain Found]
# BIN #
Issuing Country: United States (US)
Issuing Bank: CHASE BANK USA NA
BIN Found: Yes (Neutral)
BIN Name Match: Yes (Neutral)
Bin Country Match: Yes
Prepaid Card: No
# BlackList's #
IP Address In Blacklist: No
Email In Blacklist: No
Credit Card In Blacklist: No
Shipping Address In Blacklist: No
Phone In Blacklist: No
# E -Mail #
High Traffic Domain: Yes [Known E-Mail Provider] Free Email Domain: No [Paid Mail
Domain ] Domain Authority: 2 (Extreme Risk) [Domain has no authority] Alexa Global Rank : 0 (Extreme Risk) [Domain has no Alexa rating]
Domain Register: 2018-06-09 (Extreme Risk) [Domain Recently Registered] Updated On: 2018-06-09 (Extreme Risk) [Domain Not Rebought Yet]
Fresh Email: Yes (Trust Value) [Fresh E-Mail]
E-Mail Owner: - (Extreme Risk) [Email Owner Not Found, Does Not Match Billing Name]
E-mail First Seen: - (Extreme Risk) [Your EMail unknown to databases]
Email Longevity: Never seen before [E-Mail did not appear in White / Black databases]
E-Mail Valid: Yes [Mail exists]
E-Mail Address: - (Extreme risk ) [Email address not identified, does not match Billing address]
E-Mail / Name: False (Extreme risk) [Email address not associated with Billing name]
PR-E-Mail: 5 (Extreme risk) [From 0 to 5, a combination of mail address elements is usually associated with fraudulent orders, everything indicates that the mail is left]
# Verify Phone Number #
Type: Mobile [Mobile]
Org. number: AT & T (Neutral) [Known Service Provider]
Registered in: Austin, TX (Neutral) [Same as Billing Address]
Status: Active [Call Available]
Listing Type: Business (Extreme Risk) [Number belongs to a business company / not a work, not a consumer number]
Name First & Last Mobile: Timothy Knetl (Extreme Risk) [Name Revealed, does not match Billing Name]
Current Address: 609 W High St, Goliad, TX, 77963 (Extreme Risk ) [The number address does not match the Billing address, only the state matches]
Owner: Timothy Knetl [The owner of the phone is currently identified, does not match the Billing name]
Valid Phone: True
Spam / Fraud Potential: Low Risk
Explanation: Phone and address are not linked, name and address are linked. The phone is not associated with a name. (Extreme risk) [The link between the number and the KX was not identified, the link between the number's address and the Billing address was not identified; Name and address are linked]
Phone / Name: False [Billing name is not related to number]
Phone / Address: False [Address and number do not match]
Name / Address: True [Name and address are linked]
Based on Adress - Current Phone: (512) 343-7416 - Landline; (830) 438-2501 Landline; (361) 729-3086 Landline; (Extreme risk) [The real city number of the specified Billing address was detected]
# Data B #
Based on Phone - Name: RL TRANSFER ST
Based on Address - Name: RL TRANSFER ST
Based on Address - Phone: 5123437416
# Open Ports IP #
80 (http ) - open, low risk, using Web Proxy is possible.
3390 (dsc) - open, extreme risk, Dedicated Server can be used.
3391 (savant) - open, extreme risk, Dedicated Server can be used.
Terms:
Billing-address - the address to which the card was made (registered).
Shipping address - the address where the parcel should arrive.
A fake, Drop is a drop. This concept almost always means a person or an office that takes on all the most important risks that we do not want to take for obvious reasons. Quite often they plant and catch.
An intermediary is, relatively speaking, a delivery service or mail that can deliver goods to us or send to a figurehead. Ideal if we want to send goods to ourselves in Russia.
The dialer, the call is a person with good English (any foreign language you need). Needed in order to call the post office, bank, online store, anywhere else. Used for a variety of purposes.
The basic concept of driving. Lesson 7.
Let's consider the basic concepts, a few points and along the way I will say what we need to practice. The first and main region of work is the United States. We will consider their features.
The first and main feature of work in the United States and, concurrently, the main problem is AVS (Address Verification System). The system that recognizes KX addresses, it is triggered during the ordering process, this is, one might say, the central mechanism of AntiFraud in US stores
Code:
4037840052172271 | 2024 | 11 | 475 | Jonh | Doe | 2970 Park View Drive | [email protected] | United States | U.s. Bank National Association Nd | IN | Columbus | 47201
2970 Park View Drive United States IN | Columbus | 47201
Here we have a street and a house, a state, a city and a ZIP (also known as a postal code). The essence of the AVS system is in verifying the Billing address. They verifies the Billing we specified with the one recorded in the KX bank file. Bank file - a file in the bank that contains information about KH. It is the BILLING address that is verified, that is, the Shipping address is not verified by the AVS system, but we cannot always send to different Billing and Shipping addresses, and in general, stores have a negative attitude towards this. The important point is what exactly the AVS system checks. She only verifies the numbers from Billing. That is, from here - 2970 Park View Drive United States IN | Columbus | 47201. It will match 2970 in the Address Line and 47201 in the ZIP. The letters are not matched.
There are two methods of driving:
BillShip - Billing = Shipping
Bill not Ship - Billing =! (Not equal) Shipping'у
BillShip means that when driving, we enter the same addresses, both in Billing and in the Shipping address. This can be either sending a parcel to the KX address, or (If we managed to change the Billing address or there is simply no AVS in the store), we indicate Billing from Drop \ Intermediary and Shipping, respectively, too.
Bill does not equal Ship means that we enter different addresses, in the Billing address from the card, in the Shipping Drop / Broker. There are stores in the US without AVS, but there are quite a few of them. Also, there are those that only verify ZIP.
What algorithms for driving in all these situations can be:
1. Driving in different addresses. That is, Bill is not equal to Ship.
That is, we enter Billing from the card, and Shipping from Drop \ Intermediary. The option is not the most reliable
but a worker. It is paired with some additional body movements. Here it is important to warm up the store in advance, write technical support, for example, and explain that we temporarily live not at the main address. There can be many reasons - repair, fire, hurricane, whatever, as long as it is believable. And after that you can already drive in. Also, in such a situation, they will most likely then be asked to call or request documents. They can be drawn, and in the case of a call, you can ask to dial to the store and confirm everything. With this type of work, it is very desirable that the ZIPs of the Billing and Shipping addresses are as close to each other as possible, this increases the level of trust and AntiFraud does not throw such a brutal amount of points on it as for different states in opposite ends of the United States.
2. Possibly in stores where only ZIP is checked.
This can be found out by breaking through there by working off or any SS in advance. That is, we drive in Billing and Shipping any that matches the real ZIP'om from the card, and try to place an order with the smallest product. That is, ZIP with CC, the addresses are left, but under this ZIP.
Options after that:
- Can immediately knock out an error that the address is incorrect, then a reconciliation of all numbers.
- Can accept payment, but refuse the letter, say that the address does not fit.
- They can send the goods.
If the goods have been sent, then the store verifies only ZIP. Well, in fact, it is not the store that checks, but the payment system. If we find such a store, then we take the CC with the ZIP'om, as in the address of our Drop'a or the intermediary, and drive it in. That is, ZIP KX, Drop or intermediary addresses in both Billing and Shipping.
3. Driving European cards into American stores.
We can take a European card and drive it into the US store. The AVS system will not be able to verify such Billing, therefore BillShip is also using such a billing.
Here either:
- They will refuse under the pretext that we cannot verify your address, pay with another card or PayPal.
- They will ask for documents, they can be drawn.
- They will send the goods.
4. Enroll
This is access to online banking, like Sberbank-online, for example. In many Rolls, you can change the Billing address. There will be a separate lesson on this topic. After the change, respectively, you can drive in with BillShip.
5. PickUp, Rerout.
The essence of PickUp is driving BillShip into KX, that is, we hit the goods to the address of the card holder. When the goods get there, using the PickUp service and a call, the parcel is intercepted. This is also a topic for a separate lesson. Rerout is similar in its mechanism of operation, but here the message is not intercepted, but redirected.
As for AVS, this system can check the phone. This is not often the case in payment systems, but it happens. Here the way out is to take the SS with the data on the phone and drive it in as it is, and then either call with the substitution of the number and ask to make a call some time after the order, or flood the KX phone.
For example, through this service - ebomb.biz
Mail and phone spam:
just-kill.cc
ebomb.biz
@@ Serggik00
@BlueSunset
Credit Cards (Buy):
bankomat.cc
fe-acc18.ru
validcc.su
27kaqicipyhous2p.onion
UNICCSHOP.MN
approved.xxx
bingo.hi.cn
carderbay.com
uniccshop.bazar
clevershop.cc
hustlebank.com
thebulldog.vip
cvv-me.su
freshbay.cc
entershop.uk
pluscc.mn
rescator.cm
validcc.ws
briansclub.cm
Check CC:
undef.su
Intermediaries:
my.meest.us/en (America)
pochtoy.com (America)
posredniki.info/category/usa/ (List)
shopopoisk.ru/posredniki/ (more list)
Number service (VOIP):
evoice.com
gvoice.pw
textnow.com
Or just buy GoogleVoice.
Rerout:
@Researcherwwh (UPS, Fedex)
@rasmus_call (Fedex)
@Nika_Nikola (Female voice - Nick)
@fbi_call
@ dark68
Interception Service (PickUp):
@ ninjablack63
@HotChiliMe
@ MoonService2
Frontman / Drop's:
@NormanSpears
@ Project_13
@ARENASERVICE
@leon_support
@ bocman11
@dolbim_us
@vikontesssi
Prozvonit (Calls):
@Malfey_Prozvon
@brabus_call
@Mr_Gruffelo
@VeeChe
Drawing documents:
@ meyer1ansky
@Angedaniya
@ Serggik00_Otrisovca
@getla
@docerfake
FAQ:
A: Is it somehow clear that the store does not have ABC? Some kind of badge? Is it reasonable to immediately write in those. support? In the sense that at first you try to make a purchase, you fail, and only then write in those. support with indignation and anger, then solving all other problems. Silly question, but which method is the least expensive, but at the same time the most profitable?
B: No, it is not visible, only by tests. About writing in those. support - yes, these are impossible situations, they are resolved before the purchase.
A: 1) If we hit the European card in the US, then BillShip of a European country? That is, international shipping is required? 2) If the payment system verifies the phone, then we do PickUp / Rerout on BillShip KX, or just specify the phone number and then flood / call?
B: 1) BillShip Drop \ Broker. 2) Depends on other circumstances, but since it verifies the phone, then everything else also verifies.
CC shops (Credit Card). Lesson 8.
Let's analyze FESHOP - fe-acc18.ru. Go to your account. There will be nothing complicated, but we will analyze the structure of the stores. We need a CVV's section. As you can see, it has its own filters, using which we will select the SS precisely for our needs. BIN's is a window for searching CCs by their BINs. In the process of driving in and gaining experience, you will form a list of good, read, those who go into stores, BINs. You can write any BIN and check if there is CC in the store for this BIN.
440293 - We drive in how many cards did you find? Lot. In addition to BIN, we can select by country and state, and so on. This is useful if we are looking for a CC for a specific IP. Ideally, the IP should be the same as the CC ZIP.
What is Base in your opinion? Right. Base. Maps are mined in different ways and added to the site at different times, from which they are divided into bases. May be by date of addition, by country.
Most often mined by SNIFF. SNIFF databases. SNIFF is a software (Software) that intercepts CC data, usually hang it in stores, collect data and sell it. Also, in the description of the base, it is stipulated that the SS is without a name or address, or additional information. Pay attention to which base you buy the CC from - this is important. It happens that there is no AVS in the store, then CC without an address will suit us.
By the way, I will give you one VPN service, it is without AVS - tunnelbear.com/download
You can drive a VPN into yourself by checking the CC. CC without address is usually cheaper. In some stores, for example, JOKER, Valid bases are also indicated.
The percentage of validity of the base is found out as follows, they take several dozen cards from the base, run through the Checker and get the percentage of Valid. If the database is fresh, then it is logical that there is more Valid, but this is not always the case.
Choose any base. We see the Check time column. What's in it?
BASE HASN'T REFUND - time for checking is not given. Irrevocable. Bought everything, even if not Valid.
5 MINUTES TO CHECK - given 5 minutes. Bought, hammered in, did not enter. go back to the store, check on the store Checker, if not Valid, then the money will be returned. For all 5 minutes. We draw a conclusion from this, before driving in the SS, everything must be ready for driving.
In fact, it is best to buy CC with a refund, because no one will give you guarantees that not Refund 100% Valid will enter easily.
Each store has its own search engines, some have more information, some less. Pay special attention to the Level of the card, that is, its status. If the store does not write what level of the card, then you can punch through the BIN.
Prepaid, Business, Gift - These levels are right by. Focus on Classic, Gold, Platinum. Sometimes Premier, but the first three are better.
Also, you can also note - validcc.su (registration costs $ 200, if you have an invitation, you can get it)
Now they are complaining about Valid. Be more attentive.
I also note that it is easier to search for SS under IP. And finally.
Assignment:
If you have funds, then register here and purchase LS (Linken Sphere). You can buy for two or three, it works quietly and does not crash. The subscription costs $ 100 per month.
Warming up the store. Lesson 8.1.
Warming up the store means communicating with it - SI (Social Engineering). What categories can be divided into communication:
1. Communication via Email.
2. Communication via Live-Chat (it may not always be available, depending on the time zone)
3. Communication via the phone.
Now about each item in more detail.
The advantages of communicating via Email - you have the opportunity to prepare your questions / answers in advance, build a certain strategy for your communication, predict it to some extent, but there are some drawbacks here, namely that the store can respond within a few days. Here you need to take into account that due to a long wait, the obligations of the seller who sold you the CC (By Replacement), of course, will no longer be relevant. In this case, you need to warm up the store in advance and only then buy the material.
Communication via Live-Chat. Pros - no need to wait a day / two, as in the case of E-mail, all communication will take no more than 10 minutes, after which you can start the process of driving our SS.
I must say right away that for those who do not speak English well enough, I recommend using the Yandex translator. The rest make the translation crooked and not very natural.
And, of course, the best product can be taken out if the store is warmed up through the bell. Even in those cases when, it would seem, there is no longer any hope of breaking AntiFraud with the first two options, a competent call by you personally or through a service that makes calls will play a decisive role here.
Let's take a closer look at different situations. As we all know, the United States is famous for its natural disasters and a sense of compassion and tolerance for everyone, without exception. So, in the USA, almost every month, nature arranges another test. Usually these are fires, floods, hurricanes. And this news is always spread all over the world - and we must follow it. There is such a thing, Americans are kind people and are always ready to come to the rescue, to go to a meeting. Therefore, we find the material (SS) of the state, in which the trouble happened, and write to the store that we have become a victim of a disaster.
And then according to the situation. The house burned down, along with a laptop and phones, so I am writing from a friend's or relative's PC. Ask the manager to pick you something in the middle price range (PC or phone of some kind) and ask to send it to the address of a friend or relative, since only a torn American flag remains from your house. The options are different, it all depends on your imagination. Follow the news and give it a try. He also works with Canada. The people there are also extremely friendly.
In Canada, too, AVS, plus they can request drawing or other verification. If you do everything as asked, they will send you, then everything is fine.
Now how to do it is not worth it. Forget about gifts, departures and other too primitive stories and fairy tales. Be original and convincing.
I had a case that a complex store wrote me a letter after ordering. From the series, why are you sending here to different BillShips, and I said that my house had termites, now disinfection (This often happens to them). I live with my relatives and all that.
Do not forget that the manager is sitting at the other end, and he is, first of all, a person with a bunch of everyday problems, just like yours. Also, good topics are bachelor / bachelorette parties, family showdowns (quarrels, divorces, infidelities). In general, fantasize and go ahead. You can send to a dummy person (Drop'a, dummy person) and to an intermediary, as you like.
Now about another driving method. Driving through the form. This form is called - Authorization Form. So, we go to the store, walk around the store, add the product to the cart. When we have reached CheckOut, we write to the chat that we cannot pay. Like, I click on CheckOut and nothing happens. You will be prompted to clear the cookie / restart the browser, this is the standard.
You are like that, you have tried everything, but nothing has changed. We reach CheckOut again, and write again. You ask what other payment methods are there. In response, you may be offered: PayPal, Bank, Form or drive for you. We are interested in either the form, or by hammering in for us. If they give you a form, then you need to fill it out - enter the CC number, full name, address, the amount to drive in and the name of the product and send them by e-mail. You can do it yourself if you have a printer and scanner.
You can order a rendering.
The second option, driving in for us. The store manager himself will beat the CC and send us a check to debit the money. So, the obligatory rule of payment in the form is that you must send them a photo of the SS from both sides. It is better in this case to beat the European SS, since the cancellation will go on for a couple of weeks.
Driving in with a form, as well as driving in with a call, is an Offline purchase, that is, the store does not see the settings of our PC and AntiFraud will not work. If you are more or less fluent in English, then my advice to you is to learn how to speak English on the phone with shops. Just call and talk. And in a couple of months you will be able to easily place an order by phone without paying calls - you will save a lot of money. Of course, the first times will be difficult, but everything comes with experience. Over time, you will drive into the lung with your voice.
And yet, a couple of tips. Let's say we have a store with a watch. Before calling, create the atmosphere of the fact that you are in the United States, turn on the TV in English in the background, preferably louder so that you can definitely hear it on the other end. Or radio. In general, something in English. Further, let's say the watch costs $ 1,500.
We walk around the site and find a review about our watch. And when we talk to the manager, we say that my friend bought a watch from you. I really liked them, and I would like to buy the same for myself or give it to someone. Only I don't know the brand of the watch. And then they drove, the manager starts guessing the hours that we want, according to the parameters that we gave him. And in the end it offers exactly ours. And then, having already driven in by phone, goes: Billing address, card number, and so on.
Don't worry about the accent. America is a country created by immigrants and everyone has an accent there. Of course, at first you will be faced with the fact that you will not understand what you are told. Refer to a bad connection, ask for repetition. Watch TV shows in English, helps to quickly master the language.
I recommend calling from the Sip-System service to change the number. That is, when they call the store, they will see the number we need - the KX number.
FAQ:
A: These three warm-up methods are specific to online stores. And what is the principle, say, on Ebay?
B: In the case of Ebay, we can also use email communication with the seller, you can also pre-add the products you are interested in to the basket, and after there, for example, 3-5 hours try to punch them.
A: Isn't the topic of cataclysms outdated yet?
B: This topic will not become obsolete until the cataclysms stop, which I highly doubt.
A: How to understand when you need to warm up the store when driving?
B: It is almost always necessary, it will always be useful. Of course, it is possible and warming up, but the chance that it will be possible to drive in is somewhat reduced.
A: Is the purchase of a cheap product, for example, $ 100, considered a warm-up for the store? That is, after such a purchase, the store's confidence in us will be greater and it will be possible to place an order for $ 1000 already?
B: Yes, of course, if you entered not from a guest, but from an account, then a Feedback is generated after each order, which has a beneficial effect on the next orders.
A: What if you ask for a photo of the card from both sides? Will they be able to draw this?
B: Yes, they will do it in 5 minutes. It's not very difficult.
A: If you drive only one store constantly, does it make sense to come up with a new story each time, or is there enough of several options?
B: Depends on how big the store is. If it is large, then no one will remember. And it's better, of course, to try to talk to different managers.
A: Does it make sense to drive in every little thing to the KX address to warm up the store?
B: It won't be superfluous. I do that sometimes.
A: If you enter a name that is on the intermediary, and not KX, there will be no suspicions?
B: Depends on the store, how strong AntiFraud is there.
A: Where is the best place to watch the news on the USA / Canada?
B: On major news portals like CNN and so on.
Mediators. Lesson 9.
The first thing that is important to know and remember about intermediaries is a completely white legal entity.
Also, it can be called a forwarding service, but this is less common. Usually, an intermediary is an official office that provides services for the receipt of goods and their subsequent shipment. Services are offered to residents of Russia, for example, so that they can order goods in America, even in stores that do not involve shipping to Russia.
Or, where delivery is very expensive. More expensive than the product itself. So, if I live in Russia and I need to place an ordinary white order in the USA, but there is no delivery, then how do I proceed. I go here and choose an intermediary for myself - posredniki.info/category/usa/.
For us, intermediaries are also very useful, but since this is a white organization, you need to be careful not to lose your package. Popular ones like ShopFuns definitely don't take.
And before choosing, we look for the type of intermediary + Carding, because such a request will help to check if there is any information on intermediaries in other forums, or on the intermediary's website there may be a whole canvas about our craft and how they are fighting it , such we bypass.
After choosing, we register an account. There are two ways to go here, both are normal. Register for your data or register for someone else's passport. Not all intermediaries require any documents at all, but those that do do so without fail. Or they may already ask for documents before deportation. The intermediary itself is, in fact, a warehouse with cells. There you can save up your parcels and then collect them into one and send them.
If you register on the left data (someone else's passport), then immediately buy a complete set of documents, so that there are no problems with drawing (passport - both pages, SNILS, documents for payment of utilities - gas, water, electricity). That's all, buy a VPS server or just SSH tunnels from which you will always log into your account. Also, make yourself an account in PP (PayPal) on the left data, link it to this intermediary.
A couple of examples of popular intermediaries:
meest.us - quite good for work, loyal to names other than the account name - more on that separately.
fishisfast.com - I personally had problems with them, but I know that some of them work successfully.
mainbox.com
pochtoy.com
After registering an intermediary, you are given an address in America or two addresses in different states. For example, they registered an account in the name of Mikhail Bakunin.
You get the address.
The physical address here is 600 Markley St. Port Reading, NJ 07064. And your cell number Suite 098489. We
register intermediaries strictly in Slavic or Caucasian names. Some intermediaries are loyal when parcels come to the left name. It is quite convenient. Depending on the intermediary, after the goods arrive, they are accumulated for a certain time there for free. Usually a month or two.
Regarding payment for the services of an intermediary - only in white money. The intermediary's account can be blocked, for example, if a store has contacted there, but in some cases you can
agree and pull out an account. But these are not common situations when they block about different names. It is advisable that more than two or three different names do not come, there may be questions further.
There is also such a thing that they can steal your package if they see different names. There are moments like that sometimes. Because, as the parcel arrives at the warehouse, and there it is already distributed to the cell by a person.
FSB notification: portal.eaeunion.org/ru-ru/public/main.aspx
Recommendations for working with an intermediary:
1. Do not send a million parcels immediately after registering an account. Take a week, and preferably all two. Send 1-2 packages per week. And gradually increase the amount. The swing rule works here, as in many other topics.
2. Clearly study the rules of the intermediary, this will avoid the loss of parcels.
3. Start a portable browser for the PP and reseller accounts, and work exclusively with it. Cookie is our everything.
4. Do not overload the intermediary with expensive packages. It is better to create several accounts, and send a little to each one. No normal person will buy 10 expensive phones for themselves in 10 days. Remember this.
5. Do not use an intermediary to drive in expensive equipment, it is better to use a figurehead. This way you will not kill your account if canceled.
6. When driving in, indicate the left phone number or ГВ (Google Voice). It is not worth writing the phone number of the intermediary or KX.
Recommendations for sending goods to yourself:
1. Do not exceed the customs limit (for Russia) 1000 EUR or 1200 USD per month - for one parcel. That is, if you indicated that the goods are in the parcel for 1200 USD, then this month you will no longer be able to send the parcel to the same name. He will barge in at customs, and you will wait for a new month to go through customs.
2. To be clearly aware of the indicated prices for goods, links, as well as FSB notifications. For example, an IPhone X came to the intermediary, your task is to do the following: write that the product is used, set the price 2 times lower than for a new product, find the model allowed for import by the link (portal.eaeunion.org/ru-ru /public/main.aspx) and indicate the FSB notification number on the intermediary for this product. To search for models, I most often use EBay, 90% of intermediaries are happy to accept such links.
3. Always underestimate the value of goods for clothes. For example, if you send Nike sneakers for 300 USD, write that the sneakers are Nifi and indicate the cost of 30-40 USD. I always do this. The same applies to bags, pants - in general, all things. Always rolling. Because no one will bother and set a clear cost of things.
4. As for the watch - please open the box and send the watch separately, the box separately.
5. As for jewelry - we write that it is jewelry. And you should not put a lot in the package. It is better to send the chain separately, the ring separately. I recommend sending jewelry with a bunch of clothes, there is less chance of customs being burned.
6. Equipment to send 2-3 items in the parcel. For example, one IPhone + one PS 4 + one
video card. There is no need to cram 10 items of all goods into one package. Remember that if there are 5 or more of the same items in the parcel, then you will fall under a commercial consignment, and then you will lose the parcel. Since they will ask for invoices, account statements and so on.
7. Do not store up parcels at an intermediary, especially valuable ones. IPhone / IPad / Rolex came to the intermediary - send it right away. It's better to pay extra 60 USD for shipping than to lose everything.
8. Pay the intermediary only with your own money. No carding. Do not cut the branch you are sitting on.
FAQ:
A: 1) And how to receive the goods if you made an account for another passport, and not for yourself? 2) How do shops treat intermediaries? 3) We are only interested in intermediaries who are loyal to names other than orders (that is, so that the account name in the intermediary is different from the name in the order? It turns out that the name may not match twice - in the order and account, in the account and yourself Is it possible, in this case, to register an account on Drop'a in Russia in order to remove at least one discrepancy? 4) What to pour into the ears of stores about the difference in names with the order?
B: 1) You can send to a different name from the one that is registered. 2) Moderately negative, but if BillShip, then no problem. And if Bill is not equal to Ship, then they may be asked to clarify the situation. 3/4) Stores do not verify names on the map. Only numbers. With the exceptions when stores manually check everything and ask for a name and similar data, this is only in the largest stores.
A: 1) White money - how is it? 2) We get out of the situation with several names for one account - just register more accounts?
B: 1) Regular money. 2) Better a helmet with the same name.
A: Is there any risk when receiving goods in Russia?
B: No, everything comes out smoothly and cleanly from the mediator.
A: Conditionally, we drive into the CH, and the helmet on ourselves to Russia, it turns out that there will be several parcels on the account driven into different CHs, is this normal?
B: How will they end up there? If we drive into KX, and the helmet goes to Russia?
A: That is, you can specify the name in the store when ordering, like Petya Petrenko with a US map? We accept it for an intermediary, where is also Petya Petrenko, and the helmet is for Evgeny Krasnopolsky (On us)?
B: Yes.
Note:
As for the bundles for working with tunnels, this is either Bitwise \ Plinker + Proxifier, or Bitwise \ Plinker + Firefox itself, or Double SSH Manager, or sphere. All these bundles allow DNS spoofing. You will need Linken Sphere, CC, SSH Tunnel \ SOCKS
A little more theory. If you take from a base where there is time for Refund, then keep track of the time in order to have time to send the card for verification, if you have not entered. The services that you will hit, you can simply take material for the state, but in the future it is better to search generally under ZIP. Before taking the SS, if we see the name of KX, we register mail in advance in his name. Gmail, Jahoo, AoL, Outlook - there is SMS. Mail.com without SMS, is suitable for simple typing,
there is also a choice of different domains. To accept the SMS code when registering mail, you can use the service - simsms.org - it's cheap there.
After we will register for those who have never driven in at all, I advise you to start with driving in skype.com
How to drive in Skype. Driving first. Lesson 9.1.
So. The procedure is standard, as with any driving:
• We buy CC USA, Visa or MC.
Find the SOCKS \ SSH tunnel under the city \ state of KX.
• If desired, check for RiskScore.
• We check on Whoer.net in IP blacklists or not.
• We set the time zone for the state (It is the time zone, and not just the time we translate).
• We register mail under KX. I register every time on mail.com (Many people ask if it is possible to use purchased mails. Here, at your discretion, someone uses such mails, I personally always register under Skype, especially on mail.com it takes less than a minute of time) ...
If everything is ready, let's get down to business!
• Go to skype.com and click on Sign In.
• Click on Create an account.
• We fill in all the data, the KX phone number with a few modified digits.
• Specify the desired username / password, leave a tick on By email, fill in Captch and go on.
• The account is registered. Now let's open a loan. Click on Discover credit on the left.
• Next, click on Add credit to your account.
• Choose the size of the loan. Do not tick the box "Automatically replenish the loan with a low balance"! Click further.
• We indicate the data of the CC with the SS and click on.
• Select Pay by card as a payment method, enter the CC number \ validity period \ CCV-code. We agree to the terms by ticking the box and click on.
• If the CC is alive and Skype has accepted it, we will see the following message. If the card is dead, you have 2 options:
1) Start the whole process with a new CC, after cleaning the system with CCleaner.
2) Just take a new SS for the same state and drive it in right there (In this case, the account can be blocked, or it will not live long).
• $ 25 was credited to our account.
• Scroll down the main page of your account and click on Purchase history.
• The Delivered status indicates that the payment has passed, the Refused status - that the payment has failed. Next, click on Stored payment details. Next, in the next step, click "Delete" in front of our card and agree to this action. That's it, the card is unlinked from the account.
• We return to the main page of the account and scroll down again. Click on Skype Number.
• Click on Get a Skype Number.
• We choose the country you need.
• Next, select the state / city. A list with available phone numbers will appear, select any and click buy.
• We choose to rent for 3 or 12 months, depending on the size of the balance on the account.
• We put a tick and buy a subscription (We agree that the money for the rented room will not be returned).
• Subscription purchased.
• On the main page of your account, click on Caller ID.
• This section will display all your purchased numbers. A check mark opposite the number indicates that the person receiving the call will display this number.
If you call from another number, uncheck the box in front of the current number and put it next to the required one.
If you are friends with spoken English, then record a voice message on an answering machine without any problems.
Launch skype and go to Tools -> Options -> Calls -> Voice Messages. We press the record button and speak into the microphone.
Otherwise, refer to calls.
Personally, I don't balance my account. I immediately buy the number I need and don't untie the card.
I also fill in all the data in the KX profile (City, state, etc.) as much as possible and put an avatar in Skype itself.
One CC = one account! Don't drive this CC anywhere else! Leave it to top up the same account.
My record for account survivability was 5 months.
Okay, let's continue. We take the SS under the tunnels that are, register mail and start. If they have hammered into Skype, then our next goal in practice is teespring.com (now it is quite hard and tight to drive in, but you can try).
The site is designed in such a way that there are many campaigns, from different people, during which money is collected to print this or that picture on a T-shirt. We are interested in those where there is the least time left before printing. At TeeSpring, the less time, the faster our order will be generated. You do not need to register. If it has been driven in, then the order number will be sent to the mail. The order number is not the track number. After confirmation, we are waiting for the track, how it will be given out, you can drive this CC into another store.
What CC we don’t take:
1) American Express, Discover - We don’t take any.
2) Prepaid, Electron, Classic, Standard.
3) Major bank cards - Bank of America, JPMorgan Chase & Co, CITIGROUP INC, Wells Fargo & Company, Goldman Sachs Group, Morgan Stanley, Metlife, Taunus Corporation, HSBC North America Holdings, US Bancorp.
4) Desirable without VBV. (SMS check)
What you need to buy before work:
1) Pure IP = $
2 2) CC = $ 15 (Yes, expensive. From my own experience I will say that almost always, if it is very cheap, then it is junk and useless. Therefore, everything is better However, the high price
is not a guarantee that a lot of money will lie on the SS, and the SS itself will be without any protection)
3) SMS for mail registration = 0.25 $
4) Call = 10-15 $
5 ) SSN + DOB = $ 5 (This will be discussed further)
6) Scanning / Rendering passport = 2 $
7) Redirection = 40-50 $
8) Interception = Expensive.
9) Flood mail / phone = 5 $
10) Payment of the intermediary = Depends on the product, its quantity, and so on.
As you can see, we have a very expensive craft, so it is very important to come here with at least some free finances. At one time, I just put it off from work. Maybe these numbers do not inspire confidence, but I will say this - one successful drive will cover all your costs tenfold. Here the snowball works correctly. If it turned out once, then it will turn out the second, and very soon the third, and immediately overwritten the fourth.
Therefore, we must work and fight!
How to get into a really good store? Lesson 9.2.
First of all, we prepare the system, I use VMware Workstation 11.0.0, with Windows 7 x64 Home Premium installed on it. (Mandatory English (EN) version) Allocated 4GB of RAM and 4 processor cores for the system. HDD - 80GB.
After installing the system, go to the firewall settings and set a ban on ICMP traffic on the Base and the Virtual Machine.
In the search bar or in Menu-> Run, enter the command firewall.cpl and press the Enter key - and in the advanced settings, create a rule to deny.
Lyrical digression is important to understand:
Imagine some Steven from California who wants to pay for an Iphone. He enters a store, then another, reads, looks at reviews, sees a shopping cart, registers an account and pays. Steve doesn't track his IP, doesn't pump DNS, he logs in and pays. Stephen does not need to gain the store's trust, read entire threads on forums before buying something for himself. So, how can we seem to be Stephen and not Vladimir in the eyes of AF.
Ports
Imagine that you are AntiFraud. Sit looking at orders and here someone wants to buy from you, who have 80, 443, 3389, 22 ports open. Only by looking at these ports is it already clear what this man is up to. Stephen wouldn't pay with DS, SSH tunnels, SOCKS, proxies.
Solution: use DS with no visible ports or SSH tunnel with non-standard port
Two-way Ping and belonging to a hosting provider
Two - way Ping makes it clear that we have SSH tunnels, VPN, SOCKS over Ping and the time difference received in the loop.
Solution: Close ICMP, or change such a tunnel / SOCKS, or add TOR in front of the SSH tunnel (I haven't tested it, but I've seen such a solution).
Belonging to a hosting provider - I think it's clear here, we don't use SSH tunnels, SOCKS, VPN hosting providers, consider that if the IP belongs to the host, then it is on the black lists.
Webrtc and DNS
There is a lot of information on preventing these leaks, I will not duplicate them 1000 times now. Just remember to check and fix them. In my case, I cut off WebRTC in the Firefox settings, it is better to replace it - this is a more correct solution.
Flash
Of course, we turn it on, because we have nothing to fear and we went to pay for goods from our account. In general, turn in Flash - don't arouse suspicion.
With Flash, you need to be extremely careful, downloading the flashplayer to your PC (We use Anti-detected or DS) is the same as deliberately launching a virus into the system. Don't forget about your OS language and time zone.
Tab history and refer
Used by AntiFraud to see a list of recently visited sites. It's all just no whoers and other suspicious sites.
Walking on Google and Facebook, imitating Steven's behavior.
Refer - determines which site we came from, so we go, like all people, from Google.
Tab name
In short, with this parameter AntiFraud sees all open tabs in your browser in real time.
Imprint Audio
audiofingerprint.openwpm.com - test.
I checked it on the main OS and on a virtual machine with LS - the prints are the same. I have not tested it on DS yet.
Imprint Audio can really hurt you in two cases:
1) Deanonymization. Let's imagine that you go to the PP website and they take an Audio fingerprint. Further, after a successful case, you turn off the virtual machine and go to Youtube or Google, even worse if to social networks, and all these sites also take an Audio imprint on you. Deanonymization will look something like this:
"20:00 fingerprint 2a3b4c5e went under IP 192.168.0.1, 20:30 fingerprint 2a3b4c5e went to youtube under IP 192.168.1.100 (the IP from which you went to Youtube)"
2) PP or other sites using this fingerprint can see that they already had you. Solution: Look for how to replace it.
Uptime and Os fingerprint
Uptime is the time your VPN, SOCKS, SSH tunnel is online. Agree, it's strange that Stephen's PC has been working without rebooting for half a year.
Solution: Go to the SSH tunnel console and write reboot.
OS fingerprint - in simple terms, each OS has different packages. That is, when you use an SSH tunnel over Windows, it turns out that you have packages from Linux, and User Agent from Windows.
Solution: Anti-detected / Do not use such an SSH tunnel / Raise the server on the OpenVPN SSH tunnel and write the line mssfix 0 in the server and client configurations. (I have not tested it, I have seen such a solution on the network)
As a bundle, I use: Bitvise-SSH -Client-6.08 + Proxifier + FirefoxPortable
And now, step by step, as I hammered in:
1. Took an SSH tunnel with non-standard ports and requested their ZIP.
2. In parallel, under ZIP, I looked at the maximum matching cardboard by ZIP, and the nearest neighbors, comparing it with the BIN that we had. In the end, I decided to take a chance and took WF Bank, since CC and ZIP matched 100%, and the rest of the banks did not inspire confidence under the one they liked, initially I knew that I would change the password on VBV.
3. Taking the SSH tunnel, I checked it only for 3 main parameters, for the presence in black sheets, IP-Ccore, lack of VPN visibility. FraudScore gave me 70% and a proxy was seen.
Accordingly, Score <= 70, VPN is not visible, TOR does not see, there are no black lists, IP-Score 0.16, AT&T provider, you can work. Rebooted SSH tunnel! (It hasn't rebooted for 122 days!) - You can reboot through the Bitvise terminal panel. Uptime - we look at the time of the SSH tunnel (and we are surprised (or not)) Reboot - we reboot it. I paid 140 rubles for the tunnel.
4. As we know, to check the validity of the CC we are given from 5 to 15 minutes, in my case on the JOKER, the time for checking is 15 minutes. Before opening the card details, I prepared everything for driving an E-gift Card into Ebags.com (I checked the payment system, looked at the rating), registered my mail at aol.com, registered the number at textnow.com. For about 15 minutes
he behaved like a “buyer” on the site, looked at products, read reviews. Asked a couple of questions to support. An important point, I went to the site through a Google search query bags + card intext: “cart”, I inserted a Gift-card on $ 50. Everything has gone - it means the Valid card. I gave $ 12 for the SS.
5. After driving in, I let the map rest for several hours, went to punch my KX, but then the first problem arose. My KX was not found in the SSN database. Having broken through did not give anything, search for services too. I went to mylife.com and at the address, first and last name, I found my KX. Having driven in $ 1, I opened all the addresses where he lived, made sure on his social networks that DOB was correct and with this data again went to the puncher, the result - SSN was found. I gave 400 rubles for the service.
6. I went to the site: secure2.es.arcot.com/vpas/wellsfargo_vbvisa/enroll/index.jsp?locale=en_US&bankid=932
Now knowing all the KX data, I easily changed the password on VBV and indicated a hint.
7. I walked for a couple of hours on Google and went to different stores with Apple equipment, looked through the products and on one of them followed the advertising link to NewEgg (The browser should have eaten up useful Cookies beforehand) I will repeat from the tips above: you should not go shopping for the purpose driving in if your browser has eaten whatleaks and whoer Cookies or other
dark gray services. I came across an SSH tunnel whose ISP was blocking these sites! Either clear the cookies or use a second browser to check. It is also not worth keeping the same gray services next to each other in the tabs!
8. Threw everything into the basket - BillShip on KX drove Iphone XS Max 256GB
9. Got a track, BUT! After waiting for it to appear in DHL on Demand, I found out that the sender indicated the wrong phone number and I could not change the address without SMS, under PickUp in that area there were only services with which none of ours worked.
10. I wrote to the technical support chats for a long time (And then there are the holidays) 5 times wrote to both DHL and NewEgg, but they threw up their hands and told me that only the one who sent the half-message can change the phone data. The sender was Vipdomo from Spain (As I understand it, NewEgg has partners who post their goods on their site). He never answered. Well, okay, the last hope was for the FBI Call - which rang DHL and they changed their number to mine at textnow.com. He entered the DHL on Demand panel and changed the address and ZIP to a figurehead (Drop). Attention! You cannot change the name of KX to the name of a dummy, you will not receive a payment for such a trick, since you will kill the dummy. The name can be left either KX, or any other, but not a dummy person! I gave $ 4 for the service (I gave him a little for a good job).
11. The package now goes to the Don't Worry Be Happy Drop-service (dwbh.us) - in it you need to register an account in advance via Jabber and add dummy people (Drops) to your panel in advance.
And yes, I advise absolutely everyone who will engage in our craft seriously and with all conscience - to make tables for themselves to work with. It is possible in Excel - no difference.
A table in this format:
• The date when it was driven in
• The CC store, where the card was taken from
• The store where it was driven in
• CC country
• Card type (Level, Credit / Debit)
• BIN CC
• CC bank
• How the store was warmed up (if warmed up at all )
• How did they do it - from a virtual machine, from Linken Sphere or from DS. Here is how the system was set up in general
• Alexa rating
• Phone KX
• Order amount
• Delivery method
• Primary result (whether it was canceled, immediately refused, or everything went well)
• Track number
• Full explanation
A small note so as not to ask stupid questions and not be shocked. All reasons for cancellations and refusals:
• Refer to card issuer. (You need to call the bank to complete the transaction)
• Invalid merchant. (Invalid merchant ID)
• Pick-up card. (The card is blocked by the bank due to fraud)
• Do not Honor. (The transaction was rejected by the bank without any explanatory reason)
• Error. (Unknown error on the bank's side)
• Pick-up card, special condition. (The card was blocked by the bank due to fraud)
• Invalid transaction card / issuer / acquirer. (The payment system does not accept cards of this bank)
• Invalid amount. (The amount has exceeded the bank's transaction limit)
• Invalid card number. (Invalid card number, or the card is blocked by KX or bank)
• System Error. (System error on the side of the payment system, you need to repeat the transaction)
• No Action Taken. (Prohibited by the bank without any explanation)
• Suspected Fraud. (Suspected fraud)
• No Credit Account. (No credit card account)
• Lost Card, Pickup. (Card lost)
• Special Pickup. (Card stolen)
• Hot Card, Pickup. (Card stolen)
• Not sufficient funds. (Not enough money on the card)
• Expired card. (Card expired)
• Incorrect PIN. (Invalid PIN)
• Transaction not permitted on card. (The payment system does not accept cards of this bank)
• Txn Not Permitted On Term. (The payment system does not accept this type of transaction)
• Suspected Fraud. (
Suspected fraud) • Exceeds amount limit. (Amount exceeds the allowed daily maximum)
• Restricted card. (The account on the card is frozen)
• Security violation. (Card account frozen)
• Exceeds PIN Retry. (PIN entered the maximum number of times)
• Function Not Available. (Card number is not valid or does not exist)
• CVV Validation Error. (Invalid CVV code).
• Issuer not available. (There is no connection with the bank)
• Transaction violates law. (The transaction is illegal)
• Duplicate Transaction. (Double transaction)
• System Error. (System error on the side of the payment system)
3DSECURE. Lesson 10.
This lesson is about the 3D Secure system. 3D Secure is a system that provides additional verification of payments. It can be installed from the side of the card (BIN) and from the side of the store. Represented by 3DS by several systems, depending on the payment system.
VISA - VBV, Verified by Visa.
MasterCard - McSC, Mastercard Secure Code.
American Express - American Express Safekey
Discover - ProtectBuy
This can be implemented in three ways:
1) In the form of a code that sets the KX.
2) In the form of a dynamic code that KX receives in SMS (like ours).
3) In the form of a code in the application, some banks have such a service.
As I said, the system can work both on the side of the store and on the side of the card. As for the cards, the system works only on cards of certain BINs. That is, if one card of any BIN has VBV or McSC, then you can be 100% sure that it is present on all cards of this BIN. And vice versa, if there is no system on one or another card, then it is not on all cards of this BIN.
If the store has 3DS, that is, the store's payment system provides verification of the payment, and if there is no 3DS on the card, then (With some exceptions) we will have no problems with the payment and will not be asked for anything.
If the store has 3DS, and the map also has 3DS, then we will be asked for either a code (If it is the USA) or SMS (If it is not the USA, there are also exceptions here).
If the store does not have 3DS, then it does not matter whether it is on the card or not, we will process the payment without any requests.
The exception is some European stores, which, before making a payment, write in plain text that in order to pay, the card must support the 3DS system. How, in fact, be with the second option, when both the store and the map have 3DS.
1) You can just change the BIN, that is, take the one where there is no 3DS. This is a good option, but for example, if we are doing potentially suspicious driving, for example, on different Bill and Ship, it is better not to consider this option. Because stores are more willing to send in such cases if the card was with 3DS, because in this case, the return of the KX money falls not on the store, but on the bank.
2) Reset the code and change to your own. This is a good option, it is possible on the vast majority of BINs in the United States. To reset, you need, depending on the BIN, to know either SSN + DOB, or just ZIP. There may also be SSN + ZIP, for example. Resetting is possible in other countries, but there it is very difficult to punch data needed for this. Bank account number, for example, IBAN, and even DOB in many countries is very difficult to punch through.
Also, it is mostly dumped in UK by DOB + ZIP. Sometimes the phone also requires you to indicate from the card.
Actually, how to find such BINs. To my gigantic regret, the main shop was closed this year, namely the official site of VBV. Therefore, everything is very, very difficult now, but doable.
First, you can find such BINs in practice by buying a card and driving it (even a dead one) into any store with VBV. The payment will not work for you, but you will see a window that will let you know that there is VBV on the card. It will look like this if there is 3DS on BIN and the code itself is installed:
Or so, if there is 3DS on BIN, but the KX code has not been installed:
It will look exactly the same when you dump the already installed code.
Secondly, you can find such BINs in advance, before buying cards, but alas - not at all banks. To do this, you need to find the site of the VBV bank. Using a request to Google - NameOfBank + Verified + By + Visa. And after wandering and searching, you may or may not find the bank's website. For example - secure2.es.arcot.com/vpas/wellsfargo_vbvisa/enroll/index.jsp?locale=en_US&bankid=932 - Wells Fargo VBV site.
After finding such a site, we go to the generator of card numbers by BIN. For example, in this - bincodes.com/bin-creditcard-generator/ (or namso-gen.com/).
And in it we generate a BIN map and then insert it into the site that we found. This card does not exist, but since the system is on all BIN cards, we will see if there is VBV on the BIN or not.
For example, you can check BIN 434257 and BIN 491991. And compare the result.
There are two main ways to find such BINs. On those sites of banks that you find, the code is also reset if it is already installed on the card. That is, if, while driving into a store with 3DS, you saw a request for a code, and not SSN and other data (that is, as in my first screenshot, not the second one), then you go to the site and reset the code there.
The same two options therefore apply to MasterCard. That's all about the 3DS system.
FAQ:
A: It turns out that you can only check empirically, or if we go to the bank's website and check there, right?
B: Right, and not just to the bank's website, but to the site for registering the code for the bank, which we find by searching.
A: What is SSN + DOB, SSN + ZIP, what are SSN and DOB in general?
B: DOB - date of birth. SSN stands for Social Security Number. They can be punched.
Punchers:
infodig.is
robocheck.cc
@@XardySSN
@@SEARCHSSNDOB
A: So, that is, we are potentially hunting for BIN without VBV in order to hit stores with VBV? Except when we pursue the goal of increasing the store's trust in us, then we take AutoVBV / Just VBV followed by a reset (preferably by ZIP)?
B: That's right. If we hit stores without VBV, then it makes no difference at all, but after you have received the track, you can check the BIN in any store with VBV along the way.
A: On most VBV cards in the United States, is it just not in stores because of the country's leading place in the world in terms of household consumption?
B: Right. For the same reason, many KX do not install it, so when driving such a card into a store with VBV, in most cases, you just install your code right away.
As for the choice of BIN, we do not accept American Express, because cancellations come very quickly on it, it is suitable in very rare cases, when, for example, a store in the same state as Drop / Reseller or a digital product. That is, when we quickly receive the track \ item, without waiting for the cancellation.
With regards to Debit Classic, Standard - there is very little money for them, on average, 100-150 dollars from them can be hammered in. There are, of course, exceptions, but if you plan to drive a little, you can take them.
Spoofs and interception services. Lesson 11.
We have a theme - Drop, then - dummies. And stingy, in fact, then - hucksters, buyers. Actually, bogus people are people who provide us with this or that service and, as a result, alas, become scapegoats. In our context, the dummy
people are people who receive packages. They take them to their address. We do not interact with them directly (if these are not our personal figureheads), but we do it through Drop-services. There are quite a few of them, they work almost throughout the United States and, in general, there is always a dummy person for our needs. The most common scheme for working with Drop services is buyers, that is, the Drop service works with a huckster, usually buystuffusa.com, and with the help of dummy people they send the goods we have transferred there, and then, having received a payment, they transfer our percentage to us. Usually BTC or WMZ. Some Drop-services also work on delivery on different terms - this is either 50/50, or a fixed price. If 50/50, then we must send two goods in one order, one goes to the service, one is sent to us. Previously, they bought mostly easy-to-sell goods, now they also often buy up various rubbish. Blenders, binoculars and the like - the list is very long. Product lists are similar, but each drop service has its own, as well as percentages. Also, light goods are sold through Drop-services on Amazon, the percentage is higher and the list of heavy goods is much larger, but sometimes you have to wait a long time.
Each Drop service has its own account, it allows you to choose a dummy person, beat him up and then add the goods going to him, after you have received the track code. Payment always goes on delivery to the huckster, that is, after the goods sent by the dummy to the huckster, it reaches him. Some services also provide their own calls, but it's better to use third-party ones. Fake people, with the exception of PickUp services, accept any name, so in the order you can indicate at least the name of the fake person, even KX, no difference.
A good list of verified Drop-projects (drop-services for staff and cash-in) is here:
CashOut Services & Drops for Stuff
ATM. Any cashout. Exchange, purchase, electronic currency. Drops for stuff.
carder.uk
Buyers of goods (stingy):
Stuff Market - [ru] Карженный товар
Sale / Purchase of carding stuff. [ru] Покупка / продажа карженного товара. Барахолка.
carder.uk
When choosing others, look at the reviews, because new ones can be thrown, especially if there is no deposit. That's all for the front men.
FAQ:
A: Are there fake people for each state / major city?
B: Not for every large city, but for almost all states, plus new ones often appear and non-working ones are replaced.
With regard to interception. Driving under the interception - this is driving when we drive into KX - in the name of KX, on Billing and on Shipping KX. And after that, the task is to intercept the parcel in the mail. The parcel first goes to the warehouse of the delivery service, before arriving at the address, and our task is to make sure that it does not reach the address to the KX. This is the method of driving in to interception.To
implement the whole scheme, you need:
1) Competent call
2) Interception service
Interception service (PickUp) is a service with dummies who come to the post office with fake documents and pick up the parcel. The call is needed in order to be able to delay the parcel at the warehouse, that is, to make sure that it does not leave for the address. The call calls on behalf of KH and asks to delay the parcel at the warehouse, arguing that he will come and pick it up. Also, now they call on behalf of store managers, saying that the client asked not to send the parcel to the address, he will pick it up himself. If we managed to detain the parcel, then we register it at the interception service, he makes the
documents for the dummy (Drop). And then the package is picked up and sent to the huckster.
Intercept-service example - @ ninjablack63
Each intercept service has a zone of its work, that is, from where they can pick up the parcel. For example:
google.com/maps/d/viewer?mid=1O7ic6CFuOdnN8FdJ7npcxfIypM8&ll=33.66949700076431%2C-116.55532833281251&z=7
On the left - available states for interception. Those that are highlighted are branches in the black lists, in no case can you send them to them. All ZIPs that fall into the interception zones (except for black sheets) are suitable for driving.
By mail, the main ones are UPS, USPS, Fedex. At UPS and FEDEX, it is sometimes possible to delay right through the site along the track. When choosing a branch for Fedex delay, if delaying through the site, select the branches where it will be indicated - Fedex Office Print & Ship Center. Such branches in the list will be listed with a phone number, which will allow, if something happens, to call this branch through a bell. We delay the parcel after it has arrived at the post office, that is, we track it by the track code. That is, the algorithm is like this - they hammered in, we wait for the track, after the parcel gets to the mail, we write to the call, it calls, delays, then we transfer the data to the interception service.
Regarding the choice of CCs, fat CCs are best suited, that is, Classic is definitely bypass here.
Because interception services work with packages from $ 1000. Whereas ordinary Drop services start at $ 250.
Of the banks for interception, Credit Union is
best : KINECTA FCU
ROBINS FCU
TOYOTA FCU
NEW MEXICO FCU
MUNICIPAL CU
BRANCH BANKING
STATE FARM
FINANCIAL
That is, with CU at the end. If the delay has not passed through one call, you can later through another, there is a chance to get to another operator.
Few contacts calls, but in general almost any will suit those who have a delay service:
@Malfey_Prozvon
@fbi_call
@brabus_call Store
rating - webstatsdomain.org
Redirecting parcels. Rerout. Lesson 12.
This lesson will be about Rerout. Reroute means forwarding, redirecting mail, in our case, from one address to another, the one that we need. What is a redirect for? It happens that the store has already become competent in terms of security and already has enough addresses of various kinds of intermediaries in its black lists. But trying to beat an unfamiliar store at once by redirecting is also a personal matter for everyone, many test stores by driving them into an intermediary. It turned out, great, it didn't work, you need to go to look for a store that will give it to an intermediary or try it by driving it with a redirect, that is, to the Billing data of the cardholder.
And so what we need to prepare is:
1) KX data, for example: Elsie Guzman, 1425 utopia ln, Vineland 08361, 8568994854, [email protected], 4147202111064760, EXP 10/18, CVC 199
2) SSH or SOCKS is desirable, as close as possible to the Billing address (aka Shipping), ideally the same ZIP. But this happens quite rarely, so a city may be enough, well, in an extreme case, it's the same state. Using a different state is already a 50/50 idea, or even less.
3) The address of a figurehead or intermediary to which we will redirect the parcel if everything is successful and it will be sent. The situation with this address is about the same as with SSH and SOCKS, ideally you need the same city as in the Billing address. As a last resort, see the nearest state on the map.
4) Contacts of services, who can make a redirect.
FAQ:
A: How does the redirect happen? In fact, the call rings and negotiates for the parcel to be redirected?
B: Yes, there are a couple of methods of redirecting through call services and through the mail account, everyone does this using the contacts that I will give, or you can find it yourself on the forums, and you can also do it yourself if you do not want to pay money. The call rings the delivery service when the package has been sent. But you can order a call to try to change the delivery address before the parcel is sent, but in most cases, the store asks to reorder, and this is no longer a very idea.
A: How far can SSH be removed from the Billing address?
B: For example, I try to keep no more than 500 miles, but there were cases that passed from a neighboring state. Depends on how the store's AntiFraud is configured.
Now specifically the process. Found a website, prepare a basket, fill in the columns. And a few more subtleties, as for phone numbers and Email, you can put your own. If AntiFraud is fierce, then there are several options:
1) We put the KX mail and flood it (In the case when AVS checks the mail with Billing information).
2) We put another mail, BUT NOT FRESH REGISTERED. That is, from another CC from working off and so on.
3) We buy mail with a long-standing registration Made in USA and use it.
We leave the phone under our control, they often call. You can leave the name KX, if the redirection goes to a dummy, if to an intermediary, then drive it to the name that is in the intermediary (not all intermediaries accept anyone).
Everything else - address, city, state, ZIP, everything is like in the Billing address.
Next, fill in the Shipping or Billing address in different stores, the order goes differently, put the Same checkboxes, that is, the Billing and Shipping addresses are the same. We drive in. We are waiting for the result.
If the store decided to call the KX number that you indicated in GoogleVoice or TextNow, then there are voice messages and many managers leave their questions or requests to call back and clarify something on the order. They can just call and not leave a message, which means we look at what number called and look for it in Google, usually we find a store. And now it is clear which store called, if they called, then 99% of them need to find out something. We order a call to steer the situation. Make an order for a call, and he tells you the result
Further. You now have a track number by which you can determine what mail is sent, when and from where it was sent, when and where your parcel will arrive. It is important to understand some points here. Not all mails are currently forwarding without any problems.
Let's analyze this question:
USPS - there are no services at the moment (And no options have been found yet).
UPS - redirection is possible through a call or through the UPS My Choice system (through your personal account on the website).
FEDEX - redirection is possible through a call or through a Fedex account.
DHL is a rare mail, but it is also possible to make redirection by call or via delivery.dhl.com FAQ:
A: That is, redirection is done after the parcel has been sent, and not before that?
B: Yes, exactly, after the dispatch took place.
A: How does the delivery service believe the call? Does he provide them with any data? Or is it just overwriting something?
B: There is a special order form, there is all the information that a call or service needs, you fill in the order information, and they will already work.
A: If you made a parcel to KX, then ordered a call, and they sent it there, that is, in this case KX will receive a gift.
B: Yes, if the service failed, you don’t pay him money, and KX gets a gift!
A: If you redirect from the mail site in your personal account. Do you need to create a new mail account every time? How to assign this package to a new account?
B: Registers in the name of KH and to his real address, because the post office verifies everything. Further, in the office, you can see all the parcels that go to this address.
A: Does it often happen that the service could not?
B: Often, especially calls rarely cope, because of the ban that the store has set. It is more realistic through the mail account, but Fedex has some kind of prohibition, which cannot be done through the account. It all depends on the store, that is, on the sender. There are services that bypass the bans, but more on that later.
So, you have a track, but you shouldn't immediately step on the gas and contact the service. You need to find out when the package will move from the department and will be in transit. Great, the package is in transit,
went, we look when his delivery is on schedule and two days, maximum one day before delivery, you need to make a redirect request. Some do it right away, and generally from California to New York, but this may end sadly, because the store can set itself notifications and follow the track. This is especially true for small shops. And do not forget that even if the store does not follow the parcel, then a quick refund can force it to make a U-turn back. Therefore, we try to work on a short shoulder. And one more subtlety, not long ago I got caught with the fact that I drove a store located in California and the address of KH was also not far away. The service stupidly did not have time to make a redirect.
Conclusion, if you redirect, then you need to calculate the warehouse of the store, in what state it is, then we contact the service or do it ourselves. If the redirection is successful, it will be seen that the request to change the address has been accepted by the system and is awaiting its execution.
An example of a successful redirect looks like this:
If the redirection is not possible, then you will be told about it, and you do not owe money.
Now the subtleties. If we plan to contact the service, then it is best to start with a call, it is cheaper. In the region of $ 10-15. While, redirecting through accounts or for items with a ban costs from $ 40- $ 50. This is my personal experience, if the call failed, I go to a service that works with bans. Further, you are already waiting for the parcel from a dummy person or from an intermediary.
Sample Service Request Form:
Shop: www.shop.com
ORDER INFORMATION
Shipping Address:
Derek Jame
4757 N Ridge Ave Apt 2, Chicago Illinois 60660
3474279920
Shipping Method - FedEx Home Delivery
453070888888
Forwarding to this address:
1235 AVENUE B COUNCIL BLUFFS IA, 51501
A: How to find out if a parcel is in transit? By track number? That is, it is desirable that the warehouse is not in the same state as KX? How to calculate?
B: The inscription Pending is visible, and after it Transit, then the package went. Everything is visible in the track! Yes, it is highly desirable that the store and the KH live a little further away.
A: How to find out where the store has a warehouse?
B: Sometimes they write on the site, but you can safely write to technical support and ask.
Contacts:
I often use this call - @fbi_call, it does UPS and Fedex, but it does not bans.
Female voice - Nika (@Nika_Nikola)
Regarding problematic redirects and bans bypass:
Fedex - @rasmus_call
UPS and Fedex - @Researcherwwh
Phone numbers:
textnow.com
evoice.com
gvoice.pw
Operations in Europe and Asia (Features). Lesson 13.
Everyone remembers what AVS is? So, one of the main advantages of working in Europe is the absence of AVS, with the exception of UK, where it is available offhand in 60% of stores, and also partially in Italy, Germany, where a small number of stores have an AVS system.
The second feature is the lack of calls, in Europe they really do not like to call from stores - this is also a big plus, but there is also a minus, they ask for documents. They will not call in any case, but they can ask for documents in which case they can, but after providing the docks with 99% probability they will be sent.
The third feature - the ubiquitous 3DS system - is available in almost every European store
- it can be bypassed or by driving in the US BINs with VBV and McSC reset - this is a good option, but not for all stores it is suitable, for the reason that some European stores in general, they close the payment with US cards. Also, there are UK BINs with VBV and McSC dumping - this option is already better. And NoN VBV are European BINs, they are pretty hard to find now. And another option is to drive in American Express, but these are quick refunds, so it is suitable for ordering by express delivery or for Gift.
And the fourth feature - manual check, is available in some European stores, sometimes for all orders, sometimes only for suspicious ones. For example, at ASOS, all orders are manually checked. With her, despite the absence of AVS, the store calls the bank and finds out your real Billing address. There is no way around it, just beat Bill! = Ship, and then send fake documents. In this case, the order will be sent.
Another option is to drive through the PP (PP), the work with which will be in the next lessons. An important point when working in Europe is not to take the card of the country where the delivery is going, that is, if we send a parcel, for example, to Germany, then we do not take the card to Germany. By
it is better that the map does not coincide with the country of the store, but this is not necessary. The main thing is not to coincide with the Shipping address, otherwise you will kill the figurehead. Also, in Europe there is such a problem as a region of prohibitions, that is, a ban on payments outside a specific country, but here it is only to check this by tests, it is not found everywhere. And another big plus of Europe is that it can be sent directly to Russia. Everything in Europe.
As for Asia. First, again, let's start with the pros, the region is less used than the US and Europe. The second plus is that Asia takes any SS in general - the United States, Europe, and Asia itself. And, in fact, the third plus - many stores are ready to send to Russia, as for the cons. Delivery to Russia is very long. Moreover, from any Asian country, so it's better to send it to an intermediary in the United States - it's much faster. Also, they often ask for a fake (Render documents). There is no AVS anywhere in Asia at all, but at large sites there may be manual verification of data after the payment has passed, and at small stores there may be manual processing. That is, we leave them the card details, and they make the payment themselves. In this situation, we indicate Billing from the card and wait for a request for forgery (Documents).
Regarding the fact that any SS climbs - there is a nuance, if we hit Europe or the CIS, then we take the map of Europe, if in the USA, then the USA. And if we take the SS of Asia, then in this case we drive it into the very country where the SS is from - if we hit the middleman in Asia. For example, with regard to VBV - VBV is, but not far away everywhere. Moreover, Asians sometimes like to hang VBV or McSC badges, but in fact there is no reconciliation. Where there is VBV, you can punch any CC - USA without VBV, USA with VBV, Europe.
Regarding driving, another point - despite the absence of AVS, it is better to beat especially expensive parcels on Bill! = Ship, since they can check manually, up to $ 1000 you can beat BillShip. As for the search for stores, I will tell you separately about Asia.
Terms:
Shop - online store, shop.
Payment system is a merchant (for example, Shopify). It is worth clarifying here that the concept of a payment system includes many meanings, now I will explain.
For example, VISA and MasterCard are a system of settlements using bank cards (CC).
PayPal, QIWI is a system of settlements with electronic money on the Internet.
And such things as Shopify and SagePay are already payment systems inside the online store. Relatively speaking, you can call it their engine.
Do not be afraid to get confused, the context will make it clear what exactly it is about.
Search for online stores. Lesson 14.
So, search for stores. Actually, oddly enough, everything is simple here - it's easy to find stores. The main task is to filter them. Stores are mainly searched through conventional search engines. The search itself is carried out from the IP of the country whose store we are looking for, so that there are no unnecessary results.
The main tool when searching for stores is the operators of the search engine that we use: 1ps.ru/blog/dirs/2016/operatoryi-poiskovyix-sistem-google-i-yandeks/
About the correct search on the Internet: habrahabr.ru/sandbox/46956 /
Here are the key Google operators - they refine the search query very conveniently.
The main ones that are regularly used:
site - You can specify the domain.
Intext - You can clarify what should be in the text of the site.
inurl - In a site link.
Also, you can use + so that there are no word exclusions, as well as keywords with the corresponding operator and the related operator.
What you DO NOT NEED to use:
Words and phrases: buy, pay visa, pay mastercard, shop with. In general, you can also search by payment systems, but more on that later. After we have found a store, we need to check it out. First of all, we check it for publicity using, again, Google. By requesting StoreDomain + Сarding. Thus, there will be a search for those sites where both the store's domain and the word Carding are found, and since carding is spelled out in keywords on all carding forums, you will find that if this store was mentioned somewhere, it was merged. If this was before 2 years ago, then it is better to leave this venture, most likely, with such stores you will lose either a lot of nerves, or money, or all at once. If, for example, the posts are relatively new, then somewhere information may be leaked on how this store is better to beat, that is, the presence of AVS and so on.
The second thing you should definitely check, especially at your stage, is the popularity of the store. The universal measure of this is Alexa Rank. It is checked here, for example - alexa.com/siteinfo or on any similar site, the higher the rating, the less popular the store, the lower, the more popular. The higher the score, the more likely it is that the store is easier to drive in. Also, on whois.net, you can, for example, see how fresh the domain is on the site, but that would not say that it is a defining indicator. In Asia, everything is the same, but you can connect the search engine baidu.com.
As for payment systems, to find out the payment system of the site, you can, for example, use the site builtwith.com - it does not always detect, but it does.
Basic information on payment systems:
USA
1. Shopify - tightens the screws tighter and tighter every month. Notices DS and other IP spoofing. Knows Billing. Doesn't bother himself, even with cancellation letters and letters about possible fraud on your part. The way out is either to look for innovations in the system settings, or the most straightforward stores that are not scared until the checkbox is a possible Fraud. Or beat very cleanly
2. WooCommerce - traffic depends on the online store, on how the system is configured.
3. BigCommerce - basically everything is the same as above.
4. Magento is simple, so stores may require verification.
5. Shoprunner - this is the payment system of many mono-brand Internet stores. Easy enough to work with.
6. Braintree is quite lightweight.
EU
1. SagePay - always VBV, depending on the store, different types of cards. Important: There is no SafeKey for AmEx. USA and UK eats under dump. It is important - if the payment has passed, the store will send 99%.
2. CartaSi - always VBV, almost does not take non-European cards. SafeKey almost always.
3. BancaSella is one of the great VBV engines. USA and UK go well for a reset. There is a miracle and VBV is not. 100% hit if the transaction was successful.
4. Adyen is also handsome, all countries climb, there is no SafeKey, but with a successful transaction, the store can get to the bottom.
5. Bucharoo is the nastiest Dutch merch. And SafeKey, and only Europe.
6. Wirecard - No SafeKey, like AmEx, has practically stopped eating anything other than Europe. It happens without VBV.
7. Erstes - the same Wirecard ..
8. SaferPay - SafeKey is available, only Europe. It happens without VBV.
9. Nochex, datacash, ingenico e-commerce (Not to be confused with regular Ingenico) - always VBV.
Non VBV
1. Net-a-porter - all mono brands in Europe. VBV is rare. Everything will be hammered in there.
2. Deletion. The purchase amount is blocked and the final write-off occurs at the time of delivery of the parcel. Therefore, it is imperative that the card lives up to this moment. This is a maximum of 2-3 days.
3. Zerogrey - used to eat everything, now it has become more capricious, mainly Europe. 99% chance that the first order will need rendering. If done well (Photo, not scan), then success is guaranteed. I advise you to always create an account in the store, if the card survives after the first shipment, squeeze the maximum out of it.
In general, as you can see, everything is quite individual here, who is more convenient to beat which system. For example, I love to beat SagePay - the European system. He eats any CC with VBV (Almost any store). And if the payment went through, then the store in 99% of cases will send the parcel.
There are sites of such a plan: myip.ms/browse/web_hosting/World_Hosting_Companies_DB_140000.html
They allow you to search for stores using a payment system that also provides its own engine, like Shopify, for example, that is, if you specify the hosting company Shopify, you will see stores with by this payment system.
Builtwith.com is also possible, but for a limited number without a subscription. In principle, you can drive a subscription.
FAQ:
A: What should NOT be used?
B: What a bad and stupid request looks like - buy + iphone + xs + pay + by + card. How can you
make it ok - iphone + xs + sale intext: "cart". Why is the first one bad? It's simple - there is no Buy in the keywords for a long time. At the beginning of the 2000s, it was when stores were opened as a concept, now they are not. Pay By Card is also past - everywhere there is a card payment, and if you specify with the help of an operator, for example, that the text must contain the word "Cart" (basket), then this is completely different.
A project in Private Keeper for finding stores:
PK is such a platform, a license for it costs 200 rubles per month. It also works on search engines, but automates and simplifies a lot.
pk.woex.in - buy Private Kepeer key.
deival909.ru - official site where you can read about the program.
@holyrain - Makes projects on PK. Contact him if you want to have at your disposal a large list of stores where you can drive. Also, he also writes projects on Brute accounts in stores (later you will understand why this is a very useful thing)
Link parsing. Short. Lesson 14.1.
To parse links, we need SQL Dumper 8.2, SQL Dumper 9.2, Dorks Combine, and TextUtils.
Run TextUtils, then RMB on the document - Text Utils Pack - randomize.
A new file will appear on the desktop, filename_randomized. Open it up and copy Dork's from there.
Open SQL Dumper 9.2. We put our Dork's and ideas here in the Proxies List.
Click Clear (clear what is there by default) and look for a proxy. You can take, for example, at best-proxies.ru/good-proxies.ru
We load the base for brute-force, proxy, start. Press the folder - the folder with the scan results will open.
It looks something like this:
That's all.
E-Gift. Lesson 15.
There are two types of Gifts - physical and electronic. Physical Gifts are gift cards, they are rarely hammered in, because it is not often you can find their buyers, so we are more interested in E-Gifts. E - stands for electronic. Their essence is that if a person wants to make a gift to someone, he can give a virtual Gift-card. A certain denomination. The person who received the Gift can choose a product for this amount. E-Gift comes to the recipient in the form of a code by mail. After that, in the store where Gift is from, you can pay with this code. You can pay as part of the purchase, or as a whole, if there is enough face value.
It happens when the code from Gift'a is not entered when paying, but to the account itself in the store and the funds are debited from the account. Our task is to buy a Gift and cash out in the form of a product to ourselves,
or sell it, if such is bought up. Plus driving Gift - Gift beats BillShip on KX, and when Gift has passed, the recipient beats it with Ship = Bill. That is, on yourself entirely and completely (On a front person). E is a kind of bypassing different BillShips, which stores don't really like. In stores, an electronic Gift is designated as an E-Gift / E-Gift Card / Gift Voucher.
The disadvantages of Gift'ov include the fact that he can die, sometimes the store can throw off the Gift instantly, that is, immediately, drove in and after 2-5 minutes a Gift arrives, but then, when we use such a Gift, the store can take an order for processing ... And during processing, a refund may arrive because it can take 3-5 days. Another option is when the store does not send Gift instantly, but first processes the payment and then sends it. As for me, this is much better and more convenient. Allows, if something happens, to make verification with fake documents or a call, if the store has any questions. Sections with Gift'ami can be, both on the site itself, and among the goods, for example.
Maybe below, where are the delivery terms and so on, like here, for example: modeltrainstuff.com
It happens that something like "E-mailed within hours of purchase" is indicated - this means that the processing will go immediately after placing the order, and then the Gift will be sent. Maybe like "Gift cards will be e-mailed instantly and can be used immediately" - these will arrive instantly, and it is likely that they can be used immediately. With regard to the design of Gift'ov.
There are key fields here:
Your Name - Recipient's name
Your Email - Recipient's email
That is, the sender's name is the recipient's name. There are some tips here. First, a gift from a married couple, that is, in the sender we write, for example, John & Sara, you can write Smiths Family. Also, you can make the same last name for the recipient and the sender. That is, in the sender, write the name of a figurehead, for example, it will turn out as if they are family members and further develop this in a congratulation that always comes with a Gift-card. Here you should not leave an empty field, but you should write either wishes
or some wish found on the Internet.
With regard to mailboxes. It is best to take different domains, that is, the sender of Yahoo, for example, and the recipient of Gmail. As for the drive, everything is standard here, but we beat BillShip. IP is better for maximum under CC and it is better to drive in on Monday, Tuesday and Wednesday. When Gift came to the post office, what can be done - we buy goods ourselves, that is, we buy goods for Gift and enter our delivery address in the USA, or create a topic on the Carding forum with a proposal to sell Gift for a percentage, or simply look for a huckster. It is better to let him lie down a bit before that.
FAQ:
A: How many gifts can you send to one mail, without suspicion?
B: One.
A: How long is it better to let it rest, how much do the Gifts go for?
B: Maybe three hours. For any amount that the store allows.
Terms:
Enroll - enroll, roll (in fact, it's just registration and creation of a personal account in online banking).
Reroll is a reroll (this is the same registration, only we just reset all data and register again).
Verification payments - minikis, MiniDeposit (you will often see this thing later in the lessons).
“Opening” a card, hacking a card means that you were able to gain access to your online banking account, now you can see the CC balance and so on.
Enroll. Online banking. Lesson 16.
The first lesson on BA (This lesson is not about BAs themselves, but about Enrolls, keep this in mind for the entire duration of this lesson). BA is online banking. In Russia, this is the type of Sberbank-online, VTB-online, that is, the personal account of the card. In the USA, such an online account has more options. Who remembers how we can determine the bank, having a card in our hands? Correct - by BIN.
Let's understand the terms a little. There are Reroll and Enroll. Enroll is when KX did not Roll'il the card before, that is, did not create a personal account for it, did not register, and we do this for the first time for the card - this is Enroll. Reroll is when the KX card is already Roll'il.
And we, using the same data that are needed for Enroll, reset its data and, as it were, re-register. What exactly does BA provide. Different - it depends on the bank. First, verification payments, that is, MiniDeposit is such a small amount that is debited from the card to confirm that it is yours, as some shops do after payment, and some services may request MiniDeposit to link CC there. It looks like two small payments - usually one dollar. They are debited and then you are asked for the exact amount to be debited, and then they are returned to the card. This function may not exist. In this case, if the verification payment was debited one, then you can look at the statistics of the balance change and calculate it.
The next BA function, it is present in absolutely all BAs, is that we can find out the balance of the card. This is useful when making large drives. The third function - adding or changing the Billing address - is not available in all banks. The intermediary should not be added / changed, because they are blacklisted by banks. After changing or adding an address, it is better to wait 3-5 working days. Hypothetically, it may take longer to change the address in the database, but this is such a basic period for which it most often changes. If the address has changed in your personal account, this does not mean that it has changed in the database, therefore it is important to stay in bed. Also, not in all banks the added (exactly added) address can be considered as Billing. We roll the map in the same way as we beat
it, that is, also the LS-SSH tunnel. It is better not to take SOCKS, because they do not live long.
The Enroll order is as follows. Let's say we don't know which jars can be broken. And we don't know BIN's either. To find out, go to the bank's website and look for there - enroll \ register \ join \ sign up. Having entered
the card number, we already find out what is needed for Enroll, most often these are combinations of DOB, SSN and MMN. More often DOB + SSN.
As for the IP, let's take it closer to the dummy (Drop). It is better to take a fake person in one state, not to risk it. If we are doing Reroll, then it is better to take the IP under KX in order to reduce the risk of additional checks and notifications that KX has installed.
I recommend flooding KX's mail, since the soap indicated in the package with the card was most likely left by KX in the bank with Enroll and Reroll, especially since notifications about this will be dropped there - this does not always happen so far, but it can be.
Actually, if everything is fine, but the card did not open (they could not enter the personal account - personal account), then there are a lot of reasons, among the main ones are No Valid card, incorrect data, inappropriate BIN (some debit or just an unsuitable credit card), and also, which, in general, quite often, the card that you are trying to open can be the second KX card linked to the Internet banking of the main card, in which case you will not make either Reroll or Enroll.
FAQ:
A: Many banks ask for a Member Number, when you try to break the card, is it me, as I understand it, there is no way around it?
B: Rarely met, at most a couple of times.
A: Also, they ask you to choose the type of account, from the options: Cheking, Saving, Certificate Of Deposit, Commercial Loan, Line Or Credit. In general, what is it?
B: Account types. Settlement, savings, line of credit, loan amount in the form of Loan.
Actually, after we broke the card, we get into our personal account and there we have several lines with the amounts of money. So, usually this is Credit Limit, Available Credit, Current Balance. There may be others, with the postscript Cash.
Current Balance is NEVER a personal account balance - this is the amount that KX has already spent from the credit limit. Our balance is Available Credit. After entering your personal account, we check the last numbers of the card, in your personal account and your card they must match, we always do this first. If they do not match, then either the card has been reissued, or (If it is Reroll), then another card has been added to the personal account. We will not get access to it in any way, as in the case of the re-release. If everything matches, then everything is fine. Also, as already mentioned, do not forget to give the map a rest after changing Billing. You should NEVER change your mailbox. Everything else can be changed, including the phone. There are still notifications in your personal account.
After the first visit to your personal account, we unobtrusively look into the settings and check what notifications are on there. You should not turn off everything, only those that will definitely interfere. That is, for example, about transactions over a certain amount or about transactions as such.
Also, in the settings, you can sometimes disable the blocking of certain regions, if it is worth it. It is better to do this before all address changes and other things, that is, they opened the card and while spam is going on, we turn everything off, slowly. It is better to leave a couple of notifications that will not affect our work in any way. As for driving through your personal account, you can drive as usual - on BillShip, on a dummy. Or you can make a call - this will maximally protect your personal account from death, because such payments are processed in a special way and are displayed as Offline purchases. Not all stores support this, so you can either check with technical support, or it will be written like that. We throw all the data on the call, by order, by SS, and he drives in by phone.
Terms:
Brute - brute. (The way to hack an account through a simple brute-force. Does not work if the password is too complex)
Logs. Brute accounts. Lesson 17.
Lesson about working with hacked accounts and logs. And let's start with hacked accounts, that is, brute force data from one site to another site.
They look like Mail assword or Login assword. Also, together with Brute, Checkers are often used, therefore, as a result, accounts of the form are on sale:
Mail assword
Availability of
CC \ Balance
That is, the data that may be from the account is important. Let me clarify a little, hacked accounts can be of several types (If you classify them by belonging):
1. Store accounts
A) With a card.
B) With balance.
C) With orders, empty.
Store accounts with a linked card can also be of three types:
1) CVV is linked and never crashes.
2) CVV is linked and can fly off due to AntiFraud or / and change of Shipping address.
3) Without CVV.
With the first type, everything is clear - we change the Shipping - helmet. With the second, everything is a little more complicated. Here it is best to intercept / redirect and spam mail so that KX does not receive a letter about the order, along the way to watch the track in the store. And the third is essentially the same as the accounts with orders, empty. They are needed only for the reason that there is a purchase history, that is, the account is not fresh, but already more or less verified and there is more trust in it.
As for the accounts of stores with a balance, everything is simple here, it is usually a Gift balance, so you can send it anywhere.
2. Accounts of offices:
A) With balance.
B) With different advantages.
These are rarely sold, especially if everything is easy on them, you can either withdraw them or pay for something (Miles, for example). This includes different poker rooms. casinos, bookmakers, wallets and so on.
3. Payment accounts. These are Brute PP (Which has outlived its own) and BA, which can be screwed to the re-registered PP or used separately (There will be a separate lesson about these two types of work).
Actually, this is about hacked accounts. Accordingly, when buying, we receive the data that is characteristic of a particular store, whether it is a balance or the presence of a linked card, it is best to beat such accounts with IP Shipping. If we do not know where we got the CC from, but we are going to send it for interception, then it is better to go into the account, see its address and then lie down for 4-7 days. And then picking up already under KX - to beat. You can, if the store has an application, use them from a customized android. If there is no application, then you can use Linken Sphere, or DS, as convenient.
As for the logs, the logs are obtained from Stiller, mostly, sometimes from the KeyLogger, and together with them, in addition to the data from the account, we receive Cookies. They can be loaded into the browser using the Cookie Manager extension and will be, in fact, like KX. Otherwise, everything is the same as with accounts. Logs are sold either by offices or in a whole batch, which may contain different accounts. The offices usually sell PPs from the logs.
FAQ:
А: What is Stealer (Stiller, stealer, stealak), KeyLogger (keylogger)?
B: Malicious programs. Stealers steal saved data from browsers, which allows you to configure files separately, and KeyLoggers intercept all entered information.
A: Ebay + PP, Ebay + CC accounts is it worth trying to use?
B: With Android it is possible, but the screws have been tightened.
Selling accounts:
blackpass.info
blackpass.name
blackpass.cc
blackpass.bz
Selling social media accounts (if anyone is interested):
deer.ee/search/?q=instagram
akitut.ru
A small addition to the previous lessons. What does the store see? Lesson 18.
Here we have three topics on the agenda:
1) How do you know that the store is firing?
2) What to do with the virtual machine?
3) How to customize android?
Actually, AntiFraud. AntiFraud works by passing data through the included filters. In addition to him, the store also has this data, on the basis of which the security service or managers decide whether to send the order or not. The main filters are:
1) Verifier - checks the correctness of the card number, is everywhere.
2) Stop filters - available in large stores, provide interaction between banks on suspicious transactions and complaints.
3) Location - filters by location. All CIS + a lot of points to Fraud.
4) Technical filters - check the coincidence of technical parameters.
We are more interested not so much in filters, but rather in what the store reads from us when entering it. To determine what a store notices, we need two things. Mozilla v. 42 and the FP Block plugin.
It is designed to block tracking, in our case it is needed to show that it is being tracked. It works simply, installs, then when you go to any page, it displays what it reads.
It looks like this:
There are clear identifiers here, there are not very many. A complete list of them:
1) DOM Session Storage - data of the current session (these are open tabs viewed in this page window), when a new browser window is opened, a new session starts.
2) Color Depth - the bitness of the color rendition, in principle, does not really matter, because here the variability is small, you can score. Created to notice when you have turned on the minimum bit rate on DS (Dedicated Server) to make it run faster, and you have the whole image blue-green-crimson there.
3) Screen Width and Height - screen resolution.
4) Cookies
5) Plugins - sees plugins, so that all plugins for substitution in the trash can, but plugins, not extensions.
6) Mime Types - sees which extensions the browser can open, it could be hammered, but when replacing the browser, be careful, because, for example, some YandexBrowser will open both audio and video for you, and something else, but Mozilla 42 will not open anything, so take this into account when substituting, otherwise you will burn yourself when driving in and then that's it.
7) App Name - the name of the browser.
8) Timezone - time zone.
9) User Agent
10) Pixel-Depth - the same as the color depth, but sees differently, again, if you do not have DS, then you can score.
11) DOM Local Storage - data for all sessions. (Caution, this is tough)
12) WebGL - sees WebGL.
13) IndexedDB - in its task it is the same as DOM storage, but they store a lot of data for a longer period of time.
14) IE userData is almost the same as storage DOM.
15) Java - sees everything through JavaScript.
16) Language - language.
17) Geolocation - geolocation.
18) Audio Ctx or Fingerprinting - audio fingerprint.
19) App Code Name - Compares requests and browser headers.
20) App Version - browser version.
21) Platform.
22) Canvas - installed fonts. Fonts used to display pages, headings, and so on. It all adds up to FingerPrint.
What to do with DOM storage?
Go here: macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html
Such parameters are read by the store and during order processing are in front of them on the payment page, respectively (For requests from the payment system come from there), identifiers are also displayed, they may be different, this is what is read when paying.
As for the virtual machine. There are two ready-made solutions here. Anti-detect from VektorT13, installed from the .exe file, quickly configured, I haven't tested the latest builds, I don't really like Vektor, but judging by the reviews it will work. The second option is Script, it is installed after the virtual machine is created in VirtualBox
github.com/hfiref0x/VBoxHardenedLoader - the Script itself.
The manual for installing it: github.com/hfiref0x/VBoxHardenedLoader/blob/master/Binary/install.md
And there is one caveat. In the hidevm_ahci file, you need to replace
% vboxman% setextradata "% 1" "VBoxInternal / Devices / acpi / 0 / Config / DsdtFilePath" "% vmscfgdir% ACPI-DSDT.bin"
% vboxman% setextradata "% 1" "VBoxInternal / Devices / acpi / 0 / Config / SsdtFilePath ""% vmscfgdir% ACPI-SSDT1.bin "
- ON -
% vboxman% setextradata"% 1 "rem" VBoxInternal / Devices / acpi / 0 / Config / DsdtFilePath ""% vmscfgdir% ACPI-DSDT.bin "
% vboxman% setextradata "% 1" rem "VBoxInternal / Devices / acpi / 0 / Config / SsdtFilePath" "% vmscfgdir% ACPI-SSDT1.bin"
On Windows 10 it can sometimes get a blue screen of death. It replaces a solid number of parameters, mainly those that scorch a virtual machine like a virtual machine, including a video driver. If everything is correctly installed, after starting the virtual machine, a girl from Anime will appear. This is the criterion that everything was set up normally.
FAQ:
A: And how to determine all the same what kind of payment system in the store, even on the example of what you threw off, let's imagine that there is no information on the site.
B: Well, let's pretend, but it will be absolutely overwhelming. The algorithm is as follows - we go through a browser based on Chrome to the store, place an order, generate a card number, enter everything, number, left address, etc., just fill in all the forms correctly, then open Sniffer - this is done by pressing the F12 key - there is a Network tab, a tick to the Preserve log, so requests will be saved regardless of redirects. After that, "Pay" and see where the request goes.
Manual for setting up Android using the example of Nox. Lesson 18.1.
Step 1. Download everything you need. Nox App Player from the official site.
Xposed Installer from the w3bsit3-dns.com forum or any other source you trust. Device ID Changer Pro Xposed - one of the modules for Xposed, can be downloaded from any trusted source, for example, apkhere.com
Step 2. Launch Nox, set the English language in the system itself, as well as in SOCKS itself, in the settings, among other things, it includes Root rights.
Step 3. Install Xposed Installer. After installing it, open it, go to the Framework and install it there as well. Install Device ID Changer Pro.
Step 4. Install modules in the download section: Xprivacy, Root Cloak (any version). After installation, go to the modules menu, turn them on.
Step 5. Go to the Framework tab. We do a quick reboot (Reboot).
What needs to be changed for driving?
1. SIM card data.
2. Geolocation data.
3. IP and DNS.
4. Information about the hardware.
1. To fake SIM data, we need real data and Xprivacy. Real data: We take the KX number. Next, go to whitepages.com and enter it in Reverse Phone.
After that, we receive data over the phone, and mainly the name of the provider. We write it out. After that, go to Wikipedia: https://en.wikipedia.org/wiki/Mobile_country_code
Here we are looking for our operator and write out any suitable combination of MCC (Mobile Country Code) and MNC. Next, we compose the subscription ID - this is 15 digits. Among which the first are MCC and MNC. That is, let's say - 310410xxxxxxxxx - here I have MCC and MNC from AT & T and other numbers. In total with 15 digits, the subscription ID is 19 digits, where the first is always 8901, and then any 15 digits.
PS For the largest stores, check the subscription ID and ICC ID using the Luna algorithm. We enter all the data in the Xprivacy settings. Country code 01. The country itself is US.
2. Replace geolocation data with any tool like FakeGPS, as well as NOX tools. And you can just turn them off, a lot of KX does this.
3. IP and DNS:
• Proxy Droid on Android itself.
• Double SSH Manager based.
• Any bundle that is convenient for you based on.
DNS - from the base or through DNS Forwarder.
4. Iron is replaced by only one button Randomize in Device ID Changer Pro.
After that, you can install any application and beat from it. This is very, very good in terms of AntiFraud. This setting is suitable for a real device as well.
Setting up WebRTC. Or what to do with it? Lesson 18.2.
Actually, why replace WebRTC for us?
The SSH tunnel was taken by the first one that came across and the configuration was done in Russian DS (By the way, I want to remind everyone that if you suddenly found yourself in Russian DS by accident, then clean up
the logs after yourself, otherwise you will end up on a bottle) to complicate your task, so that we do not pay attention to the time and blacklists. The problem, in fact, is in WebRTC.
Why would I replace it? I can just turn it off, for this I go to about: config, write peerconnection there. Disable the highlighted item:
I go back to Whoer, everything is fine, WebRTC is disabled. In general, this is enough for 90% of stores, but if you use PP, banks, Amazon, Walmart, AT&T, Ebay, anything solid, in other words, you will be immediately sent and your order too.
What to do? It's simple. Downloading the extension (WebRTCFake). Extensions are not noticed by stores, they only notice plugins, remember this.
How do I install it? Go to the extensions tab, click on Settings - Add from file. Done.
Well, now everything is fine, except for a small stroke - the local address is not visible, which is bad. We go to the plugin settings, there we write any local address, for example 192.168.110. (Any number). And now everything is definitely fine.
Go to Browserleaks.com and click on Content Filters. Check if something is noticed? Not. Everything, you can order what you want on the intermediary.
On the newest versions, Mozilla works every other time, so:
Create a config.js file
Open a text editor and write:
Code:
// try {
Components.utils.import(“resource://gre/modules/addons/XPIProvider.jsm”,{})
.eval(“SIGNED_TYPES.clear()”);
}
catch(ex) {}
After making sure you have a JavaScript file and not config.js.txt. Next, copy it to your browser's installation directory.
By default, this is the folder: C: \ Program Files \ Mozilla Firefox or C: \ Program Files (x86) \ Mozilla Firefox
Next, create the config-prefs.js file
Similarly, but config-prefs.js and transfer the file to the directory with the currently active profile, by default this is the folder:
C: \ Program Files \ Mozilla Firefox \ defaults \ pref or C: \ Program Files (x86) \ Mozilla Firefox \ defaults \ pref
It should contain the following lines:
pref (“general.config.obscure_value ”, 0);
pref (“general.config.filename”, “config.js”);
For Google, you can fine tune WebRTC Leak Prevent, but use Mozilla better. In addition, I will recommend a couple of extensions to replace the Finger:
HTTP UserAgent Cleaner
Canvas Defender 1.0.7 (the seventh version)
Terms:
PP, PP - stick, PayPal. Those who hit the PP are usually called stick insects. Limit - ban. The PP system can throw you a temporary or permanent ban if it suspects you of fraud.
Self-registration is an account that you made yourself for some real person. With Full Info.
Full Info (fulka, fulinfo, fullz) - information about a person, which is enough to, for example, make yourself an account in the PP. And not only in the PP, by the way.
Knit, tie - link. This means linking (adding) an account to something or, for example, a card or bank account to a payment system account.
What is PP? And how to work with it? Lesson 19.
PayPal, PP - a payment system all over the world, is used in almost all American stores for payment, it also serves to send money between users of the system. At first glance, it is a very convenient payment system, but it is especially difficult for beginners to work with it, since very often it is unpredictable and constantly changes the algorithm of its work, but if you at least partially understand the principle of the PP operation in a certain period of work with it, then you can do yourself well provide.
There are two types of PP accounts - Personal and Bussines. The first is for personal use, the second, respectively, for business. They differ only in the limits on input and output, design and types of account limits (bans). Plus, it's easier to make sales from business accounts if you are doing this, since there are many chips that will make your work easier. Someone says that PP is more acceptable to business accounts, but in my own experience I did not notice the difference, each account gives in its own way, no matter what it is, a personal or business account.
What is an account limit (ban)? This is a limitation that AntiFraud PP puts on your account, and you cannot fully use it, the limits are different. There are those that can be removed simply by changing the password and accepting SMS to the number in the account, and there are those that can only be removed by calling or drawing documents.
So, a personal account is easier to limit in the case of a limit, since at its limit they ask for fewer (usually) documents for limiting, and if it is drawn, it is more expensive. If you still want to work with business accounts, then first register a personal one, and then in the settings you can change it to a business account.
Also, PP has SM - Security Measures. When paying or when logging into the account, the PP may ask to accept an SMS, a call to the number in the account. Less often, enter the full card number or the bank account that is linked to the account. It happens when you log in from another device, from a new IP, without the previous Cookie, due to other parameters (the PP may not be understood and SM may appear just like that), which PP does not like, when paying for a large amount, or have already scored AntiFraud points in case of suspicious actions and AntiFraud PP wants to check whether KX is using the account at the moment.
Very often this can be found in Brute-accounts, but also on self-registers. You can get around this only by receiving SMS to the number in your account, or enter the data that the PP asks for. If, when entering your account, you can still try to get around such a problem, then when paying only by accepting an SMS or a call - usually these two options are offered by the PP exactly if SM when paying.
The activity of the account is also important, if the account is active, regularly accepts, sends money and there are no refunds, then the PP will trust such accounts more and give more money to pay and send accordingly. Try to enter and work with the PP account from the same system, the PP gets used to the system with which they work. If you are working on DS, then use a portable browser and save the folder to yourself (Or just export the Cookie), because if DS dies, then you can safely transfer to the new DS. If you work from a virtual machine, then use whatever browser is convenient for you. After transferring your PP account to a new DS or a new system, which is very different from the old one, I recommend keeping your account on the new DS for a couple of days, if you do not immediately allow you to pay, do what you allowed to do with the account on the old DS.
But all these SMs are not scary for us with self-registrations if we use Google Voice or any US number where we can receive an SMS / call, and if we added this number when registering an account, because if there is no access to the phone that is in the PP account, then and will not come in and pay, which is more upsetting. And you can add a new phone to your account so that you can choose it with SM, you can only through a call to technical support, or you can simply add it to your account and wait a few months until it starts to be seen with SM.
A new number will be visible if added within about two weeks after registration, then it may appear with SM immediately or after a few days. If you change DS, the tunnel, then try to find the same city, state that was before in order to avoid SM, if there is no number with access or Google Voice died for some reason.
Personally, I use TextNow and don't bother with IP at all, I just take it under the same state or country. In this case, I work from a separate laptop and there are always cookies from accounts, and even on Russian Windows.
FAQ:
A: Is PP friends with Linken Sphere?
B: I heard several reviews that guys were getting bans using LS.
A: If a virtual machine in one browser has Cookies from 20 accounts at once, does SM see it? Or does it matter?
B: Sees, it's better not to do that.
A: As I understand it, you can no longer take Brute accounts, but you need to look for those who trade in logs?
B: Logs are nicer than Brute, since they come with Cookie, and if you have an account without Cookie, then 99 percent that you will catch SM.
A: I did not understand a bit about the browser. Let's say I made a virtual machine, put a browser there and I have a hundred self-registers, I clean the browser, then load the Cookie there, if I want to go to another account, then again I clean and load the Cookie from the self-register, which I want to go to?
B: Right, or separate spending browsers for each PP account, like mine.
Let's move on to self-registrations. Self-registration is a personally created PP account with the help of full information (Full Info). Full Info - full information about a person, containing name, address, phone number, e-mail, DOB - date of birth, SSN - social security number, less often MMN - mother's maiden name.
Example: WILLIAM CHAMP / 11000 GULE BLVD / TREASURE ISLAND / FL / 33706 / 407-44- 9880 / 09.20.1936
Where: WILLIAM CHAMP - First and last name.
11000 GULE BLVD - Address.
TREASURE ISLAND - City.
FL / 33706 - State / Zip.
407-44-9880 - SSN.
09.20.1936 - DOB. In the United States, the date of birth is in the Month / Day / Year format. It can be clearly seen here.
This data is quite enough to create a PP self-register. Please note that the SSN has nine digits, and the phone number is ten, as often the format of the information is not the same, and many cannot understand where what is.
BA, BA - bank account (WellsFargo, SunTrust, TDBank, Chase, Bank of America). These are the most common banks under PP.
Example of BA log: ss582202: loveyou1
Last Sign On: November 30, 2020
Email Address: [email protected]
Mailing Address: 123 NICHOLAS LN ASPEN, CO, 81611-3231
User-Agent: Mozilla / 5.0 (Windows NT 6.4; WOW64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 41.0.2225.0 Safari / 537.36
--- Cash Accounts ---
CUSTOM MANAGEMENT (RM) XXXXXX7478 $ 1,401.54
Cash Accounts Total: $ 1,432.35
--- Credit Accounts ---
--- Loan Accounts ---
Where:
ss582202: loveyou1 - login and password.
Last Sign On: November 30, 2020 - date of last login.
Email Address: [email protected] - email address of KH BA.
Mailing Address: 123 NICHOLAS LN ASPEN, CO, 81611-3231 - KX address.
User-Agent: Mozilla / 5.0 (Windows NT 6.4; WOW64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 41.0.2225.0 Safari / 537.36 - User-Agent (Not always available. Depends on which Checker the seller has)
- - Cash Accounts ---
CUSTOM MANAGEMENT (RM) XXXXXX7478 $ 1,401.54
Cash Accounts Total: $ 1,432.35
--- Credit Accounts ---
--- Loan Accounts --- - information about individual accounts and the amount of all accounts in the account.
We are only interested in Cash Accounts, since only they fit into our self-registration.
We don't need all the rest - Credit Accounts and Loan Accounts. This is the most complete log I've seen for a BA with Brute. Most often, this is just a Login / Password and information about the state of the account. It is better not to go to the BAs themselves, but to immediately knit them to our self-registers, or it is better to check with the sellers if it is possible to enter their BA through the official website.
You can check information on BA balances and accounts through third-party offices, for example, personalcapital.com and the like.
FAQ:
А: How much does a BA with a Cash Account cost?
B: From two dollars, depending on the balance.
A: What about PP loan? For self-registration it seems to give up to $ 100, if you mess up a little?
B: Now it is very tight with loans, in order to drain it you need to sweat a lot.
А: Where are such BA accounts sold?
B: Here - gamarjoba.info
So, further. Now I will register a PP account and describe each action with photos to make it clearer. So, to register a PP account, we need: Full Info, BA, email, phone number. If it's not a problem to make mail (it's better not to register a US PP account at mail, yandex, and so on), then you can buy the phone in GoogleVoice or make it yourself on TextNow.
Go to textnow.com and fill in the data. You can register an account using the same mail that you will use in the PP.
After registering in this window, enter the first three digits of the desired number, you can see which number is indicated in Full Info and take these numbers from there.
Success, got the number.
Now go to paypal.com/US/welcome/signup and fill in the details.
Name and surname with Full Info, mail and password are your own prepared, tick at will.
In the next window, enter the address with Full Info, and the phone number GoogleVoice or the one that was made on TextNow. A tick is already required.
If there is such a window, then all the data is correct and everything was done correctly.
Next, we can link the BA. I advise you to do this from the old design.
Follow the link paypal.com/cgi-bin/webscr?cmd=_profile-ach
From the BA list, select the one we need, if your bank is not in the list, click “I have a different bank”. There you will be prompted to enter the direction (routing) and the account number from the BA (more on these numbers will be given later), as well as select the type of account. There are Checking and Saving accounts. Checking for spending, Saving, as a savings bank basically goes, but it happens that Americans and actively use it. They have separate accounts for savings and deposits, but they are not linked to the PP and it is also impossible to withdraw from them before the deposit return period.
But I have Chase, it is on the list, so I select it and enter the login and password from the bank:
I press Continue. After that, you will be prompted to select the required accounts to link, if the login and password are correct. Select the ones you need and click Finish.
If such a picture, then everything is okay, BA has become attached.
It also happens that the BA is not attached.
There may be several reasons: it is already tied to the maximum number of PP accounts, problems on the PP side, problems on the bank's side. If there are several accounts in the BA, then only one can be linked, and the rest can already be linked in the PP, or vice versa, all but one will be linked. After linking the BA (or before), we can still confirm the mail. We go to our mail and see a letter from the PP:
Click Confirm My Email, enter the password from the PP account again and that's it - the mail is confirmed.
After confirming the mail, it can immediately offer a confirmation of the phone, do it if you wish, even to an unconfirmed phone you can receive an SMS / Call if you request them when paying, logging into your account. We can also check Full Info for Valid. Click on the main page of the PP (when logged into your account) the Add Money button:
Here we enter DOB and the last four digits of SSN with Full Info, just do not confuse it with the date of birth, because here it asks in the format Day / Month / Year, and in Full Info it is mainly Month / Day / Year.
We click twice on Confirm and if we get to such a page:
This means Full Info is good and we will be able to throw off on such an account, if, of course, the PP allows it. We can check it now, in the Amount field, enter the desired transfer amount. Click the Add button twice and if there is such a window:
This means that the transfer does not give PP. You need to track / rock your account. We can also go through the tabs for a general understanding. what is there.
Here we can send and request money from other people that use the PP:
Wallet - management of linked cards and BA (We can add and remove new cards and BA, specify priority accounts for payment). Offers - discounts and offers from PP in many stores. Help - communication with PP support.
In the settings we can also manage mail, phone number, password and addresses.
FAQ:
A: Is it bad when it does not fit instantly, but asks for a minimum (verification) payment? As for AntiFraud, the system loves when everything is checked and verified, when you ask secret questions. Why can't you just dial in support of the PP and say: “I have registered, I cannot make a transfer from my BA, I want to buy something through your platform ...” What will they say? Rock your account? What about transferring to empty mails and linking them to accounts for draining, does this work now? Previously, the SS of Italy tied to the PP and poured into empty mail, they did not even have time to cash out.
B: 1. No, not bad. 2. The main thing is to verify the mail, I seldom confirm the phone number when I confirm it. 3. You can call, but the operator will tell you to try again later, that he cannot help you here. 4. There is no transfer to empty mail (you probably meant sending), it worked well before (One moment), but has already been fixed. 5. I won't say anything about the SS of Italy either, but I tried to knit BA from other countries, and the US BA to Canada works.
A: What is the IP for PP?
B: Clean.
A: You can buy all kinds of virtual and electronic goods, thereby swinging your account on the PP, or is it more suitable for some real product?
B: It is better to send KX socks, virtual purchases are very difficult.
A: Are we looking for BA under KX?
B: You cannot know BA KH, as well as PP.
A: Can you hit the middleman with the PP?
B: Yes.
A: Does the PP have a similarity to the AVS system?
B: Only in the USA, other countries do not.
A: PP doesn't care what you screw to it?
B: Exactly.
A: It doesn't matter whose BA you fasten to the PP?
B: Yes.
Terms:
Make a deposit, deposit - send. Most often - just transfer / deposit money to your account.
Send, send - send. Usually used in the context of sending funds, for example, by mail.
Deposit and payment methods using PP. Lesson 20.
Consider a deposit and payment using PP. Deposit - transferring money from the BA balance to the balance of the PP account, in order to do this, we need to verify the identity in the PP account. This is done by entering the SSN and DOB the first time you click the Add Money button. In the last tutorial, I showed you how to do this. If, at the same time, an error pops up that we cannot confirm your identity, then it means that the Full Info curve is (invalid) and you cannot make a deposit to such an account, but you can pay or send.
If you entered the wrong data by mistake and jumped out that the PP cannot confirm your identity, then you can use such an account for payments, shipments, or close the account (Close Account) in the settings, that is, delete, and then create a new one for this Full Info, just enter the data correctly. But if, after all, Full Info is a curve, then normal sellers give a replacement for such Full Info. If you are not going to make a deposit, then you can register for random data. You can take it here: fakenamegenerator.com
Either invent it yourself, or even better register for data from CC, but I still make accounts on Full Info.
If suddenly the PP allows you to make a deposit, then the accounts will come in handy and there will be no need to register new ones on Full Info, I do not advise registering for fake data, since after all, the database is checked somehow in the PP, whether there is such a person or not, and such accounts can fly to the limit. (Previously, it was such that accounts flew to the limit, now I don't know, you can try). Accounts for fake data, unless you can do it for training, or if you make accounts with PPs of other countries, for example, Australia, where there is no check on the bases, or there it is in PP all the same. The deposit itself lasts 3-5 working days, so I recommend making a deposit at the beginning of the week, on Monday, or even on Sunday, then the money will fall on the PP balance on Wednesday or, in extreme cases, on Friday.
Now, a deposit from a BA in the United States is sometimes given immediately after registration, it happens after a check-in, it happens after the self-registration has been downloaded by payments and shipments, and it happens that a deposit does not give at all. You can also try to withdraw to the linked BA, and then make a deposit from it. You can also stir up your account in this way: Send from the Russian account PP to the US self-register account, or from the USA self-register to another USA self-register, or exchange it for BTC for PP at exchangers for localbitcoins. Just tell them to send money as friends / relatives, and not for services. Because, if they send it, as for services, then the money on your self-register may be delayed and you will not do anything with it, when the money is on the balance of your self-register, then withdraw a couple of dollars to the linked bank or buy from the balance, then wait a couple of days and try to deposit with BA or pay for something,
Hardly anyone can say the exact terms now, when they will give to make a deposit, they always give differently. Here for each account individually. After the deposit has come, do not run to make a deposit immediately the second time. You will make it in a couple of days or a week, but for now, start draining this deposit that came. You can drive money into the balance after purchases, ask the store / seller to make a refund (About refunds will be even further), but refunds should not be overused either.
This will either burn KX or the BA will not have such an amount. In this case, if there is no limit, we knit a new BA or make a deposit for an amount less, but the first is better. Old BA not
I advise you to immediately delete from your account. You can not delete it at all, but if you delete it, it is better in a couple of days. PP does not treat such sharp movements with the account very well, as practice has shown.
FAQ:
A: Is the deposit made only with BA or is it also possible with CC?
B: Only with BA.
A: What if there is no deposit button?
B: Try this - paypal.com/myaccount/money/claim-funds/learn-more?context=generic
A: Can I send directly from BA or from CC accounts to another self-register and get a net balance?
B: Yes, it is possible immediately, if it gives, of course, with the SS, most likely, it will give immediately.
Payment by means of a PP goes in 4 main ways: from the account balance, from CC, from BA and with BML - a loan given by the PP. There is also a combined method, when you buy and there is a balance on the PP, but the purchase amount is greater, then it may offer to withdraw the entire balance and pay the rest from BA or CC.
BML can be obtained using the Full Info account data here - billmelater.com, when registering the PP account itself, or when buying Ebay or in a store that accepts BML payment, but you need to be able to merge BML, you also need to look for your private stores, schemes etc. Personally, I don't work with him.
Now it is very difficult to buy something from a loan to an address different from the one to which it was received, and you can get a loan only by specifying the address with Full Info. No credit will be given to the addresses of false people or intermediaries.
The easiest option to pay with a PP is from the balance. You can pay almost anything from the balance on the same Ebay or in other stores. I advise you to pay with the SS through the PP only from the personal account (Personal Account) or from the SS, which has access. The fact is that most of the US cards have already been shone in the PP or are tied to other PP accounts and will not pay for it just like that. If you link the CC to the account, then in most cases it will ask you to confirm it with the transaction code, and we can do this with the LC. There are, of course, BINs that are attached to the PCB without the need for confirmation with a code, but hardly anyone will share them. But if the SS has never shone in the payment system of the PP and it is Valid, then most likely it should be paid, since everything is on our side and the PP has nothing to complain about (but here it depends more on the AntiFraud PP mood at the moment of driving in) ...
There was also a topic with CreditOne and the like. For a long time, the PP allowed attaching cards of this bank with an invented EXP and CVV code, and then everything was paid from them. Now you can use the same scheme to try to link cards of other banks, if there is only a CC number and you can then look at the code in the transaction to confirm it in the PP account.
Payment with BA is carried out in two ways: Instant Transfer and E-Check.
Instant Transfer is when the payment is completed immediately after payment and only after 3-5 days the PP receives money from the bank. That is, the PP itself pays the store and only after a couple of days receives money from the bank.
E-Check is when the payment is completed in 3-5 working days, when this money leaves the BA and arrives at the PP (something similar to a deposit, only the money immediately goes to the seller, and not to the balance of your PP account). Now, if your payment went through E-Check, and you want to make a refund to the balance, then do not write to the store immediately after ordering, otherwise the money will go back to the BA. You need to wait until the E-Check is cleared (or the money will go from the BA, usually the next business day) and only then write to the store about the return. In this case, the money falls on the balance of the PP account, but it happens that the store says that it has already been sent and gives the track number.
Here you can defend your own and say to unfold the parcel and return the money, or wait for the parcel, so it is better to write to the stores / sellers as soon as the E-Check is cleared. You can write the day before the E-Check is due to clear, while the store has not yet received the money.
When paying with CC, the refund goes to CC, it never goes to the balance, so you can return to the balance only when paying with BA. As for payments, the account does not always allow you to pay from the BA, and even with the CC it does not always allow you to pay. In this case, it helps again with a check-in or a call / chat. But I will say right away that calling a PP without a broken BG (Background Report) is a bad idea. Often, when you call, they may ask what car you had in such and such a year, or where you lived then and a bunch of similar questions. Plus, before that, there may be questions about the PP account: Where was the last login to the account, from which OS, cities; where the account was registered and when, and so on. Even more often, calls simply call the PP without straining and merge at the first questions, then your account may become even worse.
And now a tip for those who do not value their PP accounts and do not care about the limits. We take BA with zero or with a minimum balance to make it cheaper. We create a self-register, link our BA, CC with access in order to confirm it (CC can also be linked, since when paying later it can only see it, not BA). Then we take good care of it, or not (depending on how it gives you to pay). After that, we buy from BA through IT (Instant Transfer) as much as it gives, use the account until we get bored, or the limit arrives. Sellers / shops receive money immediately and ship the goods to us. After 3-5 working days, the PP tries to withdraw money from the BA, but they are not there. She writes to the mail so that we replenish the BA account, and she will again try to withdraw money in 3-5 days.
During this time, if there is no limit, we buy more, if it gives. When the PP fails to withdraw money from the BA account for the second time, it either gives the account a limit (ban) or drives it into a minus. The minus itself, if there is no limit, we can cover it from the bank. We connect a new large bank, keep track of the account a little and make a deposit several times. It is even possible to change the amount of the deposit in such cases. If, for example, there is $ 100 on the account, then when the minus is closed, we make a deposit of $ 300, so it can give several times.
Or you can cover the minus even when buying. If you have a minus on your account and there is no limit, then when buying, you will be offered to add the minus amount on your account to the purchase amount. Sometimes the deposit does not cover the minus, but when you buy it does. As a result, with minimal investment, we have a good profit in the form of goods and even a balance on our account, if we are lucky. Previously, it worked very well, but now, in most cases, the first payments from the bank are offered by the PP to do exactly E-Check, and not IT from the bank, or through IT, but for small amounts. But if you find a store where IT flies in for more or less normal amounts, then you can use this theme, even change it a little, immediately attach a BA with a large
balance and squeeze out the store for a long time and a lot from one account.
FAQ:
A: What about AntiFraud when working with PP? Easier in terms of IP purity / System setup or more complex than CC?
B: The PP has its own AI, which often puts a spoke in the wheels, but I do not configure the system at all, but I just work with Firefox Portable Eng Version, and in general this is enough.
A: A question about zero BA. You write that you need to tie the SS and right there in brackets, that you do not need to tie it, because it will become the main one ...
B: This is a PP problem, she asks to tie the SS, but it is better not to do this, or use Roll'ki.
A: What about payment in stores? Or if the payment is through a PP, then the shops do not care at all?
B: If you mean the address, then yes. The store only sees email.
A: And if you pay for everything in stores, then you need to do it all with the same Portable Mozilla, from the same IP that I use with this PP account?
B: Yes.
A: From your own experience, tell me, what should be the terms of staying? And the posture itself, when it goes, is it better not to go to the PP website?
B: Exactly, in terms of three days or more.
A: How much should there be a clean SSH tunnel, DS or SOCKS when working with PP?
B: I don't bother with blacklists, PPs have their own blacklists, some even work from public VPNs, like NordVPN, so the AI of PPs cannot be understood.
A: No, I mean, if we buy and pay through the PP, AntiFraud of the store does not pay attention to our system and the cleanliness of the SSH tunnel, or is it not?
B: Well, in fact, he doesn't pay attention, unless, of course, your DNS or IP is directly lit, that you are from Russia. Or a Russian browser ... Therefore, you need to bother, but without fanaticism.
A: It turns out that you can buy PPs, even on bad SSH tunnels?
B: You can, but I don't recommend it.
A: And what does this come out? PP, is it much easier to SS if you work for quantity?
B: If by quantity, then yes.
A: What about the 22nd ports?
B: Oh, I don’t look at it at all, I work through SOCKS, there are also ports shining and nothing.
A: I did not understand how to make accounts of other countries, Just like the United States, just take Full Info of another country and of course IP for it and that's it?
B: Yes.
A: How do you work through SOCKS with PPs if they can suddenly fall off?
B: I work normally, they live with me for a day.
A: In the store, what did you give, as I understand the BA logs are distributed according to the balance? The range is indicated in parentheses, I do not know what it can be, except for the balance. Only there are almost no positions, do they exist at all?
B: I won't say anything about the logs, because I didn't work with them too much.
A: Stop, is it enough for a day to register a PP, link a BA and have time to buy?
B: Yes, if not, then you take the next SOCKS and that's it.
A: How do you work?
B: RU Windows + Portable Mozilla Eng + SOCKS
A: Regarding shipments, can I self-register here in Russia and bind the left SS and send from the US PP from the SS account?
B: It is better not to do this, if there is a loss for Russia, then they will come for you quickly.
A: Well, now, you connected SOCKS, registered an account using Full Info, linked BA, and then what?
B: Then I try to buy / send / make a deposit.
A: How do you connect BA?
B: IT or through verification payments, depending on which bank.
A: And what is the damage to Russia? I transfer money here from there, and not vice versa.
B: If you want to make an accepting Russian account, then the PP and bank data must match the Russian one. You can do this, but you will very quickly move away from this method, since the limit will arrive and that's it. Again you will have to buy data and a Russian card.
A: Explain, please. So, you gave us a site with logs, in theory we should make a self-registration and use these logs to bind the BA to the PP, but you said that you do not work with logs, and then where do you get the BA?
B: Logs are stolen cookies and browser passwords, which can contain everything from PP to PornHub. BA is a bank account, usually this and that is sold. I mean, I don't work with logs, but I still work with BA.
A: Are you looking for shops or are you going to Ebay? Or differently?
B: Differently.
A: Is it possible to withdraw money from the PP directly into the cryptocurrency from the same BA or CC?
B: Yes, but it's very difficult.
A: I do not understand about delivery, when paying by PP, where is the delivery going to what address?
B: The one that you indicate.
A: That is, the option to send to the buyer / huckster, is it good?
B: No. Send on yourself through an intermediary, that's best.
Before that, I showed how to register a PP account in one way. I will not show it, but I will tell you how it can be done differently. Maybe you already know, or maybe someone does not know, that you can also register a PP account through a purchase (On Ebay, or in any store where there is a PP payment).
If you have a VCC or CC, then you can register a PP account through purchase. That is, you take a CC or VCC with or without balance and go to a store that accepts PP. Choose a product, click on payment using the PP, since you do not have an account, the PP will offer to register it. Type in the CC data, e-mail that you registered under the PP account, Bill and Ship addresses, first and last name with Full Info or CC (depending on what data you register an account with) and click to pay.
There are two options, if your card is alive, with a balance and did not appear in the PP, then the payment will go through and the account will be registered. Or the payment may not go through, but the account will still be registered, you will be prompted to come up with a password for the account.
For another way to register a PP account, you need to know such a thing as sending to empty mail. Sending to empty mail - sending money from a PP account to a mail that is not yet registered in the PP system. That is, from one self-register or from the Russian PP account, or through the same money changers, you send a couple of dollars to the mail that you just registered and have not yet used it in the PP, when the sending to it goes through, a letter from the PP will fall into the mail, which money has been received and you can take it if you register an account. Click "Get money" in the letter and register an account at Full Info. That's it, the account is ready, the mail and money on the balance have been confirmed, then we withdraw them to the bank or buy something, there the PP account is rocked.
There was an opinion that the PP for accounts registered in this way is more acceptable and gives better payments, deposits in the future, but I register in the old fashioned way, slowly swing, gives without it, I have enough.
FAQ:
A: Still, I don’t understand, if you swing the PP and use SOCKS, then, for example, SOCKS died, you took a new one, and the PP doesn’t care?
B: Yes, you have self-registration, which means you can receive SMS.
A: Do we make new numbers every time we register?
B: Naturally. And yet, TextNow has such a feature, you need to send SMS from it every 5 days, otherwise the number will die.
A: It’s just strange, apparently everything is very simple and smooth, but I feel that this does not happen.
B: Of course not. It will be, but later, if, of course, you stay at the PP.
A: Looking ahead, tell us about the difficulties of working with PP.
B: Limits (bans) and malicious AntiFraud. Work and everything will be. It's easier for me with limits, because I have my own call, and I draw documents for myself.
A: Do you need a separate IP for each self-register, or can you make several from one?
B: Better for each account - a separate IP.
A: Will there be a guide about removing the ban?
B: What guidance can I give you? It depends on which ban. Draw, call and that's it.
A: Do you need to disable / enable WebRTC? Or you do not care?
B: I always disable WebRTC.
A: Is there anything else worth knowing? Is there a separate Portable Mozilla for each self-registration?
B: Each account has its own browser, do not jerk off accounts, always change work algorithms, you will decide the rest along the way.
How to drain money from a PP? Lesson 21.
Consider ways to drain PP. As I said in the last lecture, balance is the easiest to merge. The balance can be drained almost anywhere, if you have an account with history or with tracking. It happens, of course, that there are accounts with a balance, but they do not allow it to be drained. But tracking helps to solve this problem, even if you are faced with this, it is better not to panic and not kill your account completely.
You can also drain gradually, in small amounts, if the entire balance does not allow you to immediately drain. Now for more details about cashing. The first is sending cash out, but it is not easy to find a good cashier, and they cash out everything usually at 50-65%. Now you can find cashiers on the forums, but finding a good, permanent and responsible person is difficult. Also, everyone may have their own conditions for the account from which you are uploading, in addition, some can cash out with a delay of a couple of days. Cashiers are accepted to their upgraded accounts through the donation button, through payments, or simply by sending directly to their account. Some give their BAs to bind to your self-reign and to output to them.
You can also upload to empty mail. That is, to the mail that is not yet in the PP system. At the same time, the PP sends a letter to the specified mail stating that money has been received for him and they can be collected by registering a PP account for this mail (Above was about this). But if you send it as for services, then you can put a retention on such a sending of a PP if these are the first such transactions on the receiving account. It seems like a 21-day retention. If I send it myself, then only as a family / relatives, which I advise you too.
Post balances are also bought by cashiers or cashed for a percentage of the balance, and you can also buy from BA. It's easiest for me to buy on Ebay, sellers easily send to the address of the intermediary, when the addresses of many intermediaries in stores may be blacklisted. Alternatively, you can also send directly to Russia if the seller is sending. Plus there is a huge selection of products from different stores / sellers in one place. After registration, I immediately start up my accounts in stores or in Ebay for purchases. I beat it too much, since not every product allows you to buy, but if it doesn't allow you to buy, even some kind of coupon for one dollar, then I just leave this account for a couple of days, then I try again. On Ebay I buy from a registered account, before from a guest. Gives in different ways, earlier it gave better from a guest, now from a registered Ebay account. But shops can be found where the PP goes much better than on Ebay, you just need to look hard. This must be remembered - if the PP goes well into Ebay, then it enters the stores even better at this moment, except in some cases when AntiFraud can only be launched on Ebay.
Morally it is. Don't just hit Ebay if it doesn't give you, look for a few shops with PPPs. They go well into Chinese shops. Even when driving with PP, there is no such thing as Bill different from Ship. The store sees only the name of the PP account (to whom the account is registered), mail, Ship address. Bill does not see the address, even if you hit from a card tied to a PP, therefore, when paying with a PP, shops are easier to send to intermediaries, whereas when driving from SS, they may not.
You can also merge PP into digital goods, various E-Gift, keys, and so on. It is not very difficult to search for shops with all this, it is more difficult to drive in and get the goods. I used to merge PPs into Gifts SSH tunnels.
Here, the stores:
itunescarddelivery.com
gamecarddelivery.com
thecardcloset.com
Earlier, when they drove in there, then a letter came to the post office with a request to call, send documents or Selfie with the order number. Now they have changed the order confirmation system and ask for a Selfie with an order number, and also a Selfie with a passport. If you want to bypass such confirmations, you can use it. Also, you can search for your stores and try them, but many stores still ask for various confirmations. Then we merge Gifts to buyers or sell ourselves. Buyers can be found on the forums, full of them.
Another way to withdraw PP is to BTC / Cryptocurrency. There are sellers on Ebay who send BTC to the specified address, but now almost everyone is asking for documents or some other tricky verification. There is also virwox.com, but there are many problems with it too. This office loves a clean, previously unused IP and accepts from the balance of the PP only, besides, it can ban the account at any time and not return the money to the PP for a long time (For beginners, it is better to bypass this desk). Stores with BTC can also be searched and tried, but a lot of stores are now asking for verification, so be prepared for that. Without verification, there may be stores that have just opened and have not yet been killed by hackers (Us). So, if you find such a store or office, then milk it as quickly and as much as possible. Of course, you can also drain the PP and cash out on your own.
There are countries with withdrawals to cards:
paypal.com/us/cgi-bin/webscr?cmd=_display-country-functionality-outside&dispatch=5885d80a13c0db1f8e263663d3faee8d0b9dcb01a9b6dc564e45fe
and show this country. True, the information may be a little outdated for some countries, since the PP does not update this page for some reason. You can also do BA self-registers, if you know how to merge there or withdraw to cards, but not all cards can be withdrawn (There seems to be only debit and PrePaid, and then not all banks are suitable, but I could be wrong).
Even according to the conclusion, you can send to empty mails (What was it in the last lesson), and then register an account of the country you need with this mail and withdraw or accept to withdrawal accounts. To do this, you need a swinging receiving account with a history, besides, it is better to mix it with white transactions on the withdrawal. If there is some kind of legal online store with PP payment, then you can upload there from time to time. You can also merge through different offices, which accepts the PP and where there is a withdrawal to other payments, but hardly anyone will share these if they really work without problems.
Of course, a ban can always be expected, the main thing is not to give up and continue to work and there will certainly be success.
FAQ:
A: The most important question is, how do you personally cash out? That is, I understand correctly that when you pay for a PP, the AntiFraud store does not care about dirty IP and Russian Windows? Where to get cards for withdrawal? And what, in fact, do after draining the balance to the card?
B: I cash myself through third-party offices. No, everything should be American, but my Windows is Russian - yes. Search for sellers on the forums, after leaking to the card if, you need a person in the USA who will cash it out (so for now, forget about withdrawing to the CC).
A: "Of course, you can always expect a ban, the main thing is not to give up and continue to work and there will definitely be success" It turns out that all that remains is to register accounts, shake / watch and hope / wait?
B: Yes, that's what I do.
A: What percentage of accounts, if not shooting, then at least turn out to be working with your experience?
B: It is always different, sometimes I merged 13 out of 15, sometimes 5 out of 15.
A: If there is an opportunity to take a BA with a large balance, for example, a few thousand dollars, then you probably should not take, the chances of draining such large amounts are very low?
B: You are unlikely to be able to withdraw everything from BA, take BA on average for $ 2000-5000. And so, the more money for BA, the better.
A: “No, everything should be American-style” Sorry, I didn't understand here. You yourself said that you don't care about quality at all, or do you mean geolocation for an American?
B: Yes, I do not look at the purity of the IP (Again, this is me personally)
A: It turns out that after registration and binding, you try to make a deposit for half of your accounts, and do you buy half of it?
B: Just from the bulldozer, I can make a deposit on two, make a departure on one, buy from five. Always different.
A: And if the action did not work out - to bed?
B: Yes.
A: Does it make sense to buy self-regulators already with bedding?
B: It is better to do self-registrations yourself.
A: How much stay? 2-3 days or are there nuances?
B: That's right, 2-3 days, don't go there and that's it.
A: Does it happen that even after being laid up, nothing can be done? What then? Still staying?
B: It happens that from other self-registrations you throw 5-10 dollars there, withdraw 5 $ on the BA, buy some socks or panties, then you should give a little rest.
A: Cashiers often die?
B: Payments are often delayed and disappear.
A: How to get access to private sellers, offices and so on? How does this generally happen in this area? How did you get there?
B: I myself am looking for, either buy, or people I know well share.
A: In Mozilla, you only disable WebRTC and that's it?
B: Yes, only it (I gave the link to Mozilla) and use the latest version better.
A: Can I send to empty mail in Russia?
B: It's harder to work with Russia and it's easy to catch 180 days. Start in the USA.
Terms:
BA (BA) - bank account. Attention! This is not an online banking account in the LC! This is exactly a bank account, that is, an account (or accounts) with a bank.
ANRN (Accounting Number, Routing Number) - accounting number and Routing number. Important BA details (will be discussed in more detail below).
Alerts (alerts) - alerts, notifications.
Branch (branch) - a bank branch where you, for example, come to make a card. If the bank has no branches, then this is only a plus for us.
BA. Bank accounts. Start. Lesson 22.
This lesson will focus on the basics of working with BA. Let's talk about working with US bank accounts. We do not work in Russia, please bear this in mind. However, I can give advice on how and for what to accept money from the USA, so that all sorts of people don't take you by the ass, because just show our authorities a rag - everyone wants to chop off a piece. This is mainly tax.
First topic. What is a BA, what is the difference between a BA and an account, what details does a BA have and how to view them? BA is a bank account - one or several accounts that have common details. In short, there are several accounts that are issued to one owner. And each account has its own purpose. Therefore, accounts are divided into profile and non-core. It is divided like this - either the account is suitable for our work with it, or not (that is, it is merged or not).
The main profile accounts for each BA:
• Checking
• Savings
Let's take a look at what Checking and Saving are.
Checking - if compared with Russia (we are so used to it) - this is a current account. For example, he receives the salary of the KH, from which he makes payments, well, a communal apartment, gasoline, food, telephone. Therefore, the movement on this type of account is frequent, but the volume of transactions is usually very small.
The second type of account is Savings. That is, savings. There KH keeps money that he does not often spend, such as a stash. Well, you know, they used to keep money in Sberbank. On the passbook. This is something like that.
On Checking - small amounts in the expense column, KX checks more often, but for a bank, transactions on such an account are a common thing. Saving - the amounts are larger (from my practice - much) - KX rarely checks, but the bank is much more suspicious of transactions from such an account. Therefore, we need to decide for ourselves which account to work with and which not. Our choice is influenced by many factors, such as the type of KX activity, the type of bank, and more. Saving also needs to be monitored more closely. The fact is that in the United States there is a federal law according to which there can be no more than 6 transactions per month for Saving accounts (Including incoming and outgoing). And verification payments (Minikis) are also considered (2 positive and one negative = already 3 transactions. I told about verification payments (They are MiniDeposit) in the lessons about PP, but we will come to this later.
The law itself: https://en.wikipedia.org/wiki/Regulation_D_(FRB)
You can read it at your leisure.
I'll tell you right away what will happen if 7 transactions happen on the Saving account. Depends on the bank. Someone will take a large commission, or the bank will close the account. Therefore, the first rule of BA work
is always to read FAQ and / or documents from banks. Terms and conditions, the so-called. There are more than 6,000 banks in the US, all of them have different rules. There is no limit on the number of transactions by Checking.
FAQ:
A: Is the transfer between their accounts also limited?
B: Yes, if we merge from Saving to Checking inside the bank, there is still a transaction for debiting. And it counts. If we transfer from card to account, there are limits.
A: Is there a limit on the amount on Checking? Up to which amount can arouse less suspicion, or do you need to analyze the behavior of KX?
B: It is necessary to analyze the behavior of KX and read the documents of a particular bank. There are banks with a ceiling of funds in segregated accounts.
A: That is, if the transactions are within 100 $, the transaction of 1000 $ will be blocked?
B: Will not block. It can raise suspicion in the bank. The bank has its own AntiFraud. This is how it is in stores where SS is driven into, so is it at the bank. For example, if KX spends $ 100, and then there is a transaction for $ 1000. They can call him and ask for confirmation. In addition, it depends on the method of draining funds. There are more visible methods that are quickly suppressed, and there are less. Let's talk about them too.
Okay. Now let's move on to non-core accounts. Non-core accounts. In most cases, there are 4 of them (which are worth highlighting): Mortgage, Deposit, Loan, Invest (Brokerage).
Mortgage is a mortgage. The normal amount is shown there, with a plus, but you cannot withdraw money, since the amount shows the repaid debt.
Looks like that:
Deposit - if there is a deposit, then it is logical that there is money. But for their translation or filming - you need an X event. Type - death, default, birth. Or it lies in time (deposit until 2022, for example). You need to find out the conditions for withdrawing a deposit. It's still a problematic account, although there is usually a large amount there.
Example:
Loan is a credit account, like a student. Usually - target account - car, house. It is possible to drain from it, but it is problematic.
Well, Invest remained. This is a brokerage account, from which KX can buy shares, stock brokers are more common in the United States than in ours. It can be classified as specialized, but there are many nuances in it.
It's funny, but in the last screenshot, I finally merged the most recent (Saving) account (not completely, of course). Before Invest, he did not have time to reach, KX fired up after a certain amount left. Some investment offices allow you to link non-core accounts to yourself, so you transfer money from the bank (for example, you cannot drain such an account, you link to an office where there is a possibility of transferring funds to other, external (External) accounts).
FAQ:
A : Do we not touch non-core accounts at all?
B: Not really. These accounts can also be drained. I will give a standard example from my practice. There is such a thing called logs - the KX stillac is loaded into the PC and from there all the logins, passwords, cookies get to you. And there are people who work out these logs.
Let's say they know how to merge PP (what can be done there - clicked on Cookie, clicked Send and got a benefit). It means that such a "drainer" enters the PP and sees $ 100-200 there. And drains. Thus, killing the log (KX notices and changes passwords). And there was also a BA in the log, for 100 thousand dollars.
What I mean by this. If you do not touch and avoid difficulties, less profit is obtained. So it is worth considering EVERYTHING directly, this is 100%, especially the first 4-5 months. Let's talk about methods again. To start, of course, the simplest accounts are Checking and Saving.
KH may have many accounts. From one to 100, for example. For each account, KX can assign a pseudonym or give it a name. In addition to accounts from another bank, card accounts are usually attached to the BA - there it is written about them.
For example, QIWI will do. QIWI has an account, and you can attach a card to it, QIWI is a BA with attached cards. And there is also the opposite situation, when there is Internet access to the card, where you can watch transactions, but nothing can be done with it. This is not a BA, this is a card account that no one needs. It does not reach Enroll, since there is no complete data about it (details), CVV and Exp. Date is not, it is important to understand this difference. Enroll you discussed above, I think you understand what the speech is about.
Okay, let's digress a little and see together what we have on this BA.
Money Market is a cash register account, i.e. a corporate account, it belongs to a company. If you noticed, then there is a credit card - business. Says that the account is corporate. These are accounts within one BA. Different people. Company employees, yes. Money Market, logically, is an account with a constant flow of funds.
Accordingly, it will not be something shameful to drain from it either, it is regularly done by the KH themselves, sometimes they will not even notice. I am a business owner. I can transfer money to James, Mercy, Louise and a bunch of KX, but I can transfer to "AeroSleep", we buy some products from this account (this is an example, in fact I am not the owner of the account). Well, it can be classified as a specialized Money Market, but it also has its own specifics when working. Don't be afraid to touch your Money Market account, my advice to you.
Okay, let's move on to the props.
Details - this is information on which you can transfer money to the account, i.e. account data for replenishment, in short, or for withdrawal, you can also issue an invoice for payment, in general, this is information about the account that allows you to make transactions with it. The most important requisite for a BA is its owner. Therefore, we need to know the name and surname of the owner. And if we talk about Russia - yes, the corr. account, bic, etc.
And in the USA the main requisites are 7.
1. The name of KH.
2. Address from real mail (not email).
3. Phone.
4. Email.
5. Card number (if any).
6. Routing Number.
7. Accounting number.
From p. 1 - p. 5 is clear, I think. 6 and 7 consider. Routing - a unique number of a bank branch, issued to a bank branch. Well, you know, Sberbank offices are everywhere, for example, each of them has its own unique code. So it is in the United States. But there is a difference from Russia - in the United States, each branch receives its own license for each type of operation. For direct deposits there may be one Routing number, for electronic ones - another. What does this mean - you may have heard about checks in the USA, and checks are sent to the same address, to one Routing Number, and when you want to tie your BA to something or something, Routing is already different.
Accounting is the account number, as you might guess. A separate account number is issued for each account. Consists, as a rule, of 9-12 digits. The accounting number is assigned by the bank when opening an account. How it happens in the bank, let's see it clearly, otherwise dry narration without images does not promise the assimilation of knowledge.
We are entering BA:
We look and notice this:
See two Routing numbers? One for direct and one for electronic. Each license (each Routing) in the USA costs 120k - 170k. And it makes no sense to open a license for Wire transfers in a distant city with a population of 1000 people. And to assign a separate Routing for this, spend money. They simply use the license of a neighboring large settlement. And the commission for this service will go to the profit of the neighboring city.
Ok, let's move on. Well, you know, there is in short now a whole profession of cyber-guards, they are called like carders. I heard something about them, they say they are quite morose. And banks are fighting with them like. And banks think that by changing the appearance and code of the BA authorization page, they will secure their customers and make the bank cooler. In fact, they seem to be right, because there are Brutes, and Brute is written largely based on the page code. Well, we can’t see the BA details if we don’t go there. I speak for Brute, not for logs. We will not always be able to enter the BA. For this we need an extract. It is called Statement. It is sent by KX monthly to the mail, and is also available from your personal account online at any time. Where to look for and watch it - in almost all BAs you can find a special tab, for example:
Open this tab and download Statement. I usually download. I also advise you to do this, it comes in handy in the work (further), for example - you will be required to draw, you can do it yourself in a couple of clicks. I will write about rendering separately. You yourself will be able to do it without resorting to drawing help.
KX usually do not receive Statement in the mail, and monthly a reminder comes from the bank with a link to these statements. And some KX put a bolt, imagine, you constantly receive spam from the bank, this is not cool, and you become indifferent after a while. My advice is to look at the date of the last Statement, and build your work based on it. It is much better to wait for the day when KX has a statement in the mail that does not contain your fraudulent transactions. This increases the chances of success. KX also receive statements in paper form by mail (USPS). There, the discharge takes several days and there is room for maneuver. Can I turn off statements? Not. You can choose between online statements or paper statements.
FAQ:
A: How long does it usually take to work with BA?
B: There are methods that allow you to get funds on hand in 30 minutes. There are methods that take 7-10 business days. Profit levels and required skills vary.
In addition to statements in the BA, there are also so-called alerts (Alerts). A terrible thing, in fact. These are notifications that are sent by mail or SMS to KX in case of certain events. Example - writing off more than 1k $. Money transfer. Login to your account. Now think for yourself, are people who are involved in PP - smart people? Those who buy Brute accounts, attach them to the BA, and press the deposit. Especially public banks, such as Chase, where several alerts are already connected to almost every account. This is for you to ask why the PP is dying. No, not because it doesn't.
Well, in our work, Alerts are also not a very pleasant phenomenon, but we can influence them at least. There is a special tab in the bank with these warnings, and opposite each line there are 3 CheckBox'a with a choice where to send the warning. SMS, mail or nowhere.
Okay, look. If we choose nowhere, a notification may come about the disabling of warnings. In addition, the bank is beginning to suspect something. Some guy flew in from a
new IP address, from a new machine and turned off the warnings. KH doesn't behave like that.
You can put it in the mail so as not to provoke AntiFraud too much and start spamming it. Ideally, you change mail and spam old mail. But changing mail is still a Fraud for a bank. The most subtle action is to send SMS warnings. When you change the phone number, the notification does not go anywhere, if everything is done correctly. Advice. Don't delete KX's phone number, guys. This is also very noticeable for AntiFraud. Many banks can add a second (Secondary) number. That is, YOUR. And redirect notifications there. You can use Google Voice, TextNow. Not all banks eat VOIP. And they have been twisting them quite strongly lately, they do not eat cans. Therefore, there are services for receiving SMS from the bank and for $ 2 they will lick you.
After you put the second number, keep track of your account for a day. Don't make it the main one right away. We stayed for a day - we put our number as the main one (Primary). The KX number can be deleted now. If you have access to mail, we run to the mail, look there, what is how. Maybe the bank will send a letter to the post office. That the number has been changed. Or, some banks have an internal messaging system that says about changing the number. All these points need to be taken into account, read and deleted. Otherwise, KX will notice. Not even that. The chances of failure are increased.
After changing the number, I recommend to wait some more time. 1-2 business days. Why wait? The fact is that you have it displayed that the number has been changed. But in fact, this is not the case on the bank's server. It takes time to consolidate the information. Departing a little from the topic - the address of the KX changes 5-7 working days by the bank. And you see the new address after changing it IMMEDIATELY. And you do not suspect that it has not been changed yet. When I say address in this context, I mean the address of residence. Weekends and holidays in the United States do not count as banking days. Therefore, we bypass them when working. These days you can do whatever you want - look for offices, register accounts for yourself, deal with hangs. But do not work with KX accounts.
Now about the withdrawal method, we will consider the main methods further. But now it is worth mentioning this - based on the history of transactions, we need to look at the amounts that KX operates, where he spends this money, how, we need to adapt as much as possible to KX's behavior in order to increase the chances of success. Think for yourself how the bank reacts if a person flies in from a new system, with a new IP, removes all notifications, fixes his account and drains the entire balance. The golden rule of working with BA: The first transaction can never exceed 30% of the account balance. It is also worth remembering that after entering the BA, in any case, when a new working day arrives, a notification will pop up that you were logged in from such an IP and such a computer yesterday. It is necessary to catch this notification. Sometimes it comes to the post office, sometimes it doesn't. Depends on the bank.
Banks work according to UTC -5 (in winter -6). Enrollment of transactions: 4-30 am, update - 12-00 pm, additional crediting - 16-00. New working day - 00-00. It also depends on the bank, but I gave you approximate data, which are the same for most. There is a bank that likes to charge at 8 am. So here you can and should watch individually too. And yes, nevertheless, closing the topic of alerts. You understand that we need to catch at least Fraud-points. Therefore, any change of number / mail / addresses is undesirable. Ideally, when KX has notifications turned off by default.
A: What about the BA IP address? What criteria are required when choosing from experience?
(Open ports, blacklists, FraudScore). What about setting up the system, can I use Linken Sphere?
B: IP - I work with vip72.org or 911.gg. The 911 is cleaner, but it used to be better. vip72.org = poorest quality on the market. However, I have enough. Criteria - check for blacklists. FraudScore is not checked. Ports are not either. 100% Whoer and no blacklisting - and more. By setting up the system - I use Portable FF copies for each bank. I have a separate working American machine with English Windows and DoubleOpenVPN forwarding. By LS (Linken Sphere) - I use free LS to work with logs. I don’t take a paid one. If you want better cross-country ability - take DS from Google and there SOCKS cling to the state from 911. And replace Portable FF with Portable Chrome. I usually select SOCKS in vip72.org for the city.
Yes, on vip72.org my SOCKS live surprisingly long, everyone complains, but I'm comfortable. There is a SOCKS who has been living for 8 months already. I created BA self-register for myself in August. And since then I go there from one SOCKS'a with vip72.org. Yes, it crashes sometimes. There is no SOCKS in the network, then I take another. Thus, I have a list of SOCKS from which I enter the BA. It's about self-registration.
If we are talking about logging into Brute-accounts or logs - here under ZIP. All inclusive, WebRTC clings from Proxy. If anything, then I do not prescribe using WebRTC, I just have a parameter in FF: about: config. In the search for the FF config, we drive in Proxy and look at all the parameters. For example ice.proxy_only. In general, any work begins with customization. I would recommend starting by looking for the description of the variables in the setting of this config. You will not need any Linken Sphere if you configure everything correctly. Yes, it is difficult, long, tedious. Therefore, no one tunes, and if they do, they do not speak. This parameter is enough for me. Turn off WebRTC too, like a red rag sometimes works.
Depends on the bank yet. But if we are talking about registering an account in banks, then it is better not to provoke once again and not to play luck, and so much time is spent on breaking through.
It is best to find out what changes, how each parameter affects, and then choose the best one for yourself. The system is best configured by those who drive the CC. But this is enough for us. I'll tell you right away. The mechanics of working with card inserts and with BA are different. System settings too. There is no more profitable BA theme in C. But many surrender on it, as it is difficult.
It's easier for many to poke one button and everything will always be fine. And here you need to think, look.
I also want to say that it is worth working more on logs, but if there is no money, then take Brute and work with him. Brute's start-up capital will help fill, as will the big shots. Logs start at $ 10 / piece. Or you negotiate for% with people, but this is not enough now.
A: You said that taking a PP, linking BA and making a deposit is not a very smart idea, but then what to do?
B: Specifically, with the PP, I do not consider the work to be highly intellectual. It is built on the usual, repeating simple patterns. Well, think for yourself, if there is a BA with alerts, a person buys a pack of BAs, and he cannot influence these alerts.
Binds BA, makes a deposit. Out of 10 PP accounts, one survives. It is best to work with BA. Search for new methods, offices. PP is usually suitable for those who start the path in C. But in BA, you can potentially do many times more. PP is ONE of hundreds of offices in the USA. Offices that allow you to work with BA.
A: The fact that it is potentially possible to do much more in BA is also understandable, but there is another question, how then to whitewash these funds in Russia so as not to sit down.
B: I am actively studying it. Usually cards for other people's scans help. Find Talkbank, it's good that there is no Branch and cards are sent by mail to Russia. There you can drive funds to scans. You can drive money into BTC - QIWI and Yandex are not controlled by the Federal Tax Service. There are also offshore companies that allow you to keep money without special attention. You can withdraw up to 600 thousand rubles to the card, but you can forget about Sberbank. Talkbank to a dummy, or Tinkoff Bank to yourself.
A: Where to get material - logs, VNC, Brute accounts, and so on?
B: For work, the main ones are refaund.biz and wwh. Almost all sellers of any goods and services can be found on them.
Ways of bays in BA. Lesson 23.
An important topic - the ways of bays - this is what the work in the BA direction is based on. In total, there are 6 standard methods:
1) Bill Pay
2) ACH
3) Wire Transfer
4) International Wire
5) Internal payment system of the bank
6) External payment systems Bill Pay (1).
Bill - translated from English - account. Pay - pay. Pay the bill. Bill Pay is a system of electronic invoices (checks). Not all BAs have such a function. It all looks something like this:
In the screenshot, we can see how I tried to research this direction by opening Bill Pay with manual input of all data. BillPay is usually needed to pay bills of any kind for various service providers. For electricity, water, internet and so on. For our activities, you can use this chip in the following way - add your service provider (This can be either a company or an individual). For example, I want to please a certain Mr. James, and put him on the list of suppliers. And I pay. In terms of time, he will receive money from one hour to three working days. In principle, this method is quite convenient, but there are nuances, I am talking about them.
The fact is that when forming a payout check, the bank also sends a paper check to the address of the KH (where he lives). Usually such letters take 2-3 days. And KH can notice that something is wrong. From my experience, I will say that Bill Pay is a very promising direction. There is no need to wait for verification payments (MiniDeposit), AntiFraud is completely loyal to it, but remember the 30% rule. And not all organizations can be paid through Bill Pay.
Something like this looks like a search for a service provider to whom Bill Pay goes electronically. This is when we do not enter it manually. As a rule, when entering data manually, there is a paper check. And if the supplier is on a special list with the bank, then there is an opportunity to receive money on the same day. The service provider can also be a bank in theory. Just don't mess with the data if you do this, since the cancellation of the check takes another 3 days. Burnt myself once already. Better to call your service provider and find out.
Okay, and now I will tell you quite private information for some. Maybe they saw ads on the forums, allegedly pouring credit cards across the United States. At the same time, the person does not fill in the debit. The bottom line is that many credit cards in the US are paid like a bill. And this payment takes place exactly as a service provider. To put it very roughly, these people work like this - they take a log, post an announcement about the gulf on the forum, fill in credit cards, then KH wakes up (in any case, always), the maximum amount of time for the cancellation process is four working days. As if you already understand the essence of such an announcement, be smart about such proposals.
The next way is ACH (2).
ACH is the US Reserve Bank's Automatic Credit System designed to speed up and simplify automatic payments based on prior agreement or appointment. ACH time runs from 1 to 4 business days. As you remember from the PP lessons, an account is tied to it and a deposit / purchase is made. So, it is
done with the help of ACH. Any office where there is a BA link can act in the place of the PC. Be it Venmo, any investment office. You can also link the account of one bank to another, send funds using ACH.
How it looks in practice:
An account is added, usually by account and Routing numbers (AN / RN). There are some nuances here. For example, you won't write your account and Routing numbers out of thin air, and your account will not be immediately linked to the BA. For this, an account check has been invented. 2 mini-deposits (MiniDeposit) are sent to be credited to the linked account. They go 1-3 business days. You "catch" them (See) on the linked account, enter them into special windows for entering mini-deposits on the main account, and you have a linked account. So, in the screenshot, the "Verify" button.
In this way, you can knit cans on different KHs. Let's say you have an account with Vasya Pupkin, you link another person's account for verification payments and you can make transactions between them, while the bank will not swear. In fact, this is prohibited. That is, all accounts must belong to you as KX. Tying an account to another person is prohibited.
The second point - according to ACH there is a garter instantly. Instantly - this is when you enter your username-password and answer a secret question. And the account is attached instantly. This option is good, but it requires matching the name of the KX. Since there is an integration through third-party services (via API). That is, Vasya will no longer attach Petya's account. When we have attached an account by any of the methods (verification payments or instantly), you can make transactions with it. You can send money TO him, you can send money From him. And when you send money from it, it is called reverse ACH. When you send to it, it is a direct ACH.
Tricky question. You have attached the Brute BA to the PP and clicked Add Money. Will it be a forward ACH or a reverse ACH?
That's right, it's the opposite. Reverse ACH is when we are not in the BA, but request the funds that are on it. Accordingly, now the question. And why do you, dear ones, suffer with the PP and its problems, when you can simply create a BA, attach any BA in the same way and make a deposit? Not otherwise than masochism. Well, okay, it's not for me to judge. Now just think about the variety of offices only for the method of draining by ASN, and in a conventional BA there are at least 3 of these methods.
Okay, let's define the timing. Verification payments take 1-3 days, in practice 1-2 days. Funds are spent in the standard 3 days. It happens that the delay is extended by a day. Total: 4-5 banking days to transfer funds. Do not forget about the golden rules - no more than 30% on the first transaction (Ideally, 10-25%). And do not drain everything from the account. Otherwise, the transaction may be blocked and KX may be invited to the bank. There are banks that don't care. Trial and
error helps to identify them.
Okay, third way. Wire Transfer (3).
Wire is a regular money transfer. Now there are many problems with him, he is not in all banks. If you want to merge Brute / logs - be sure to see if there have been transactions of this type before. Now standard Wire cannot do without a call. In the worst case, they will be asked to come to the bank. I would not recommend working with him, because experience is needed. You need to do everything perfectly (And change the number, and guess the time, and the amount). Also, the transaction must be in an account with the same last name as KX. That is, you need to open an account for it in another bank. However, this type of transfer is very fast. They arrive there in 10 minutes. For reference, many US crypto exchanges only use Wire.
Do you want to pour a couple of tens of thousands on your Sberbank card? This is possible thanks to another type of transfer - International Wire Transfer(four). The same Wire, only international, with some differences. The last name of KX should not coincide with the last name of the recipient, and Wire takes a very long time. It takes a long time due to the fact that a bunch of corr. Accounts. Those who have Tinkoff Bank saw that they can accept money in USD and a correspondent bank - Tinkoff Bank - Chase.
So, International Wire goes from the USA to Tinkoff Bank 10 working days. This, on average, depends on the bank yet. On the pluses of this method and about the bottle. A long transaction - that is, more than one correspondent account always - KX can not always recall it, can you imagine if the cancellation process begins, how long it takes to pay, how many correspondent accounts it overcomes, until it comes - you will hang out with your friends somewhere. Therefore, under International Wire, material is often taken on behalf of dummies. Quickly poured, cashed and thrown away. Well, as fast as the correspondent banks allow.
Let's touch on Canada too. So, in it in banks this type of transfer is more common. The guys take the logs and stupidly pour themselves a Sberbank card. The plus is that it goes from Canada faster than from the USA. If we are talking about the CIS bays, then we need to ask the bank if we can accept payments from abroad.
So, let's move on. Internal payment systems of banks (5).
There are many banks in the USA, some of them have them.
Everywhere is called differently: SurePay, P2P, PopMoney, Zelle, Send Money (Movo). In Canada, it's Interac. Whatever you call these payment systems, they all have the same essence - to transfer money. How everything happens - start the money transfer, indicate the recipient's data (Nothing complicated - in some cases, an e-mail or phone number is enough). In the case of Movo, money is sent by e-mail and instantly goes to the account, which is tied to the mail to which it was transferred. In other payment systems, the mechanism is similar, they are created for quick and hassle-free sending of funds, the maximum that I have seen is a call request. Therefore, many are so
desperately looking for Zelle-acceptors. Headaches are minimal and profits are quick. So, for internal payment systems, that's all.
And finallyexternal payment systems (6).
About them was already a little higher (in the story about ACH). Working with them is quite simple. We take Full Info, register an account on it (in an external payment system), link the KX account (by verification payments or by login-password / instantly).
We linked the account, added the payment system. And they sent it. There are two options for these external payment systems. The first is when several BAs can be linked to one account of the payment system. For example - the account of KX (which you pour in) and your account (or the account of a figurehead) - to which you pour. Nothing complicated. We funded the account of the payment system with Brute and filled it up for ourselves (a dummy).
The second option is when several BAs cannot be linked to one payment system. Then they usually create a second account in the payment system and send to it, then merge from the second account to our BA. Done.
Examples of external payment systems: PayPal, Venmo, Western Union, TransferWise, TransFast. There are really a lot of them. Each of them has its own nuances. But remember - they are all made for people. It makes no sense for them to overwhelm customers. PP is a rather "good" payment system, where you can insert the left Full Info (From one KX), BA - from another. In most payment systems, this is not the case, there you have to strictly break through Full Info under the KX BA. Payment system account on KX Brute BA. And the drain account (Where will we fill in the funds later) is also on the KX Brute BA.
FAQ:
A: Which is the easiest way?
B: ACH.
A: Drain account on KX, does it mean an account in this payment system? Can there be two accounts in the system for one KX? And the second thing. How can you justify the choice of PP, and not BA for the ACH garter? Do we just make a self-registration of BA and make a deposit there from another BA?
B: No, not in the system. For one person, you can open accounts in different banks, that's what I'm talking about. Let's say in one investment office you can attach only one account to one account. We deposit funds from the KX account, then open an account in another bank, write to the technical support of the investment office and ask us to change our account for withdrawal. They change, withdraw money, and you're done.
The choice is due to the fact that she is actively promoting. Like the Iphone. This summer, people ran into the BCP, and she had already died a couple of times.
A: First, why on the very first screenshot, when we talked about BillPay, there is a lock on the Wire Transfer tab. Second, why could the delays be extended by a day in the case of ACH? Third, on International Wire, what is the order of the numbers? Also not more than 30%?
B: The first is a feature of the bank, this type of transfers is not open on this particular account. Second, there are some delays, for example. The third is true.
A: Does the investment office have unnecessary questions for such actions?
B: Appears. Therefore, by trial and error, you have to find them, test them, select your own, find patterns.
A: And what are the rules of behavior with BA self-registers? Or are they the same? We make a deposit, did not give, we monitor it for three days, we will awaken to make a deposit.
B: BA self-regulation cannot but give, there is no such thing. He always gives. But they can be blocked if you chose a bad bank or took a large amount.
A: That is, there is no particular point in working with PP, if you can do the same only with BA?
B: It makes sense if you want to make money quickly and without the headache of finding banks.
A: BAs themselves do not have such a concept of instant payment as in payment systems, right? That is, you can only make a deposit from account to account.
B: Right, the payment from BA does not happen instantly. It is possible to instantly transfer from BA to BA only via the internal payment system. Or via Zelle, an interbank transfer in 30 minutes is possible in some cases. It depends on what to take. In your case, it makes sense to study diversity, identify patterns, explore. And from these patterns, select the banks that are suitable for work.
A: At the expense of searching for banks. That is, bank X allows you to make a deposit to bank Y without problems and bans. But does bank B give a deposit to bank C with a ban and a harsh punishment from the support service and headaches? That is, these are pairs of banks that are working.
B: If you want to create accounts and are looking for a bank, this is one thing. If for Brute it is different. All cans X, Y, B, C in this example give without a headache, but AntiFraud is configured differently for everyone. Each of them will give, and upon the arrival of funds, there may be a block / draw / call, it also depends on the volume and different parameters.
And yes, frankly, it makes sense to consider any bank. There are no banks that do not give. These are banks.
A: Well, then what else can the AntiFraud bank do?
B: Everything comes in. Mass of parameters. From IP, Full Info, answers to secret questions during registration, choosing account settings. And before your actions in the personal account of the bank.
A: Is there a blocking that cannot be removed by a call, drawing or complaints to technical support? That it remains only to go to them personally.
B: Yes, it happens. And there are still some banks that always send to their branches. An example is PNC.
Okay, next. What is a check for an American? Not a check from a store, but in the understanding of banks. See, a check cannot be directly "exchanged for money." First, the money goes to the BA account. That is, it is paper backed up by numbers. Not just lettering paper. Remember the movie where DiCaprio played? He forged checks there. The film is called “Catch Me If You Can”. So, in that film, the check (Paper) was exchanged for money. In Russia, salaries come at stake, right? A paper check with the amount of the salary comes to the USA, then KX stomps into the bank and cashes the check. KX puts his signature on the check in the bank, then the bank employee verifies the authenticity and verifies the data. To prevent the bank from being cheated, as in the film. The check is first credited to the bank account, then the bank issues the money. The person who wrote the check does not give you money directly. Do you understand? I.e, money passes through computers, through accounts, through banks. Not paper money.
What is the point for us? There is such a thing called eCheck. This is an electronic check. A very cool thing that allows you to get money on your BA in a day, or even less.
Echeck is not available in all banks. Sending eCheck is easy. Write the account and Routing numbers (ANRN) where you want to transfer funds. A day passes, the money is already on the
balance. Done. It is difficult to find a good full-fledged bank with eCheck and it will be expensive. It is in terms of searches. Movo has eCheck, but it is not a bank, but an application. That is, Movo is not a full-fledged bank. It does not have many of the functions of an ordinary bank that we need and are important. For example, you cannot attach a BA to ACH there for a deposit. Or, for example, you cannot accept money on Movo if the name of the KX is different.
Ok, now you have a question. Where to withdraw and how to get money in Russia? There are two ways. First, you can transfer funds from the USA to Russia or from the USA to BTC. Everything is very clear here, I think. For USA-Russia transfers, there are different offices, for example, Western Union. BTC allows you to transfer crypto exchanges.
Second, you find a person like me who provides you with dummies for a certain percentage, or his accounts where you can deposit money and get an equivalent in BTC / QIWI / RUB. For a start, I recommend the second method. As you roll into the topic, you will come to the first one. The percentage is different for different cashiers, see wwh. And the conditions are different. So, for example, cash out of PPs from logs can be found for 50%. And now some comrades take clean money on Movo for 75%. If you know how to make accounts in the USA, it will not be a problem for you to pour on Movo yourself and get the most delicious interest. Yes, a little longer, but less losses.
Advice. Do not make my mistake and do not go straight to the search for ways to transfer money to Russia on your own. In the first stages, always choose someone else's cashing.
The rest will come with experience.
A: Is Movo an internal payment system?
B: Yes, but not entirely true. With Movo, you can make a payment using the Send Money button. From Movo to Movo. And on Movo itself, you can fill in by account and Routing numbers. From outside. From any BA. Or with PP. With Venmo. Anything that allows you to knit it. But you cannot attach a BA. That is, bays will be with verification payments (MiniDeposit).
A: Are we interested in AntiFraud of both sides? And the donor bank and the receiving bank? That is, the services of the sending BA may be to blame for blocking money on our self-register of another bank?
B: Of course. On the other hand, if we work with Brute, then we can hardly influence AntiFraud. Everything is correct.
And why? Is it dangerous to log in without logs?
B: The secret question comes out usually. It's pretty dangerous without cookies.
A: I saw BA data sold in the store and there is still a secret question for them, can they be taken? B: You can take everything. There is no superfluous material. Another question is that there is no access to mail there, this is a problem.
A: Why take Brute and not logs? Cheaper is clear, but you can play around with the logs with alerts, and the requirements for cleanliness are the same, that is, logs will give stupidly better on average than Brute.
B: Take logs if there is money, since they are more expensive. But the benefit is greater. Brute, in my opinion, is suitable for beginners, or for those who do not work with BA directly - those who work on PP. For BA workers, logs are more comfortable.
Here is a little about checks, this is how a typical check in the USA looks like:
My personal check for $ 2000 was recently credited to BA. About cashing out and your job. I will also say a few words. And so, maybe in the course of mental activity, some of you have come to this. And why not open an account with the United States Farm, send a card to Russia and then withdraw money from an ATM? Usually, to withdraw money in Russia from American cards, you need a so-called Travel Notice. This is when you tell the bank that you will be in another place, in another country for a while. In this way, some cash out their funds. The disadvantage of this method is that the card usually has a withdrawal limit. For example, $ 400-500 per day. Can be expanded, each bank and card is different. But there are some special cards in offshore zones. They allow you to accept money for yourself and withdraw it to your personal accounts in the CIS or to QIWI / YuMoney.
The advantage of this card specifically for you is that it has direct accounts in different banks around the world. That is, money is credited to you by account and Routing numbers (ANRN), and you withdraw them in rubles on the same day. Not otherwise than fiction. No Wire, no waiting time, none of that. Stupidly filled in and removed. But there is a catch, where without it. Not suitable for large operations. They can freeze funds. You need to look for the limit on the site, from $ 1,500, $ 700 keeps at a time calmly. Therefore, I strongly recommend that you, as novice C-workers, get this card for a scan (or for a dummy).
A: Do we use Full Info for BA self-registers, or may we need scans there? In order not to draw later
B: Depends on the bank. There are banks where photos / scans are not needed.
Your task is to register payoneer.com for a passport scan (not yours). The card is sent by Russian post, if you live in the Russian Federation, you can specify a neighbor's mailbox and pick it up from there.
The second task is to take Full Info, register for Walmart Money Card in the USA. Walmart Money Card is a prepaid rechargeable card in the USA. It is great for bays. Lives for two weeks. When registering, keep all details, especially card number, Exp. Date and CVV. Basically, you are creating your first US map. Yes,
old-timers will now say that this is quite public information, so nonsense. Well, Walmart, while public, is still good for the bays. Payonner - misses small amounts perfectly. You can do your best. Payoneer USA will cost you a pretty penny, since the reception by a figurehead is $ 50 somewhere and the postage is the same. Payonner Russian - only scanned passport. The attitude towards Payoneer from the USA is more loyal.
Payoneer will come in handy for you to get out of a difficult financial situation if you have brains. And Walmart is a practice, besides, you can fill Walmart yourself. And then hand over to cashiers. Same as experience. And get the benefit. Some give up to 70% for it. Payoneer cannot be poured from banks, this is its disadvantage, only from offices. Russian Payoneer has not been attached to the PP before. How things are now - not in the know.
Walmart fights hard enough from banks, but everyone is busting its Routing number. Payoneer, on the other hand, you can shed from any investment office that supports linking by account and Routing numbers. In fact, having Payoneer, a found investment office and a Brute BA bag in stock, you will not remain beggars. Or it should be bad luck.
An example of an investment office: robinhood.com This is your third task - to consider this office. Read its rules, docs, FAQ, all the pitfalls.
The fourth task is to look at the Zelle website, the partner banks of this internal payment system.
And so, let's summarize. You need Payoneer to cash out investment offices like robinhood.com. WalmartMoneyCard is poured from banks, including from Zelle partner banks. Payoneer also has a lot of different chips. You can use it in any way, let's say attach to Amazon, accept payments on it. BA work is about research. If you work on BA, you really work, then it will 100% bear fruit, I guarantee you.
And yes, it is advisable not to move on to the next lesson until you have completed all the assignments, otherwise you will get lost further and not understand most of the material.
BA self-registers. Lesson 24.
For everyone I will once again designate abbreviations:
RN = Routing-number
AN = Account number
Well, earlier we have already touched on the topic of how to withdraw money a little with you. You created Movo and Walmart yourself. These are simple maps for the bays, not bank accounts. They have limited or missing functionality. At Walmart, you cannot do anything with funds until you receive and activate a physical card. In Movo you can send by ANRN or to another Movo by intrabank payment. But this is still not quite full functionality. That is, Movo is not even a bank. If anyone was looking for RN Movo, then it belongs to the Metropolitan Bank. Same as Walmart. Therefore, we will consider
full-fledged BA self-registers, their creation and nuances. Self-registration BA is a bank account created in the bank on Full Info.
How to do it? First, we find the bank in which we want to do our further actions. It can be found on Google or through various bank blogs. Also, there are lists and ratings of banks. Example: hustlermoneyblog.com
Let's say we have found the bank in which we want to create an account. We are looking for the opportunity to open an account online (Apply now). If the bank's website does not have such a button or section, then you can open an account only at a branch (not suitable for us). Don't confuse opening a bank account with Enroll, two different things. Enroll - you open (Open) the card on the bank's website, already issued by the CC. And Apply Now - opening an account. We need to prepare Full Info to open an account (It must include DOB + SSN + Master data). When you click on Apply Now in the bank, we get a form with filling in the data. We enter data from Full Info, everything seems to be fine. Moving on, some kind of game is demanded from us.
We go to punch BG.
BG = BG = Background report.
BG includes complete information about KH, history of addresses, jobs, names of neighbors, lovers, zodiac signs and more. Information on cars is also there. We return back to the bank, enter the information. Let's move on. We are asked - what was the name of your first wife? We make eyes for 5 rubles, because in BG this is not. We drink coffee and run to KH's Facebook. We find a wife, enter, everything worked out. The next question is what kind of car did you have in 2005 - color and brand? We run to punch the car. They struck. And during the time while we were punching the wheelbarrow, the time to answer the question expired. Therefore, we fill out all the forms anew.
Well, they answered all the questions about BG like. Let's move on. On the next page, we see such a question - did you take out a loan from PNC bank in 2008, what was the monthly payment? You are furious. They killed so many forces to break through cars and search for a wife. And here is such an ambush, bitch, but what kind of cans are so fucking. So, questions of a financial nature belong to the category of CI and are in the Kyrgyz Republic.
CI = Credit history. КР = Credit Report (CR).
That is, all the information about KH in financial terms, all banks in which there are or were accounts, all cards, Loans. For the umpteenth time we throw all our forms in the bank and run to punch CR. We go to fill out the application again. Ok, we filled it in. The next page opens. And it says there. Dear sir, did you know that you have already opened an account with our bank? Well, coffee won't help here already, you know. Let's roll the vodka. We study carefully CR. All open accounts in all US banks with this particular KX. Choose another bank that is not in KR. We fill in, we answer, now we are already congratulated on opening an account.
The next page opens. We are asked to make a small deposit to open an account. Where to get it from? With Brute or what? Well, the account will be blocked right there. To do this, you need a micro-deposit from someone so that you link a PrePaid card and from there pour money into your first account. Or buy a PrePaid card in CC stores, bind by AN / RN and pour from there. The amount of the first deposit is different for all banks. Sometimes $ 1, sometimes 10, there are 100 and 1000, it also depends on the type of account. There are all sorts of Premier checking in which the
start amounts are higher, but the limits are also higher. There is a bank where the starting deposit is $ 50k.
Okay, back to the topic. We chose a PrePaid card for the first bay, entered its account and Routing numbers. Click to top up. And then there is a sign on the whole screen - "We do not accept payments from PrePaid cards". That's all. Let's go to the factory, guys.
Okay, let's go to the factory. On the way to the factory, we think, what if I need to buy a BA and replenish this self-registration via ASN by AN / RN? What if it works out? Bought, replenished. A joyful "Money will come in 3 days" creeps out. Is the plant canceled?
We arrive the next day, since the ASN does not go right away and all that. But write-off on ASN usually occurs the next day. So that's it. We see this picture - the funds were debited from the BA that you attached, but a person called us here and complained, so here's a blockage and don't come back. It is possible to go to the factory, but we spit on the monitor and buy a new BA, already more expensive and of better quality, if earlier we took some Chase with a balance of $ 1000, now we take SunTrust with a balance of $ 5000.
Making a new BA self-register. We fill in, again we break through BG (new KX), CR, we are looking for a car with my wife. We answer all questions. Choosing, replenishing. We are waiting for 2 days, on the third day the money comes with a letter in the mail. We open the letter. The following is written there - "Dear sir. We called, but you did not pick up the phone, so the account is temporarily blocked, call in the next 3 days yourself."
Okay, looking for a call. He calls, it seems to be relieved, we have defrosted the BA. A few days later, we are credited with our initial BA deposit (it is also small, the smallest, from a dollar to a hundred). We enter the LC of our BA. Just think - we created BA. He is OUR. You walked around inside your account, clicked different chips, looked at the functionality. We need loot, for sure! We remember how much time and effort was spent on this whole thing. Well, what is there to be trifle with? Let's fill in 2k at once!
Hurray, the money was debited from Brute, they will come in 3 days. After 3 days we are trying to enter the LC. Oh, something's not included. Damn, the call must be given. We gave the call, we smoke nervously. Call verdict - blocking due to fraud. Since the amount is too large, a new account, and you are making a deposit of $ 2000. Therefore, we closed the BA for you, returned the money back, good luck. We start over again, taking the third Full Info. BG, CR, wife, car, questions, banks. We call, replenish. Now we are smarter. We make a deposit not for $ 2000, but for $ 600-800. We're tired of eating instant noodles. Let's fill in less, but at least earn something.
Okay, it's been 3 days. We enter the BA. We see $ 600 on the balance sheet. Super. You can be proud of yourself. This is a very short story about how the work with BA self-righteous happens.
FAQ:
A: Why do we need to fill in correct information when registering a BA? How is this generally justified?
B: By checking the data bank about KH. The bank will not open an account if the information does not match what they have.
A: N26, MisterTango are suitable for self-registers, or are they not considered full-fledged banks?
B: Not considered full-fledged banks.
A: Why didn't Chase suit us, but SunTrust gave everything? Was the difference in the example only in the balance sheet, or does SunTrust somehow compare favorably?
B: Chase used to be good, but they started buffing AntiFraud when they started killing him really hard.
A: What is AN / RN binding? And where does CR make its way?
B: Linking by AN / RN = Account and Routing numbers, accounts are linked either instantly or by entering these 2 variables, they were already mentioned above.
A: So not all banks accept PrePaid cards? That is, you need to look for the same one, or what?
B: Not all banks accept PrePaid cards, right. You can and should look for different banks, there are even banks without an initial deposit.
A: And how does the work with the same Walmart, Movo and BA self-register, Brute work?
B: From Walmart to Movo, you cannot upload. Rather, Movo and then Walmart. But Movo is taken at a higher%, so it is more profitable to pour on it. On the other hand, Movo has its own nuances, you won't replenish your bank account with it, but with Walmart it's easy. You can use Walmart for a deposit, but not all banks eat this RN.
You cannot pour on Movo with Brute. We attach Brute to the BA self-register, from the self-register to Movo - we cash out.
A: What is the 12 hours rule?
B: Departures that are sent by ASN before 12 noon (-5, in winter -6) - go on the same day. Departures sent by ASN after 12 noon start their journey only the next.
I advise you to make banks that allow you to make the first deposit when you open an account. A deposit can be made not only with BA (By AN and RN), but also with CC in some cases. With CC, I think it's clear here, but the first replenishment of the bank with BA goes in the overwhelming majority of cases with the help of ASN. As we remember from the last lecture, we need to catch verification payments (1-2 days) and crediting takes another 3-4 days. Total - a week. The question is what day of the week is it best for us to work? That's right, Monday. On Friday, you will definitely get an answer, either the bank overturns you, or yes. And on Monday, if you're lucky, even on Thursday, and you manage to drain your money somewhere else (Friday).
We have considered linking verification payments. Now many banks use offices via API, these offices allow you to bypass verification with verification payments, since it takes a long time, these offices knit BA for a deposit by login and password.
Sample API - Plaid, Yodlee. In fact, the same technology as when you bind the BA to the PP instantly. However, PP is PP, and here we have BA. And there are moments. By law in the United States, you can replenish your BA only from your already opened account, which is registered to you, where are your full names. What does this mean - register a BA self-registration for the Brute-BA data punched by Full Info, bind the Brute-BA login and password, they immediately ask you for the amount of the deposit, wait 3 days and the money comes, it is faster. The full name must necessarily match when linking instantly. Otherwise, catch the lock. Remember. This is your case with Payoneer yesterday.
There are no drawbacks when pegging, breaking only (the cost itself), SSN + DOB for punchers is $ 4-6. Advice - the full name should be the same, but the person may be different. In some banks there is a reconciliation at the address, you need to feel it individually.
A: How to drain large amounts if we drain $ 600 each, and then a cancellation arrives and the account is blocked?
B: By swinging the BA, or opening the BA with increased limits (I mentioned this above). Or a special bank to look for under large bays.
A: That is, Full Info can be for a person with the same name as Brute-BA, but not necessarily his?
B: Right, but this does not work with all banks. I have listed APIs in the USA (Plaid, Yodlee and others), for each of them you need to read the documentation, what they compare and how.
For example, I found one API (Quovo) that verifies the name and address when binding by AN / RN, although this is complete nonsense.
Another trick - when the bank, even when linked by ANRN, sends you a payment to your self-registration, it also sends the full name of the recipient of the payment. In some banks - payees, if the full name of the KX and the name of the payee does not match, the payment is rejected. Consider this point too. Movo is at the moment also the same financial institution that declines a payment that is not in the name of KX.
Working with the bay of your self-registers is described as follows, if someone has not moved in:
Take your Full Info, punch BG and CR on it, take the left Brute-BA with the punched AN / RN, register the BA self-registration, answer the questions, enter, on the last page they ask you to enter the ANRN numbers of the external Brute-BA and the amount, enter, wait 3 days, we enter the BA self-register, enter 2 verification payments, go to the offices to break through the verification payments (PersonalCapital, Wave and others), see the verification payments, enter in the BA self-register. That's it, Brute-BA is verified, the money is on the account after a while.
BA log is processed differently than Brute-BA, do not confuse these things.
Well, we have money on our BA self-registration. Then you pour this money, let's say, on Movo or anywhere. It also fits according to ANRN, either at Walmart, or in investment offices, from investment offices in Movo or anywhere. The main thing is to have time to remove them from your BA self-register. If you have done BA self-registration at a bank that supports Zelle, then you are looking for someone who accepts Zelle. And he will pay you in BTC on the same day for the gulf.
A: Why can a cancellation arrive at self-registration, but not at Movo / Walmart?
B: On Movo it can too, but Movo in this chain is 3rd person. In the USA, there is a rule of 3 person without cancellations. The so-called "Rule of Three Hands".
Brute-BA (KX Means) - Self-Reg (Cancellation Means) - Anything (No cancellation).
And all this is legislative. It is logical that the money is debited from the person who receives it. But if at the same time he pays me for something, then why should I suffer because of him? In the United States, cancellation means sending funds back to the source of enrollment.
Brute-BA - Samoreg BA (1) - Samoreg BA (2). On the third bank (Samoreg BA (2)) there is already money in the chain without cancellation. It turns out that the BA self-register (1) is a gasket. I hope it is now clear why you need Movo and Walmart. Substitute them in place of the BA self-registration (2). And fill it in. And funds without cancellation already.
These VCC (Virtual Credit Card) are essentially your cards, you can use them to pay in your store, order food from the USA, pay for another bottle of beer in Russia using Apple or Google Play. If you know what to do without canceling VCC, then you can easily overtake money for yourself. We'll come back to VCC, they will be part of your assignment.
Can an account be blocked without cancellation? Can. For example, block on the issue of origin of funds or verification, or Full Info curve. They do not have the right to write off your money from an account where there is no cancellation, but blocking with questions is easy.
Next, let's summarize.
Replenishment of BA self-registration:
1) Replenishment with BA
a) By API, Full Info, Brute-BA = Full Info self-register BA.
b) Through verification payments.
2) Replenish the first deposit with CC.
3) Take loans for self-registration BA
Let's consider the second option - "Replenish the first deposit with CC". How it happens.
We select this item, enter the data, money comes instantly, sometimes there are delays of 2-3 days. Some banks still have the option to top up without matching Billing. And even with KH with a different name. There is a bank that allows you to top up from the CC of another country. Depends on the bank. But usually with CC it is replenished with data verification, that is, you have to punch Full Info under CC + SSN + DOB. And we do self-registration of BA on Full Info from CC. And we replenish it. But we don’t know the balance on the SS what to do? I'll tell you now.
In CR we have written data about open accounts and cards on KX. We figure out the balance and hit. CR is updated more than once in a lifetime, the actual amounts are written there (update once a month). For example, the use of credit and so on. And on the map, you can also find out information in CR. CR can also find out if Valid CC has been sold to you or not. It will say Closed if it is not Valid.
By sites. Breaking
through BG:
truthfinder.com
What is in the guide:
1) Learn to work with the CC (Credit Card).
2) You will be able to find correct and good BINs.
3) System setup.
4) Make yourself the safest car. I'll show you how to protect yourself from hacking.
5) You will be able to create your own VPN.
6) Learn to bypass protection (AntiFraud).
7) Find good and profitable online stores.
8) Working with E-Gift.
9) Enroll. (Online banking)
10) Logs. Brute accounts.
11) Working with PayPal.
12) Working with BA.
13) Air tickets and hotels.
14) Lots of very useful tips.
15) All the necessary and not very contacts in order to start working, even today.
16) And much, much, much more ...
WHEN I WRITE LECTURES - THIS MEANS LESSONS (I JUST STUDED IN THE PAST, OLD MAN)
I will immediately make a note that I decided to make this guide for everyone, which means as much as possible for everyone to understand ... The guide itself is divided into lessons, and before some lessons there will be a list of terms that you need to know and keep in mind. Sometimes terms are intertwined and one term can have two different meanings. I will also warn you about this so that there is no confusion.
Also, do not forget to write to me if you have any questions. Feedback is very important, as it is impossible to write and tell about everything.
In order not to constantly scroll and not kill the mouse wheel, just enter the lesson you need in the search (For example, Lesson 5.2), then you will immediately go to it without wasting your precious time.
Lessons:
Introduction to C (Carding) - Lesson 1. Types of cards (CC) - Lesson 1.1.
Encryption. Safety. Anonymity. Lesson 2.
Introduction to security. OS selection. Lesson 3.
Virtual machine for searching in the shadow internet. Lesson 3.1.
Pure IP - Lesson 4.
Driving Tools - Lesson 5.
Connecting to DS - Lesson 5.1.
Setting up LS (Linken Sphere) - Lesson 5.2.
Creating a Personal VPN - Lesson 5.3.
How to clean the logs on the server - Lesson 5.4.
VPN + TOR + VPN Bundle - Lesson 5.5.
AntiFraud (AF) - Lesson 6.
How AntiFraud Works - Lesson 6.1.
The basic concept of driving - Lesson 7.
Shops CC (Credit Card) - Lesson 8.
Warming up the store - Lesson 8.1.
Intermediaries - Lesson 9.
How to drive into Skype? Driving first - Lesson 9.1.
How to drive into a good store? - Lesson 9.2.
3DSecure - Lesson 10.
Drops and interception services (PickUp) - Lesson 11.
Redirecting a parcel (Rerout) - Lesson 12.
Working in Europe and Asia (Features) - Lesson 13.
Searching for online stores - Lesson 14.
Parsing links - Lesson 14.1.
E-Gift - Lesson 15.
Enroll - Lesson 16.
Logs. Brute Accounts - Lesson 17.
What does the store see? - Lesson 18.
Setting up Android on the example of Nox - Lesson 18.1.
Configuring WebRTC - Lesson 18.2.
Working with PP - Lesson 19.
Deposit and payment methods using PP - Lesson 20.
Draining money from PP - Lesson 21.
Bank accounts. BA - Lesson 22.
Ways of bays in BA - Lesson 23.
Self-registers BA - Lesson 24.
Documents and their forgery - Lesson 25.
Booking hotels. Air Tickets - Lesson 26.
Refund Scheme - Lesson 27.
A small reminder in case you are caught.
Terms
I will also add that I decided not to constantly use the usual terms that are generally accepted in our community, so to speak, which are more trivial, so there will only be official terms that are easier to understand.
(For example, SS can be called cardboard, and potatoes, and a map, and a cartographer, and a boat, and anything else. It is for this reason that all terms will be written so that any person can understand)
Why did I do this? Because sometimes the entire text is a continuous collection of terms. For ease of understanding, I have "simplified" them. In general, you will see for yourself. For the terms, of course, I will also give the generally accepted options that are used on the forums and so on.
С - Carding, carding, carzh.
CC - Credit Card, card. In general, it doesn't have to be a credit card. In fact, this is generally any card.
BINChecker - Checker, checks and punches BIN.
BIN - the first 6-7 digits of the SS.
CheckerCC - checks the CC for Valid.
Valid - validity. Working SS or not.
KX (Card Holder, CH) - Holder and owner of the CC.
Introduction to C (Carding). Lesson 1.
torproject.org/download/download-easy.html.en - TOR browser can be downloaded only from this link. TOR allows you to remain anonymous online, which means that you can search DarkNet through the TOR browser. TOR can be bet on your main system. As for the virtual machine, we will discuss it in the corresponding lesson. Now a small digression, I'll tell you for the guide.
The main direction in the guide is Carding, there are many methods of working in Carding, someone just hits with a CC (Credit Card), someone makes Enrolls, someone makes Gifts, PayPal, bank accounts. In short, there are many not very clear words for many of you, all this is included here, the choice will be yours. From experience I can say that almost everyone chooses one direction for themselves and works with it. That is, whoever works, for example, with bank accounts, rarely drives in cards (Credit Card).
On the topics above - we will cover everything, the task is to help you find your topic. We try to work organizationally, in the process of work always pay attention to your failures and, preferably, record them. For example, you drive in a card, and you get an error, take a screenshot, show me on Telegram and analyze the problem, so it will be much easier to understand what the problem is and help you. Don't be shy about stupid questions. The main point, not even in the manual, the manual is the material, the template according to which you can work, and most importantly with us, that you can always contact me individually, sort out your problem. But guidance and lessons are also very important, especially at the beginning. This is your base.
Useful services during training:
1) Screenshot service - prnt.sc
Download the program and easily take pictures using the "PrtSc" button on the keyboard.
2) Service of anonymous notes - privnote.com Have
created a note, handed it over and after reading it will be destroyed. Plus there is a "parameters" button with additional settings.
I will say for Jabber. Create yourself a fallback Jabber.
How to do this is written here: xakep.ru/2017/07/21/jabber-otr-howto/
And here is just quite useful and interesting information: cryptoworld.su/safe-comunications-tell-snouden/
Jabber can be kept where it is convenient for you, and it is more convenient on the main system. Delete Jabber on ".ru" servers immediately, if there are any. This is a trash heap. Ideally, the server should be located in a country where no logs are kept. That is, the country should not be in the Eyes 14. And yes, it should not be the country where you are at the moment.
Also, as far as working in Carding is concerned, take it as a hobby, an additional direction for earning money, you do not need to give up everything and focus only on it, develop also outside of online. It is enough to devote time in the evening in order to have a stable good income. And this applies to any activity, always develop yourself in several directions. I will also add for the VPN. So, we will make our VPN our own, you don't need to buy it either, it will work both on the phone and on the computer.
Okay, let's start with basic concepts in Carding. Where does Carding begin with? That's right - security. True, but the first thing that usually comes to mind when the word "Carding"
is a credit card. Let's start with her. And we will also devote several separate lessons to safety. Credit Card - Credit Card. Credit Card - CC. Further it is designated - SS. It is more correct, of course, to say a bank card, but everyone calls it CC, it is not so much a credit card or a debit card. Everyone knows what CC is, but if you go deeper, then definitely not everyone. I will clarify, just in case, that we are working with card data, without a material card, since we have Online Carding. Let's consider the CC using our example. Cardholder Jonh Doe has no idea what an honor he is:
Code:
4037840052172271 | 2024 | 11 | 475 | Jonh | Doe | 2970 Park View Drive | [email protected] | United States | U.s. Bank National Association Nd | IN | Columbus | 47201
Let's do the analysis. Let's start with the card number - 4037840052172291. What is the basis in the card number? That's right - BIN. Let me explain. The card number contains numbers, which contain information about what the card is, the first 6 digits. It is called BIN / BIN. These are the first 6 digits of any card. Although, cards are already beginning to appear, where the BIN is in 7 digits. BIN - bank identification number. Now let's learn how to pull information from BIN'a. You can go to Google and type in a simple query “BIN Checker”. And before us will be a list of sites. The very first one is bincodes.com/bin-checker/ Not a bad BINChecker, beautiful, but ... from experience it is far from the most accurate, and the most accurate Google does not give us on the first pages, BINChecker is bins.su. BINChecker has changed the domain, apparently indexing has not yet reached it in full. We go to it and enter the BIN from our CC example in the BINS field.
The card number is 4037840052172291, which means BIN is 403784. Click FIND. We receive information:
403784 US VISA CREDIT PLATINUM US BANK NATIONAL ASSOCIATION ND
This information is included in our BIN, if you have a personal bank card, everything is the same there, you can punch BIN and see what kind of card you have. Once again, I will indicate that there is different information on different BINCheckers, therefore, if we are interested in accurate data, it is better to double-check it on several services. In practice, the most accurate, as already said, is bins.su. Each bank has its own list of BINs under which they issue cards, that is, there are many cards under one BIN. For example, under BIN 403784 there is also SS, only the rest of the numbers differ, it is clear why.
bincodes.com/bin-search, using this link you can select the country, type of card, bank and see which BINs which bank has. We save the link to a notepad or bookmarks, like all other useful services, in the process of working it is a good tool. In our business, there are such concepts as good and bad BINs. Bad BINs - BINs of the old release, which were often used by our colleagues, good BINs, on the contrary. That is, if the BIN is "dirty" (often used for Carding purposes), then banks do not particularly like to skip transactions with such BINs at the slightest suspicion of fraud (on Fraud).
BINCheckers:
bins.su - Nice and user-friendly.
binlist.net
bindb.com/bin-database.html - Authoritative.
bincodes.com/bin-checker/ - Alternative.
bincodes.com/bin-creditcard-generator/ (or namso-gen.com) - there is also a CC generator.
Advice. Check BIN on all resources.
Fraud is a type of fraud in the field of information technology, in particular, unauthorized actions and unauthorized use of resources and services in communication networks.
Good BINs are very important in Carding. In terms of working with the SS, this is generally almost half the success. Basically, these are BINs of NOT the best banks, if we speak for the United States.
https://en.wikipedia.org/wiki/List_of_largest_banks_in_the_United_States- this is a list of the largest, and therefore the best banks in the United States. All these points, including for BINs, will emerge in even more detail below, as we go deeper. Now general information for understanding the process, the concepts from which we will start. (In general, the better the bank, the more difficult it is to drive it CC. Ideally, these should be fairly small and local banks, which have few branches. In general, do not take large banks, if possible)
Back to our CC:
2024 | 11 | - card expiry date. November 2024. That is, the date after which the card will no longer be active. Expiration Date if in English. To clarify, the expiration date is calculated on the last day of the month, and not on the first.
475 - CVV code. I'll clarify that CVV and CVV2 are one and the same if you come across different spellings. CVV - code for card authentication. The Master Card has a code called CVC or CVC2. VISA and Master have this 3-digit code. American Express has this four-digit code. CVV - Card Verification Value. And don't confuse CVV with PIN. If the card does not have a CVV code, then it means that you cannot pay with it on the Internet.
Jonh | Doe - name and surname of the cardholder. Jonh Doe. Card holder - Card Holder - CH, KX.
2970 Park View Drive | United States | | IN | Columbus | 47201 is the Billing address to which the card is registered, usually KX's residence address. 2970 Park View Drive - street with house number, United States - USA, IN - Indiana, Columbus - City, 47201 - ZIP number. ZIP - in our opinion this is the index. You can google "47201 ZIP Code" and check that it corresponds to the state, city and the data on the map is correct. If, when driving, you receive an error that the ZIP from the card is not correct, how can this be fixed? That is, the ZIP in the map data is left. Yes, find the ZIP at the address on the map. Drive in the address and see its ZIP.
In the CC data, you can also find Email KX - [email protected]... There may also be KX's phone number. Sometimes there is no phone number, like Email - yes / no. Depends on how the data was merged. If we do not need an Email from a card in 90%, then a phone number is usually needed. In stores where CC is sold, indicate what data is (with / without phone, and so on).
We'll find out why we need a phone on the map. Map data, as in our example, is mined by hacking stores and leaking the database, Fishing. That is, a person makes a purchase in an online store, drives in the card data, and it is drained and the base is put up for sale. Let's digress a little from the conference, watch part of the series, for a better understanding of how it works.
Let's go back to the card number:
4037840052172271
By this number, you can immediately understand by eye that our card is VISA. Yes, by the first digit. VISA cards start with the number 4. Master Card - 5. American Express - 3. Maestro are debit cards from Master Card. After the BIN numbers, we have numbers, not counting the last one, where the data is encrypted, about whether a debit card or a credit card, the card's currency and the region of issue. The last digit of the card is a check number, a special algorithm is used to check the correspondence of this number and the card number, that is, the last number is formed through mathematical operations with the rest of the digits. Bank cards can also be debit and credit, as we already understood. Debit cards have their own stable balance. Credit cards can go negative, that is, credit money.
403784 US VISA CREDIT PLATINUM US BANK NATIONAL ASSOCIATION ND
When we punch BIN. Level is the status of the card. We have Level - PLATINUM. For example, a student and a businessman will have cards of different status. That is, different limits, percentages, opportunities and similar things. For a higher status of the card, the client pays more for its service. International bank cards are used in international
payment systems . The most popular payment systems are Visa, MasterCard, Diners Club, American Express, JCB and China Unionpay.
The most widely available cards in the world are Visa Electron, Cirrus / Maestro. In most cases, they are debit cards and, as a rule, do not allow electronic payments over the Internet. This increases the safety of their use. These cards are the cheapest in terms of issuance and maintenance costs. The most popular in the world are Visa Classic and MasterCard Standard cards. They are both debit and credit, and also allow you to pay via the Internet.
Cards of the Gold / Platinum series are prestigious cards that emphasize the solidity of its owner. Used as an element of the image. Technically, Visa Classic - Visa Gold, MasterCard Standard - MasterCard Gold cards differ in design, cost of issue and service and, depending on the card issuing bank, different sets of services (for example, the provision of medical insurance, or a "concierge" service that allows you to book tickets on transport and to the theater, hotels and carry out a number of other assignments).
For Gold and Platinum cardholders, some shops and other organizations provide discounts and other benefits (for example, the opportunity to use a business class lounge at the airport regardless of the ticket category, special conditions for renting a car).
In addition, in connection with the proliferation of Gold and Platinum cards, international payment systems are introducing new formats for exclusive cards, indicating the extremely high status of their holder.
Also, there are titanium (Titanium) cards - the most prestigious cards that provide their owners with exclusive privileges around the world. The first such card was issued by American Express - the Centurion card.
Now about the money on the card, the balance of the card. It is impossible to find out the balance by buying simply the CC data. The balance can be found out, perhaps by making access to an online bank, like we have Sberbank Online. And then, only after the card was bought, and then additional information about KH was broken through. But this moment does not greatly interfere with our work, in the USA and Europe money is mainly stored on cards, there is usually a balance there. Also, there is the concept of "card validity", which means whether the card is alive / active. There is an option, we bought a card, we drive in, but it did not enter, usually the error is Card Decline. One of the options is that our map was originally dead, that is, not Valid, not working. Different stores and sellers who sell cards have different rules for returning such material (not Valid). To check for Valid cards, there are special Checkers CC, They work according to the principle - we enter the card into CheckerCC, a small card is inserted (Small debiting of funds), that is, it is checked and the result is given to us - Valid / not Valid. The disadvantage of such CC Checkers is that he can kill the card immediately after checking, even if he shows that the card is Valid.
CheckerCC works like this - we entered the card data into it, we check. CheckerCC debits a small amount from the card and returns them back to the card. If the money is debited, it indicates that the card is active (Valid). If not, not Valid. And why are CC Checkers making a refund of the funds debited to the card? So that it is not blocked (CheckerCC). Many cards pass through such Checkers CC, and banks know the codes on which CheckerCC is based. That is, it may be that they checked the card, Valid showed, but after that the bank is already blocking it.
This problem is not on all CC Checkers, the more private CheckerCC, the better. You can also check the card yourself by driving in some trifle. For example, driving into a donation. $ 1 - $ 5. If the transaction is successful, then the card is Valid. Donations to children, websites and so on. Also, the card can be blocked if it is driven into everything, that is, due to the large number of transactions, in a short period of time, the bank can block it, therefore, as a rule, one CC is one / two drives.
It is better to do it like this, hammered in - we got the result from the map and after that we can try again when we no longer risk anything. The problem of Valid material is a sore subject now, but there is a way out of all this.
FAQ:
A: How to select the correct BINs?
B: BINs you will intuitively learn to whip up in the process. It comes with experience. Over time, you will accumulate your own personal piggy bank of good BINs. The problem is that not only you know about these BINs, so they are quickly sold out (CC with good BINs). The solution is simple - to constantly monitor the stores selling CC, as well as to have several of these stores. For example, I hired a separate person who is looking for BINs and good CCs for me, immediately buys them up, and then I hit.
A: How acute is the problem with Valid material?
B: Sharp, but not critical.
A: Is there some kind of gradation of cards at face value on the card, how much can you expect when buying this or that card?
B: By status, yes.
A: What is VCC and what are its features in our business?
B: Virtual Credit Card - Virtual card, we'll get to know each other.
Try to capture the essence of each topic. Then you will have a complete picture. Structure is important.
Types of cards (SS). Lesson 1.1 (For general information)
So, let's start with the types of American Exspress cards: The
reputation of the American giant of financial transactions today is impeccable and carefully maintained at the highest level. American Express focuses on the quality of service and service and builds its relationships with customers based on years of experience and tradition. The company offers personal and corporate credit cards.
Holders of corporate cards (Corporate Cards) are employees of large world corporations.
There are four types of personal cards: Personal Card (the so-called
“Green”), Gold Card, Platinum Card and Centurion Card (in ascending order of priority). All of them differ only in class, as traditional benefits are relying on every AmEx customer.
Next, there are VISA cards:
Visa Electron - the simplest type of cards. It has no convex elements, which limits the possibility of using this type of cards in terminals based on taking an impression from a card (Mechanical copying without connecting to a database). As a rule, there are minimum transaction limits and minimum guarantees.
Visa Virtual Card is a card for making payments over the Internet. Sometimes "Issued" without physical card issuance. In fact, this is the provision to the owner of only card details (Number, CVV2, date of validity), which can be used to pay via the Internet. The issue of the card is reduced in price, but the security is reduced. Usually they are prepaid at the time of issue and do not provide for the possibility of replenishment. They can be anonymous, which sometimes causes difficulties in processing in payment systems with mandatory verification of the owner's name.
Visa Classic is a card with a standard set of functions. This includes payments at most merchants that accept cards, booking various goods and services on the Internet, insurance of money in the account, and so on.
Visa Gold is a card that has additional guarantees of the holder's solvency, higher payment and credit limits compared to Classic, as well as a number of additional services, including express cash withdrawal and emergency card replacement in case of loss or theft of the card away from the issuing bank , additional discounts and privileges in areas such as travel, car rental, purchase of exclusive goods and services. As a rule, along with mandatory privileges from the payment system, card issuing banks offer their own additional services for Gold and higher cardholders.
Visa Platinum is an elite card that usually provides the holder with the opportunity to
receive additional services, discounts, and insurance in amounts exceeding the privileges for Gold card holders.
Visa Signature is a card product for especially wealthy clients, the distinctive features of which are maximum purchasing power, increased limits on various groups of card transactions, exclusive services in the field of leisure, shopping and travel, as well as a concierge service and special features on a personal page on the Internet. ...
Visa Infite is positioned as the most prestigious card for clients with the highest paying capacity. In some cases, the credit limit for such a card is unlimited.
Visa Black Card is an elite image product. The material for the manufacture is not ordinary plastic, but a patented special carbon fiber. It is positioned as a symbol of the holder's belonging to the top of society. Due to increased requirements, in the United States, no more than 1% of residents can become owners of this card. The owner will be able to stay in VIP lounges of international airports, use the services of a concierge service, travel insurance, cover for damage in case of a car accident, and reimbursement of costs in case of cancellation of trips.
Visa Business Credit and Visa Business Debit are cards for representatives of legal entities designed for payments in the interests of business. These cards are positioned as a product for small businesses.
Visa Business Electron Card - cards are positioned by the payment system as a product for small businesses in countries with emerging economies.
Visa Corporate - business segment cards designed for medium and large businesses.
Visa Fleet - business segment cards targeted at companies that use vehicles in their core business. This type of card helps companies track the operating costs of their fleet, as well as receive additional discounts on fuel and service.
Visa Debit is a card for everyday expenses. Its peculiarity is that funds are debited from the client's deposit account, as if he were withdrawing cash from the account or writing checks to pay for purchased goods or services.
Visa Prepaid Card is a card, the balance of which is replenished when issued at the bank, and further operations are carried out within the limits of the available balance of funds. A variation of this type of card is a Gift Card. A variation of this type of cards can also be considered cards of instant issuance - Visa Instant Issue - pre-personalized, but not personalized (without specifying the name of the holder). A feature of this type of cards is the quick issue of the card, as a rule, within 15-20 minutes from the moment the client contacts the bank.
Visa TravelMoney is a card designed primarily for the safe transportation of funds, for example, while traveling, being a more technologically advanced analogue of traveler's checks. As a rule, with this type of cards, only cash withdrawals from ATMs are possible, however, some banks also allow purchases with TravelMoney cards.
Visa Mini Card is a reduced format card, often issued with a hole, implying use as a key fob and not only. It should be noted that proximity to metal keys is highly undesirable and can adversely affect both the information recorded on the magnetic stripe and lead to increased mechanical wear of the card. Due to the non-standard format, this type of cards cannot be used in ATMs, terminals with contact chips (Contactless protocol is supported - if the card is equipped with such a chip), and it will also not be possible to use the card in imprinters. Thus, this product is only suitable for paying for purchases or receiving cash at points equipped with an electronic terminal capable of operating on a magnetic stripe or contactless chip. For this reason, this type of card is usually
Visa Buxx - the target audience of this card are teenagers who do not yet have an independent income. Parents have the opportunity to credit "non-cash pocket money" to the card and monitor account movements.
Visa Horizon is a debit card that stores funds on the chip itself, pre-authorizing them from a bank account. When using it, there is no need to establish real-time communication with the issuing bank to obtain authorization. All information about the available balance is located on the card itself in the memory of the built-in chip and is available for reading by the terminal at the point of sale. The cardholder, if necessary, can replenish the balance on the card from his bank account either through an ATM, or through one of the terminals in the trading network or bank branches. Visa Horizon is ideal for situations where there are connectivity issues or none at all. Since there is no risk of insolvency or cost overruns due to pre-authorization for this product, then Visa Horizon is ideal for issuing to customers who do not have a banking or credit history. Unlike a card with an electronic wallet, in which the balance on the card is prepaid and if the card is lost, the client loses unspent funds from the card, Visa Horizon allows you to recover the funds remaining on the client's bank account at the time of the card loss.
Visa Cash or, as it is commonly called, "electronic wallet", is a prepaid card and combines the convenience of payment cards with the security and functionality of an embedded chip. Visa Cash allows you to easily and quickly pay for minor expenses, so it can mainly be used to buy inexpensive items such as newspapers, movie tickets, to pay for short phone calls, and so on. The Visa Cash card can be either rechargeable or disposable. The decision on this is made by the issuing bank, which issued the card, and agreed with the client.
Visa Payroll is a common type of card that immediately upon purchase provides insurance for the personal property of a person purchased with this Visa card. The total amount of insurance cannot exceed 50 thousand dollars per person. At the moment, these cards are only issued in the United States.
Visa Check, Visa Gold Check and Visa Business Check are cards created for cooperation with airline mileage programs. This mainly concerns the NWA WorldPerks system.
Visa Platinum Check is similar to the previous three cards, but cannot be combined with the WorldPerks program, although it provides more opportunities for holders than Visa Check or Visa Gold Check.
Visa Purchasing - the card has been offered by banks since 1994 and is designed to account for the costs of office needs. The card can be used by both medium and large companies and is issued, as a rule, to people who are responsible for economic activities in these companies. Its use allows companies in both the private and the public sector to do without the labor and paper-intensive process of processing small purchases of goods and services. The card is directly intended for the purchase of goods and payment for services in the amount within 5 thousand US dollars. For these cards, banks are subject to requirements for a special reporting form for invoicing. Thanks to this form, the company can significantly save on administrative costs associated with the purchase of goods, as well as receive information,
Visa Commercial - Creates an easy consolidation of expenditure data from all departments, divisions and subsidiaries of the company, which provides an integrated view of all expenses for events, procurement, and travel expenses.
Please note that not all map types are available in some countries or regions. This may be due to the peculiarities of the legislation of a particular country, as well as regional restrictions of the payment system itself.
Next, consider cards of the Master Card type (Basic):
MasterCard Maestro are the most affordable bank cards due to their low cost and initial payment. By purchasing it, you become the owner of a full-fledged international card that is widely used in the world.
MasterCard Standard - the presence of such cards emphasizes that you are an accomplished person who successfully conducts business. When traveling abroad and having one of these cards with you, you will have no problem booking a hotel room or renting a car.
MasterCard Gold - these cards inspire more respect for the owner of this card. They unequivocally say that his authority and weight in society is higher than usual, that a person has achieved serious results in his life. This gives the holder of "gold" cards the right to discounts when ordering expensive hotel rooms and when shopping in prestigious stores.
MasterCard Platinum - special premium class bank cards. They give limitless possibilities, complete freedom and exclusivity. The platinum card holder is provided with the VIP status anywhere, anywhere in the world. This guarantees both high quality service and substantial discounts.
In addition to the existing cards, customers are offered to acquire an American Discover (starts with the number 6).
Discover, on the contrary, is kind of popular, and initially focused on credit programs. The main feature of the system is bonuses. When buying goods and services using borrowed funds from the card, some part of the amount (very insignificant) is returned to the client, while the more you spend, the greater the percentage of return.
It's not profitable to use Discover cards! There are several reasons for this. Firstly, it is completely unclear where it will be possible to pay with them, since this payment system is not accepted everywhere. And if they do, then there, no doubt, the prices will be somewhat overpriced. Secondly, the problem with ATMs - it will only be possible to put it in the ATM of the issuing bank. With the appropriate level of commission. Thirdly, you can't go to Europe and Asia with this "plastic" either - the logo with an orange "orange" in the center is extremely rare to see in the Old World. Those who often travel to the USA or Canada can always pay with their usual Visa.
However, some proponents have called it the best credit card for people concerned about online fraud and privacy.
Encryption. Safety. Anonymity. Lesson 2.
Let's talk about encryption. I must say right away that this is a rather difficult topic, and it is not 100% mandatory either. Rather, this information is needed by those who have already really achieved something (in our business) and want to seriously take up their security and anonymity. This lesson describes what security is, how it is achieved, and so on. If it seems to you that this is too difficult for you or not necessary, then you can safely proceed to the next lesson.
Again, this information is not 100% mandatory, but very useful for general understanding.
So, we will discuss and analyze the fundamental foundations of encryption, we will study symmetric and asymmetric encryption, we will also slightly touch on such concepts as: hashes, SSL, TLS, certificates, data interception using the SSLStrip utility and weaknesses associated with encryption. This is the fundamental knowledge required to select the appropriate security controls to mitigate risks.
In general, encryption has two parts - encryption and decryption. With the help of encryption, three states of information security are provided:
1. Confidentiality - encryption is used to hide information from unauthorized users during transmission or storage.
2. Integrity - encryption is used to prevent information being changed during transmission or storage.
3. Identifiability - encryption is used to authenticate the source of information and prevent the sender of information from refusing from the fact that the data was sent to them.
In order to read the encrypted information, the receiving party needs a key and a decryptor (a device that implements the decryption algorithm).
The idea of encryption is that an attacker, intercepting encrypted data and not having a key to it, can neither read nor change the transmitted information. Let's imagine a closed door with a lock in order to find out what is on the other side of the door, we need to open it with the key from this lock. So it is in the case of data encryption. Only instead of a lock, we have a data encryption algorithm, and instead of a key, a secret key (Password) for decrypting data.
The main purpose of encryption is used to store important information in encrypted form. In general, encryption is used to store important information in unreliable sources and transmit it over insecure communication channels.
Such data transfer represents two mutually inverse processes:
1. Before data is sent over a communication line or before being stored, it is encrypted.
2. To restore the original data from encrypted data, the decryption procedure is applied to them.
Encryption was originally used only for the transmission of confidential information. However, later they began to encrypt information with the aim of storing it in unreliable sources. Encryption of information for the purpose of storing it is still used now, this avoids the need for physical secure storage (USB, SSD-disks).
What are the encryption methods:
1. Symmetric encryption - uses the same key for both encryption and decryption.
2. Asymmetric encryption - uses two different keys: one for encryption (also called public), the other for decryption (called private), or vice versa.
These methods solve specific problems and have both advantages and disadvantages. The specific choice of the applied method depends on the purposes for which the information is encrypted. In order to make the right choice in the encryption approach, which encryption method to use where, and to answer other related questions, you will need to understand what encryption is, as I said earlier.
For example:
• The sender sends an encrypted message: "Hello, Anton"
• Attackers intercept this message, but since they do not have a decryption key, they only see the character set: "% # & $!"
• The recipient, having the decryption key, can easily read the message sent by the sender in encrypted form, and he already sees the sender's text in its original form: "Hello, Anton"
It will not be an exaggeration to say that encryption is the best tool there is in our arsenal to protect you from hackers and surveillance.
Encryption is a method of converting human-readable data, called plain text, into a form that cannot be read by a human, and this is called cipher text. This allows you to store or transmit data in an unreadable form, due to which it remains confidential and private.
Decryption is a method of converting ciphertext back into human-readable text. If you do a simple Google search, you will see HTTPS and a green padlock icon, which means that all the content of the web pages is not readable by people who are monitoring data transmission over the network.
There are two main components of encryption:
1. The encryption algorithm is publicly known and has been studied by many, many people in an attempt to determine if the algorithm is strong.
2. Secret key - you can imagine that the secret key is a password and it must be kept secret.
The algorithm can be thought of as a lock, and the secret key is the key to that lock. In symmetric cryptosystems, the same key is used for encryption and decryption.
Let's take an example. I want to send some file to Anton, but I don't want any third parties to be able to view it. For clarity and ease of use, I decided to encrypt this file with the 7-Zip program. The same structure is used to encrypt sectors / disks in VeraCrypt, TrueCrypt.
Definitions:
1. An encryption algorithm is the mathematical process of converting information into a string of data that looks like a random set of characters and letters.
2. The hash function is the transformation of the input data into the output bit string. The function of the function is to maintain integrity and to detect unintended modifications.
At the output, we get an encrypted archive, which, in order to unpack and obtain information that is inside, you must enter the decryption key, in simple terms - a password. Let's say that I used a symmetric block cipher algorithm - Advanced Encryption Standard (AES) for encryption. This algorithm uses only one key, the key is created using our password. Also, you can choose what block size will be used 128/256/512/1024 bits.
Imagine a door and many locks on it. It will take you a long time to open or close this door. Also with algorithms, the higher the bitrate, the stronger the algorithm, but the slower it encrypts and decrypts, you can consider this the strength of the algorithm.
256/512 bits is also the amount of key space, that is, a number that indicates the total number of possible different keys that you can get using this encryption algorithm.
To break a symmetric cipher, you need to sort out 2 ^ N combinations, where N is the key length. To break symmetric encryption with a key length of 256 bits, you can create the following number of combinations, that is, possible keys: 2 ^ 256 = 1.1579209e + 77 or if you expand 1.1579209e * 10 ^ 7, then the calculation results in the following number of possible variations (This is 78- bit number):
Code:
2^256 = 115792089237316195423570985008687907853269984665640564039457584007913129639936
If anything, you can check this number yourself here - kalkulyatoronlajn.ru
Thus, for everyone who doubts the safety of the chances of a collision 2 ^ 256, there is a number: where is the probability that a collision will have one of more than 1.1579209e * 10 ^ 7 = 78-bit number (The number above). Simply put, this hit or collision itself is almost impossible.
All this means that the key is extremely difficult to find, even with the help of very powerful computers, but provided that you used a long and random password when generating the key. Let's talk about the password separately, which one to use, and so on. Together with programs and why.
People and governments are constantly trying to break encryption algorithms. I will give you a list of algorithms which are good and which are not, which of them lend themselves to hacking, and which are currently impossible to hack.
Symmetric encryption algorithms:
1. Data Encryption Standard (DES) is a symmetric encryption algorithm developed by IBM and approved by the US government in 1977 as an official standard (FIPS 46-3). The block size for DES is 64 bits.
2. Triple-DES (3DES) is a symmetric block cipher, created in 1978 on the basis of the DES algorithm in order to eliminate the main disadvantage of the last small key length (56 bits), which can be broken by brute-force attack.
3. Blowfish is a cryptographic algorithm that implements block symmetric encryption with variable key length.
4. RC4 is a stream cipher widely used in various information security systems in computer networks (for example, in SSL and TLS protocols, WEP and WPA wireless security algorithms).
5. RC5 is a block cipher developed by Ron Rivest of RSA Security Inc. with variable number of rounds, block length and key length. This expands the scope and simplifies the transition to a stronger version of the algorithm.
6. RC6 is a symmetric block cryptographic algorithm derived from the RC5 algorithm.
7. Advanced Encryption Standard (AES) is a symmetric block encryption algorithm (Block size 128 bits, key 128/192/256 bits), adopted as an encryption standard by the US government based on the results of the AES competition. This algorithm has been well analyzed and is now widely used, as was the case with its predecessor DES.
Symmetric algorithms are used in most encryption systems that you use on a daily basis: HTTPS, Full disk encryption (TrueCrypt, VeraCrypt and others), File encryption (7-Zip, WinZip and others), TOR, VPN. Symmetric encryption is used almost everywhere.
The Advanced Encryption Standard (AES) is the generally accepted standard for symmetric encryption. For maximum security, use AES-256 whenever possible. AES is fast and today it is impossible to crack it (Provided that you have a strong password, we will discuss this below).
Asymmetric encryption. Very smart people have invented this public and private key encryption and algorithms based on the complexity of certain mathematical problems. I will not go into the mathematical details, because understanding them is not necessary for your defense. To make the right choice of security tools, you just need to have a basic understanding of algorithms and the strength of algorithms, as well as the cryptographic systems that you intend to use.
As we know, in the symmetric encryption method, one secret key is used, while in asymmetric encryption methods (Or public key cryptography), one key (Public) is used to encrypt information, and another (Secret) is used to decrypt the information. These keys are different and cannot be derived from one another.
Let's consolidate the material:
Symmetric encryption method - one key, uses the same key for both encryption and decryption.
Asymmetric encryption method - two keys: public (Public) and private (Private).
So let's say we have a file for Anton that was encrypted with 7-Zip using the AES-256 encryption algorithm and a strong password, but how do we deliver the password to Anton so that he can decrypt the file?
The best way to convey something and be sure of the delivery of information to the specified addressee is in person. But this is not a very good idea, since we may simply not know where the addressee is, or he may be so far away that it becomes problematic to deliver something "in person", or maybe we just need anonymity.
Asymmetric algorithms (using public and private keys):
1. RSA (Rivest-Shamir-Adleman) is a public key cryptographic algorithm. This algorithm is very popular, one of the most common asymmetric algorithms you'll see, and I'll show you where to look for them and how to use them. The cryptographic strength of this algorithm is based on the complexity of factorizing or decomposing large numbers into the product of prime factors.
2. ECC (Elliptic curve cryptosystem) is a widespread and gaining popularity algorithm. This cryptographic system is based on elliptic curves, or ECC. The robustness of this algorithm relies on the problem of computing discrete logarithms on elliptic curves.
3. DH (Diffie-Hellman) - Its durability is based on the problem of discrete logarithm in a finite field. Diffie-Hellman is becoming more and more popular because it has a property called Forward Secrecy, which we will discuss later.
4. ElGamal - ElGamal scheme, and the cryptographic strength of this algorithm is also based on the complexity of the problem of discrete logarithm in a finite field.
Cryptographic strength (The ability of a cryptographic algorithm to resist cryptanalysis) - This algorithm is based on the complexity of factorizing or decomposing large numbers of a product of prime factors.
These asymmetric algorithms help to solve the problem of exchange or agreement of keys, and also allow the creation of so-called electronic digital signatures. So we can potentially use public and private keys to send Anton our private key in a secure manner, without the possibility of intercepting its contents.
Again, public and private key algorithms use two keys, not one as in symmetric encryption. The difference is that in asymmetric encryption there is a public key that is created to be known to any person, that is, it is a public key, and there is a private key that must always be kept secret and kept private. These keys are mathematically related and both are generated at the same time. They must be generated at the same time because they are mathematically related to each other. Any website using HTTPS has a public and private key that is used to exchange a symmetric session key in order to send you encrypted data.
It looks a bit like a Zip file. They use these public / private keys and then they need to send another key, such as the key we use for the Zip file, in order to do the encryption (End-to-end. Let's break it down further).
Remember:
If you encrypt with a private key, you need a public key to decrypt. If you encrypt with a public key, you need a private key to decrypt.
In asymmetric encryption, if a message is encrypted with one key, then a second key is needed to decrypt that message. If you encrypt with a private key, then you need a public key to decrypt. If you encrypt with a public key, then you need a private key to decrypt. It is not possible to encrypt and decrypt with the same key, and this is extremely important. For encryption or decryption, you always need interconnected keys.
So, back to our question. What are all the same ways to deliver a password?
Method one
In the first method, the sender encrypts using the open (Public) key of the recipient - Anton. This means that you need anonymity and confidentiality,
so that no one can read the message except the recipient. Let's say you encrypt a file using the recipient's public key. The message can only be decrypted by a person with a suitable private key, that is, Anton's private key. Since we know that these keys are interconnected, we encrypt with some, decrypt with the other, and nothing else.
The recipient (Anton) cannot identify the sender of this message. Since the public (Public) key is public, it is usually laid out in the public domain, and anyone can use Anton's public (Public) key for encryption. When the sender encrypts using the recipient's public key, the message is confidential and it can only be read by the recipient who has the private key to decrypt the message, but as I said earlier, there is no possibility of identifying the sender, provided, of course, if you do not send any or data for your subsequent identification
Method two
All of the above results in the second way of using public (Public) and private (Private) keys. If you encrypt with your own private key, then that means you are interested in authentication. In this case, it is important for you that the recipient knows that it was you who sent the encrypted message. To do this, you encrypt the password (File) with your private key. This gives the recipient confidence that the only person who could encrypt this data is the person who owns that private key, your private key.
For example, you are the creator of some kind of software, but the government is not good at it and in every possible way obstructs your activities.
Let's simulate the following situation:
Let's say I want to download this software, here is the hash of this file, however, if the website is compromised, it means that attackers could spoof this file for downloading and add a virus or something to it to spy on me and they could also change the checksum.
So this hash doesn't mean anything. It will not help detect deliberate modification of the file. We need something else to make sure this site is in fact the official site of the software.
And this is where we come to certificates, digital signatures and other means. All these documents are obtained as a result of cryptographic transformation of information using a private signature key and allowing you to check the absence of distortion of information in an electronic document from the moment the signature is formed (Integrity), the signature belongs to the certificate owner (Authorship), and in case of successful verification, confirm the fact of signing the electronic document (non-repudiation).
Encrypting data with the sender's private key is called the open message format because anyone with a copy of the corresponding public (Public) key can decrypt the message. You can think of it as if you officially put something on the internet for public access, and since
you encrypted it with your private key, anyone can verify that it was you who left this message. Confidentiality or anonymity in this case is not ensured, but authentication of the sender, that is, you, is provided.
Further. When various encryption technologies are used in combination, such as the ones we talked about earlier, since they can all be used in combination and cannot be used in isolation, they are called a cryptographic system, and cryptosystems can provide you with a variety of security features.
A cryptographic system can provide you with a variety of security features. Among these means:
1. Confidentiality - the need to prevent leakage (Disclosure) of any information.
2. Authentication is an authentication procedure, that is, we know that Anton is really Anton and no one else.
3. Avoiding rejection - which means that if you sent an encrypted message, then later you can not begin to deny this fact.
4. Credibility - authenticity that the message has not been modified in any way.
Examples of cryptosystems are any things that use encryption technology, they are: PGP, BitLocker, TrueCrypt, VeraCrypt, TLS, even BitTorrent, and even 7-Zip.
For example, so that we can send our file to Anton, we can use Anton's public key to encrypt files or to transfer anything encrypted. But first, of course, we need Anton's public key, we just need to get it once in some secure way, and after that we can always send encrypted messages that are only available for reading to Anton.
PGP - This is a system that we can use for these purposes, it uses technology to encrypt messages, files and other information presented in electronic form.
PGP (Pretty Good Privacy) is a computer program, also a library of functions that allows you to perform encryption and digital signatures of messages, files and other information presented in electronic form, including transparent data encryption on storage devices, such as a hard disk. For these purposes, we can use Jabber + PGP.
More on this below. But let's get back to encryption. When it comes to public / private key cryptography or asymmetric encryption, there are both strengths and weaknesses.
Asymmetric encryption - public and private keys:
1. Better key distribution, since Anton can put his public key directly into his signature and anyone will be able to send it to her
encrypted messages or data that only he can read.
2. Scalability - if you are using symmetric keys and want to send your file to Anton and, say, ten other people, you will have to share your password 10 times. It is not scalable at all. Asymmetric algorithms have better scalability than symmetric systems.
3. Authentication, rejection prevention - this means if you sent an encrypted message, then later you can not begin to deny this fact. Since it was encrypted with your private private key, your private key.
4. Slow - If you look at the message length in bits after asymmetric algorithms work, you will notice that it is much larger than that of encryption algorithms with symmetric keys, and this is an indication of how much slower they are.
5. Mathematical-intensive - The longer the length in bits, the greater the number of mathematical operations, and, therefore, the greater the load on the system.
Symmetric encryption - private key:
1. Fast - if you look at the message length in bits after symmetric algorithms work, you will notice that it is much less than that of asymmetric key encryption algorithms, and this is an indication of how much faster they are.
2. Reliable - Look at the above about AES-256, where it was calculated with the number 2 ^ 256 and see for yourself, but there are 384/512/1024 and more.
In order to secure the material, let's go back to the analogy with the number of locks on the door. With public and private keys, there are many, many locks on the door, so encryption and decryption takes much longer. For a central processor, this is a large amount of mathematical operations, which is why there are hybrid systems, or hybrid cryptographic systems. Public and private keys are used to exchange negotiation keys, and we use symmetric algorithms such as AES to encrypt data, thereby maximizing the benefits. HTTPS, using the TLS and SSL protocols, is an example of a similar type of hybrid system as is PGP.
FAQ:
A: 1. Are the methods of steganography somehow applied in your work? 2. Asymmetric encryption for example works like this - we encrypt with public AES, decrypt with a conditional password: qwerty?
B: 1. Of course apply, everything depends on you. 2. We create a mutual pair - private and public. You encrypt with some, decrypt with others. Private also with a password phase is symmetrical.
A: What method can be used to transfer the code to Anton? (Example)
B: Depends on the situation, in general, it's easy to verify it through OTR by fingerprint. And only later, when it was verified by OTR, you can throw it right there, or by another encrypted source that you trust and are sure that Anton is really Anton.
A: Is it possible to modify a file without changing its checksum?
B: In fact, it is possible, but not cost-effective, since basically the entire hash of the file depends on the weight of the file, for example, the weight of the file is 1,454,458 bytes, and the file that was changed is 1,594,137 bytes and their hash will differ and here it is necessary to fit perfectly and it all depends on the type of encryption else. In fact, no. Since you have to remove something from it and replace it with something to fill the space. I think the gist is clear to keep and so on.
Let's now talk in more detail about what encryption consists of.
Hashing is the transformation of an array of input data of arbitrary length into a (Output) bit string of a fixed length, performed by a specific algorithm. The function that implements the algorithm and performs the transformation is called
"Hash function" or "Convolution function". The original data is called the input array, "Key" or "Message". The transformation result (Output data) is called "Hash", "Hash-code", "Hash-sum", "Message summary".
The hash function accepts input of any size. It can be E-mail, file,
word. And the data is converted using a hash function, for example, into the following form:
Code:
732b01dfbfc088bf6e958b0d2d6f1482a3c35c7437b798fdeb6e77c78d84ccb1
An important feature of the hash function is that you cannot convert from the hash back to the original input. It is a one-way hash function and does not require keys.
There are many examples of hash functions: MD2, MD4, MD5, HAVAL, SHA, SHA-1, SHA-256, SHA-384, SHA-512, Tiger, and so on. Nowadays, if you are looking for a cryptographic system, you should use SHA-256 or higher, I mean SHA-384 and SHA-512 and so on.
To make it easier to deal with the material, let's move away from the dry text and simulate the situation. Let's say you need to download the Windows 7 Home Premium operating system for yourself.
We know that this operating system comes from Microsoft developer, then we go to the search and make the following search query:
Code:
site:microsoft.com Windows 7 Home Premium hash
Site operator: This operator restricts the search to a specific domain or site. That is, if we make a request: site: microsoft.com Windows 7 Home Premium hash, then the results will be obtained from pages containing the words "Windows", "7", "Home", "Premium" and "hash" on the site " microsoft.com ”and not elsewhere on the Internet.
This information is also key for searching online stores using operators in search engines. In this way, you can easily find the hash of the Windows 7 Home Premium 64bit operating system on the official Microsoft website: SHA1 Hash value:
6C9058389C1E2E5122B7C933275F963EDF1C07B9
In general, I would recommend finding hash sums and performing searches starting from 256 and higher, but on the official site there was only this amount, so I will take what is. Next, we need to find a file that corresponds to a given hash, for this we also use the Google search engine and operators, how to search using operators and what is the link above.
Code:
inurl:download "6C9058389C1E2E5122B7C933275F963EDF1C07B9"
After when you download this file, then using our hash-sum, you can make sure that this file has not changed, that is, it has integrity.
There are tools you can download to do this:
https://en.wikipedia.org/wiki/Comparison_of_file_verification_software
One such tool is Quick Hash (quickhash-gui.org), and I will show you how to check hash sums and ensure the integrity of the information received.
Also, I will attach below, information on other hash-sums of this file:
Code:
MD5: DA319B5826162829C436306BEBEA7F0F
SHA-1: 6C9058389C1E2E5122B7C933275F963EDF1C07B9 SHA-256:
C10A9DA74A34E3AB57446CDDD7A0F825D526DA78D9796D442DB5022C33E3CB7F
SHA-512: E0CB678BF9577C70F33EDDC0221BC44ACD5ABD4938567B92DC31939B814E72D01FAC8 82870AB0834395F1A77C2CD5856FD88D2B05FBE1D1D9CCE9713C1D8AB73
You may notice that as these numbers increase in the hashing algorithm, the hash length gets larger as it is the length in bits. SHA-1 is short, 256, 512 and MD5, which is weak and should not be used at all. So this is a way to confirm that the file you downloaded is intact.
Some of you may be wondering,
"What if the file I'm about to download is already compromised?"
Let's say we have a website (veracrypt.fr) of the VeraCrypt software
https://ru.wikipedia.org/wiki/VeraCrypt.
And I want to download VeraCrypt, the site has hash sums of files encoded in SHA-256 and SHA-512
Code:
SHA-256: 6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b49e3897677896e
VeraCrypt Setup 1.21.exe
SHA-512:
5c68a5a14fa22ee30eb51bc7d3fd35207f58eefb8da492f338c6dac54f68133885c47fa2b172d8783614 2c75d838dac782b9faca406a2ffb8854cc7d93f8b359
VeraCrypt Setup 1.21.exe
However, there is one "BUT", if the website was compromised, it means that the attackers could spoof this file for downloading and add something to it, a virus or something for surveillance, and they could also spoof the checksum ...
Therefore, it turns out that the hash does not mean anything, that is, it cannot detect deliberate modification of the file. And we need something else to make sure that the software in question really comes from the developer. That the VeraCrypt site is the official VeraCrypt site and so on.
And here we come to certificates, digital signatures and other means, which we will now analyze, but for now, let's touch on the not unimportant essence of hashing.
Passwords, and everything you need to know about them. When you enter a password on a website or operating system, it is extremely bad way to store that password in a database, because if that database is compromised, your password will be compromised too. But let's see what a good password is. And what passwords should and should not be used. Usually, passwords are searched through all kinds of password dictionaries, or the so-called password database, and so on.
I think it is clear from the password database that this is when there is a certain list of passwords that is selected for authorization. And according to the dictionary, this is when the password brute-force method is used, based on the data collected on you, for example, or without it, that is, composing words for example:
Moscow Street 1905Goda Masha - then such a password will not be strong, even assuming that it will be typed in a different layout, since it will be easy to sort it out, collecting information on you and analyzing it, you can start a narrowly targeted search in the dictionary with the compilation and generation of the desired type of password.
What I can recommend about passwords:
1. Use a strong password, I think many of you have at least heard this phrase, use strong passwords in the form of numbers, uppercase letters, lowercase letters and special characters, but it's not so easy to remember it all, but surely you know at least one such password without semantic meaning
Let's assume that this password is 3hF9 $ u? H, but it is small - only 8 characters, such a password is not overly secure, but plus such a password that we can use it when encrypting a disk, for example, protected partitions. Do not use such a password, preferably anywhere. Just remember it somehow and store it in some protected place. For example, I know several sets of symbols that lie in my head and are not used anywhere.
Let's take our password MoscowStreet 1905godaMasha and slightly modernize it, with our character set - MoskvaStreet! 90% 3hF9 $ u? HyearMasha, as we can see, I pressed the “Shift” key when entering 1 and 5 and they were replaced with special characters. That is, in the English layout it will look like this VjcrdfEkbwf! 09% 3hF9 $ u? HujlfVfif, and such a password is easy to remember, since it has a meaning, plus a unique secret key (Cipher) that you have in your head and nowhere used.
You can also reconcile your passwords or what it is composed of against a list of published passwords.
2. Using a password of at least 21 characters.
3. Storing all sorts of notes, passwords, and other confidential information in encrypted form, for this you need to use full disk encryption programs such as VeraCrypt, TrueCrypt and other analogs, I myself use VeraCrypt.
And for passwords and password notes, use KeePass 2: https://en.wikipedia.org/wiki/KeePass or KeePassX 2 https://ru.wikipedia.org/wiki/KeePassX
Keepass is the first version. Only old-format databases are able to do it (they seem to be easy to decipher).
Keepass 2 is the second version supporting the current .kbdx format, they cannot be decrypted (or rather, I have not seen any options).
KeepassX is the first version of Keepass rewritten in C, like its progenitor, it can only .kbd files, but it is cross-platform.
Since the second version, KeepassX can also do .kdbx (keepassx.org/changelog)
I myself use KeePass 2, as I am more impressed by this interface and my other whims. So I recommend it. Remember these three fundamental things about passwords.
Let's talk about digital signatures. Let's go back to our VeraCrypt. How do you know if the site is really official and the software comes from the developer?
A simple and rather tricky way to find the official site is to find the software on Wikipedia and then follow the link to the official software site. However, we can also click on the green lock and see the certificate that it was issued.
The digital signature is the hash value. It is the result of a fixed size hash function that is encrypted with the sender's private key to create a digital signature or signed message. Technically speaking, a digital signature is a mark that confirms the person who signed the message. This is the issuance of a guarantee for an object that was signed with its help.
For clarity, what a digital signature is, I give you a little reminder. We look at the signing:
Signing: What you can see in the picture above, but based on our file we are parsing:
Hash Algorithm -> Hash Value (6cff2cce52eb97321b1696f82e9ccefa7c80328d91c49bf10b49e3897677896e) -> Private Authentication = Digital Signature
If the encryption object is digitally signed because the encryption object is signed encrypted with a private key that only the owner of that private key can encrypt. This is authentication. It ensures that no denial of authorship is possible, since, again, the sender's private key is used. And it provides integrity because we are hashing.
A digital signature can be used, for example, in software. Can be used for drivers inside your operating system. It can be used for certificates and confirm that the signed objects come from the person specified in the certificate, and that the integrity of the data of these objects has been preserved, that is, they have not undergone any changes.
But how can we make sure that the file really comes from the developer, in our case VeraCrypt? That is, so that in case of deception, you could say with 100% certainty that you used their software, and it was signed by their digital signature.
The certificate can be verified, but usually it is verified automatically:
What we see here. The certificate was issued to: to whom - IDRIX SARL, by whom - GlobalSign. So GlobalSign is the company whose private key was used to digitally sign this program. GlobalSign says: "This software is legitimate and has not been modified." It says here: "The certificate is intended to certify that the software comes from the software developer, the software is protected from modification after its release."
To find out if this is a valid digital signature or not, we need to reverse the original process.
That is, we look again at our memo:
Verification: What you can see in the memo above, but based on our file that we parse:
Signed message → Public key (This .asc file usually has the following form - idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc, private the key also looks like) = Hash value, that is, it should look like:
Code:
d55c26807a591643dd4c21ac0ffaaa733aafa52307d36ed9a95ed0a5ef35e4fe
After that, this hash value will need to be verified with the specified hash, that is, we open the QuickHash program there, run our file and in the algorithm that it is presented to us, everything should match, if it does not match, then the file itself has been changed, and there may be a virus , or something to wiretap us, or something else not very good.
Code:
SHA-256: d55c26807a591643dd4c21ac0ffaaa733aafa52307d36ed9a95ed0a5ef35e4fe VeraCrypt Setup 1.23-Hotfix-2.exe
I checked the received hash, and as we can see in the screenshot below, they are identical. Therefore, the files are legitimate and correspond to the developer's digital signature, and this file definitely comes from him.
And this software will be to blame (more precisely, its creator) if your computer gets infected with WannaCry or some other not very good virus. Read it several times if you do not understand, and try to understand. This moment is really important.
And what we saw on our wonderful memo is that Windows verifies the certificate for authenticity, that indeed such a certificate is registered with such a number.
Let's use an analogy to understand what Windows does when it writes these lines in a certificate:
You came to the bank with counterfeit money, and they check the money through special solutions or devices, and then the paint is suddenly washed off, or the watermarks do not show through and they tell you that your bills do not match and this is a fake, so is Windows. That is, if someone else rewrote all the certificate data and made a copy of the certificate for signing, with such data, then it would not correspond to reality, and this is a more complex topic, but I think that everything is clear.
And if verification fails, you usually see a warning like this:
This means that either the file does not have a digital signature, or Windows (Think of a bank employee) does not trust this digital signature (And in the case of a bank employee, he does not trust your bill). You can check it, the method I described above (And the bank employee can check on his device or there by applying solutions).
In Linux, everything is simple with this, since you just do not install proprietary software, since all software is usually installed from the official repositories, where all testing is carried out.
I'll tell you about Linux and its benefits in more detail later.
Let's go through this material again, because I'm sure some of this may seem rather difficult to understand. We look again at our memo. We see "Signing".
So, the hash value (of the program itself. That is, if a person himself ran it through QuickHash), which was encrypted using the private key (His private key) of the sender or software release. This is a digital signature. It provides authentication, non-repudiation, and integrity. And if you encrypt something and in addition digitally sign it, you can achieve confidentiality along with authentication, non-repudiation, and integrity. Digital signatures certify that a program or something else came from a specific person or publisher, and they protect software or messages from modification after they have been published or sent. On this I think we figured out the digital signatures.
Let's now move on to End-to-End encryption (E2EE).
End-to-End encryption is that data is encrypted by the sender and only decrypted by the recipient. If you want to avoid tracking, mass surveillance, hackers and so on, then you need this type of encryption of the transmitted data.
Examples of End-to-End encryption technologies are things like PGP, S / MIME, OTR, which stands for “Off the record”, ZRTP, which stands for Z in the RTP protocol, as well as SSL and TLS implemented correctly, these can all be used as End-to-End encryption.
Companies that develop software that use End-to-End encryption and zero knowledge systems cannot disclose the details of the data exchange to your enemies, even under duress, even if they wanted to. This is the advantage of zero knowledge End-to-End encryption. End-to-End encryption provides security while data is in transit, but obviously it cannot protect data once it has been received. Next, you need a different protection mechanism.
Use End-to-End encryption wherever possible.
The use of secure HTTPS on all websites is becoming increasingly necessary, regardless of the type of data transferred. A digital certificate is the same as a digital signature, there are a number of differences, there are certification authorities and so on. You usually do not come across this, I will not describe who is interested - type "Key and HTTPS Certification Authorities" and "Digital Certificates" into the search engine.
A green lock in a URL or HTTPS means that your ISP or, say, the government, they can only track the target domain. What does it mean? Let's say there is an attacker between us and Google. It won't be able to find out what exactly I was looking for because this is end-to-end encryption between my browser and server.
Let's see an example. To begin with, we will use an example of a non-encrypted connection using an HTTP connection.
HTTP, HyperText Transfer Protocol is a widespread data transfer protocol
originally intended for transferring hypertext documents. By default, the HTTP protocol uses TCP port 80.
In the screenshots below, I will use WireShark, a program for analyzing network traffic.
For the experiment, I took a site based on the government.ru HTTP protocol, after I click on the link, the request from the site will be displayed in the WireShark window under the number one, but let's immediately analyze what each window of the program is responsible for for better assimilation of the material.
1. This area is called the Packet List - in it you can see which server is exchanging data with, the protocol that is used and general information about frames.
2. The next area is called Packet Details - it displays the details of the packages that were selected in the Packet List.
3. And the last area is called Packet Bite - it displays the hexadecimal display of this packet, the offset is also displayed in the form of ASCs, and also, if we right-click on this area, we can see how it will all look in bits.
Let's take a closer look at the received packets and learn more about surveillance, analysis, and so on.
1. Packets forwarded by our HTTP filter.
2. Target domain, that is, the main page of the site without any heresy after the slash "/".
3. User Agent, that is, browser settings, operating system version and other parameters.
4. Referer - indicates from which page we went to this page, since we went from a secure page, there were many packets with redirects. Ultimately, we referred to ourselves from the same page, if, for example, I went from the main page of the site to this one, then the Referer would have the main page of the site.
5. Cookies or session. Here is your password and sailed (Blurred). You can go under your logged in session and rummage around.
6. Well, this is the final page where we are.
If you think that this is the ceiling, what this software can do, then I'm afraid to upset you - this is just the tip of the iceberg. In order for you to have no doubts after reading what I have read, I decided to disassemble these points by going from one page of the website to another.
And as we can see:
1. Referer - indicates the previous page, which we parsed from it, we came to this page.
2. What page we are on now.
As we can see, the HTTP protocol itself does not imply the use of encryption to transfer information. However, there is a common extension for HTTP that implements the wrapping of transmitted data in the cryptographic SSL or TLS protocol.
The name of this extension is HTTPS (HyperText Transfer Protocol Secure). For HTTPS connections, TCP port 443 is usually used. HTTPS is widely used to protect information from interception, and also, as a rule, provides protection against Man-inthe-Middle attacks - if the certificate is verified on the client, and at the same time the certificate's private key was not compromised, the user did not confirm the use of an unsigned certificate, and the attacker's CA certificates were not embedded on the user's computer.
1. Google - uses a secure connection protocol HTTPS.
2. Data request packet over the secure HTTPS protocol.
3. As we can see in the details of the package, we only have Encrypted Application Data.
We do not have any other information that is contained on the web page, or where the person is.
4. Since we have an IP address, with which server the packets are exchanged, we look at what this IP address is and, based on the data received, we can conclude that the person is on the Google landing page.
Basically, using HTTPS is safe and as I said earlier:
Companies that develop software that use End-to-End encryption and zero knowledge systems cannot disclose the details of the data exchange to your enemies, even under duress, even if they wanted to. This is the advantage of zero knowledge End-to-End encryption.
SSLStrip - HTTPS stripping. But also based on this, there are attacks to remove SSL. Let's see what it is. Any attacker who can position himself between the source and destination of traffic, in our case, a computer and a server, then this attacker can perform an attack of the “Man in the middle” type. One of these attacks, which requires very little skills and resources, is called SSL Stripping. The attacker acts as a proxy here and replaces encrypted HTTPS connections with HTTP connections.
Let's open the screenshot and see what it is:
1. As we can see, we are sending the request with HTTP.
2. It goes through SSLStrip and does not change, also goes further.
3. The server sees that you came over an insecure protocol without encryption and changes it to a secure one using encryption. That is, on HTTPS (301 or 302 Redirect is done - this is configured on the server)
4. SSLStrip sees that the server has sent you a request to HTTPS (See point 3) and automatically also changes it to insecure - to HTTP. Thus, removing TLS encryption.
SSLStrip here proxies the response from the web server, simulating your browser, and sends you back the HTTP version of the site. The server will never notice the difference. Since the server thinks that you are communicating over the secure HTTPS protocol, since it does not see that the attacker (SSLStrip) changed the protocol for you to an insecure one.
And what you will see - it will be almost indistinguishable from the original site. Let me show you how a website should look like:
1. We see a secure version of the site, that is, with End-to-End encryption (left).
2. Now I have done HTTPS-stripping. And this is the version of the site after the attack (right).
As you can see, the difference is that you no longer have HTTPS and most people won't notice the difference. And as I said, the server will never notice that something is wrong, because it is talking to a proxy that behaves exactly the same way as you would.
Another interesting way to carry out this attack is when the attacker is on your local network, so this either happens over an Ethernet cable or wirelessly over Wi-Fi. They can trick your machine into sending traffic through them, and this is known as ARP spoofing, or ARP poisoning. The attacker sends ARP packets impersonating the victim's default gateway.
This works because Ethernet does not have mechanisms for authentication, it does not have this functionality, so any machine, in principle, can send what is called an ARP packet and report that it is one of the machines on this network, for example, a gateway or router. and this causes you to start sending your traffic through the fake router, which then forwards it, stripping SSL along the way, and then forwards the traffic back to you, as we have seen.
In a nutshell, what is ARR spoofing and how it works in simpler terms. Everything that goes to the Internet has a physical address, that is, a MAC address. Hence, the computer has a network card or Wi-Fi card, and it has its own MAC. The MAC address is usually written like this - 00: 07: 5B: 3C: 88: 91, there can be a colon or a dash between the numbers, these are 6 pairs of characters, 8 bits for each pair, that is, 48 bits in total.
Therefore, 2 ^ 48 = 281 474 976 710 656 - and this, in turn, is 281 trillion 474 billion 976 million unique addresses. Also, the first three octets are the organization identifier, the next three octets are selected by the manufacturer for each instance of the device (Except for SNA networks).
Also, the MAC address can be easily changed to any other. Why am I telling this? And for the fact that knowing only the IP address it is impossible to contact the device on the network. And if I know the IP address of a device, for example, my router, then I cannot exchange information with it until I know its MAC.
For these purposes, the ARP protocol is used, which sends a request from your device to another device as if you have IP 192.168.1.1. Then he sends him his MAC address and it turns out that the connection is established.
For clarity, the attack proceeds as follows:
The IP address and MAC address of the computer under the number 1 is different from the IP address and MAC address of the router under the number 2 from your real router. The attacker creates a virtual router under the number 3 and ties your entire network through itself, and the computer sends an incorrect request, which goes not to the real router, but to our hacker (Fake router) and also in reverse order. It turns out that all traffic goes through our attacker.
Now let's think about what can be done to prevent all this? Well, on the client side, you can try to notice when you don't have HTTPS, but if you're busy, you probably won't be able to notice it. Nevertheless, you should pay attention to this. But then I will tell you a method to protect yourself.
A more secure method is to use a tunnel or an encrypted tunnel so that it is not possible to remove SSL because the traffic you send will be encrypted in a different way. For example, you can use SSH tunneling. VPN technology like IPsec can be used. In general, you should pay attention to End-to-End encryption.
Among other things, you are better off not connecting to questionable networks without using tunneling, VPN or encryption, because that is exactly what can happen if you don't have them. Your SSL can be removed and all your traffic is exposed.
The presence of ARP spoofing and sniffing on your local network can be detected to some extent, and there are a couple of example tools you can use. This is ARPWatch. It monitors your Ethernet network for ARP spoofing or poisoning. And there is another tool, Sniffdet, which detects whoever is watching network traffic.
On the server side, you may not have control over the server side. That is, you cannot always control the HTTPS connection so that it always has a green padlock. It is possible to activate strict security, data transmission via the HTTP protocol, or HSTS for short, this mechanism uses a special header to force the browser to use only HTTPS traffic.
This only works if you have previously visited the site, and then your client actually remembers that this site only accepts HTTPS traffic. And if you all remove SSL, you will get an error message because strict HTTP transport security has been activated on this site.
In general, let's make a short epilogue. Encryption is a fantastic tool for privacy, security, and anonymity. In fact, this tool really works and attackers (Hackers) will try to avoid it. That is, no fool would make a direct attack on encryption. As they say, a smart one will not go uphill, a smart one will bypass a mountain. And you should bear this in mind.
And all they can do is find weak points. Remember the case of Ross Ulbricht, the creator of the Silk Road, he got caught on Captcha. Simple. That is, no one will ever Brut 'your passwords and so on. It is much easier for them to install KeyLogger on your system or send you a link to a website with infected JavaScript and launch an attack, or a PDF file, and so on.
No one ever wants to break encryption. Attackers will simply try to bypass the encryption. You should keep this in mind.
Security is a so-called weak link phenomenon. It is as strong as the weakest link in the chain. Strong encryption is often the strongest link. We human beings are usually the weakest link. As the saying goes: "My tongue is my enemy."
How a MITM attack is carried out:
FAQ:
A: When an attacker creates a virtual router, can the victim notice it?
B: Maybe, of course, but usually this is noticed with the help of plugins, firewall and other software. ...
A: How to apply this information in your work?
B: Absolutely different. You must understand that you can only trust yourself and if you do not have understanding, then you will not have a guarantee of your safety.
A: How can I transfer all the information to a encrypted disk?
B: Just grab, drag and copy. Before that you need to mount it.
A: Which plugin should you use to securely identify authentic certificates / check with old ones.
B: HTTPS Everywhere. Or you need to configure the firewall.
Anonymous mail services:
protonmail.com
disroot.org/en
tutanota.com
mailfence.com
An introduction to security. Choice OC. Lesson 3.
I will try to explain in simple language how you can theoretically be hacked. I will do without complicated terms, for ordinary users. Also, I will give you a brief introduction to hacking the operating system, and more advanced users will read technical information between the lines.
I believe that users of any operating system, and even more so those who are associated with this at work, need to understand that professional viruses are not an executable file that has been renamed into a document and asked you to run it. And not always blocking macros will prevent an attacker from executing code on your system.
I myself use various operating systems, from Windows to Linux. I work on Linux but use Windows sometimes. Further, there will be a lot of negativity about Linux, but it is not associated with any fanatical beliefs, I just want to objectively tell and convince you that no matter what operating system you use, you can be hacked everywhere.
Your choice of operating system matters to your security, privacy, and anonymity. Different operating systems suit different needs. The purpose of this section is to help you understand this difficult situation. Answer the questions, which operating system suits your requirements based on risks, and what you want to use it for, for a specific situation, for specific requirements.
Let's talk about our choice of operating system and how it affects your security, because the operating system is the real foundation of your security. There are many misconceptions when it comes to operating systems and security. You've probably heard, for example, that MacBooks cannot be infected with viruses. Also, a lot of people are constantly discussing how leaky the Windows operating system is. This can be argued for years, but wondering how secure is Linux?
And there are people, let's call them Linux camp, who think Linux is the best operating system. If you ask Linux lovers if you have an antivirus, the answer will be only laughter. Their argument is that Linux was created by professionals, and everything is protected according to the standard. We plant our beloved dog for Ubuntu and you can not worry about its data.
In general, there are two things that are infinite, the universe and fools. Everything is clear with the universe, but what about the latter? How to explain to various Windows users that they cannot work without antivirus protection? And how to explain to the creators of antivirus software that it is impossible to protect against hacking by the access matrix (When reading or writing of some files is blocked, that is, access control) and that hacking is not always: “A threat has been detected: The autorun.exe process is trying to write to the system branch registry ".
Your security looks good only in theory. Let's say you are the same Ubuntu user, you install this OS on your beloved dog's PC. Then many argue the following - if the dog receives a message myDocument.docx in the mail, then even if it turns out to be an executable file, and he starts it according to the instructions, nothing will happen - after all, for most actions, a password is required - root (Administrator password in the sense). Are you seriously? Are you protecting yourself from the invasion of representatives of the elementary grades of school? Or do they control large financial flows and in general from malefactors who are members of criminal gangs?
A long time ago, when Linux was in its infancy, most of its users were professionals. But over time, distributions that were convenient for a simple user appeared in the work and the number of housewives began to grow. What does any housewife do? That's right, makes online payments, and where there is money, they flock there, like bees to honey, a swarm of various rabble, which wants to improve their finances free of charge. 90% of housewives use Windows - and viruses are developed for this operating system, and if at least 20-30% of housewives switch to Linux, then big finances will immediately be poured into it for the development of malware. And reports from antivirus companies show a slow but increasing number of such programs.
Okay, back to our dog. The only reason not to worry about your security is that developing a virus under its OS is unprofitable. And so - it is economically unprofitable, the possible income of the attackers will be less than the costs. How long this will continue is a big question. But still, technically, how likely is it that our dog will be hacked and taken away? If the strong point of our dog's safety is that no one needs it and viruses under its OS have not yet been written, then this is a game of Russian roulette.
Let's simulate such a life situation. Let's say, the other day, you met a pretty girl on the Internet, you communicate with her for some time, share your secrets there, and so on. For example, at some point, she finds out that you have a tidy sum of BTC coins on your account. Let's imagine that a friend's name is Katya, and Katya has a friend, a programmer who is pretty good at computers. Then they decide together with a friend to figure it out for two. What they need for this: a small start-up capital, the direct hands of a friend (Let his name be Anton) and a little courage.
Katya knows that you are using Ubuntu 14 LTS. How do you imagine the hacking process? You, like most users, think that Katya will send you a file with an attachment in your mail, which will ask you to run, but since you are not stupid, then, of course, all your data is safe, and we will not run this file!
Then Katya goes to some unnamed and shadow resource and buys from Someone a vulnerability to your favorite browser for N-th amount of money. Someone not only provides your new friend with technical information about the vulnerability, but also sends Anton (Katya's accomplice, who has forgotten) an example of how to start all this.
The vulnerability that a friend gets is a zero-day vulnerability in the Google Chrome browser. For example, open holes CVE-2015-1233 or CVE-2014-3177, CVE-2014-3176, CVE-2013-6658 (See above) and how many of them have not been closed yet is a big question.
As you can see from the description of the vulnerabilities, Katya can execute the code in the context of the process and this will work not only in Windows, but also in Linux and Mac OS. The vulnerabilities are taken at random as an example. Once again, these are browser vulnerabilities.
Anton draws up a script (JS - Java Script) and writes there the Shell-code (a set of lines that are written in the command line), which should be executed on the target system - your PC. To do this, he needs to somehow transfer the link. We immediately dismiss the first option with mail - you are a careful user and do not open links from mail.
Then they decided to improvise a little. They know that you are an ordinary person and do not suffer from paranoia. Therefore, most likely, you will still follow the link if a more or less familiar (in our case, Katya) person on a social network throws it off. In fact, it can be played in different ways. It all depends on your imagination. There are really a lot of options.
After you visited the link, in the context of your browser process, a small code was executed that Anton wrote - literally a few commands that later downloaded the virus body and went on to execute it. But how. Are you sure that Katya is just
showing you her photos, no files are uploaded to the disk, there are no warnings, no one asks for root passwords.
We increase privileges. After Anton's development started executing its first instructions on your processor, the question was, what to do next? In your theory, even if an infection occurs, then nothing will happen to you, you have set a complex password for root access, and you will not enter it immediately and suddenly.
Anton and Katya foresaw such a question and decided it in advance. The same Someone told them that he has a couple of zero-day vulnerabilities in the Linux kernel, like the fresh vulnerabilities in the kernel versions 3.17 and 3.14 - CVE-2014-9322, CVE-2014-3153.
After reading the description of the vulnerabilities, Anton realized that they would allow him to execute code in the context of your OS kernel. And all he needs is for his malicious application to take advantage of these fresh holes and execute the code in ring-0.
While you are unaware of anything and are looking at Katya's photos, Anton's code has already seriously invaded the vastness of your system and neither antivirus (It simply does not exist) nor anything else can even display an intrusion message. Since Anton decided not to stop there, he went further. Having got to the lowest level of your OS, in which only trusted code is supposed to be executed, Anton began to search for the file that is responsible for starting the OS. Once Anton's software has found this file, it modifies it so that when you restart your PC, Anton's code continues to run.
Rootkit (in Russian, "rootkit") - a program or set of programs to hide the traces of the presence of an intruder or malicious program in the system.
And so Anton and Katya got access to your PC running Linux, but how can they hide their presence? To do this, Anton decided that he would overwrite the code of the operating system itself, which is loaded into the memory of your PC, but how? After all, if the same actions are carried out on Windows OS, then one small system component will detect this and forcibly restart the PC.
Then Anton opened the documentation for the processor that is on your PC and began to study. He knows that your processor architecture is x86, but what does it do? After all, there is write protection on the pages it needs in the kernel. Then Antom drew attention to the cr0 register - a small block of memory that stores the data with which the processor works.
And what will happen if I set the hexadecimal bit to zero, quickly overwrite the necessary kernel methods and immediately restore the register - Anton thought. And so he did, as it turned out, if you reset this bit to zero, then write protection can be temporarily disabled.
Thus, Antom has full control over your OS. Yes, the vulnerability was later found and fixed, but the program code that stuck in this way in your OS can no longer be detected. Minute integrity control shows that not a single file in the system has been changed - Anton's program simply replaces it when reading. There are no new processes - the malicious process is simply hidden, and if there are solutions on another OS that have been detecting such techniques for a long time, then there is no such thing under your OS.
In general, in conclusion, Katya and Anton were able to easily access all of your payment systems, withdrew all your money. And then they also deleted all your files. Conclusion - be careful, especially with Katya.
I wanted to show simple principles with this simple story. How all this happens, that it is necessary to clearly separate virtualization, because virtualization is another large-scale thing in the parameter of your security. We will return to this later. Do not try to surf the Internet on your PC, open suspicious links and download some dubious software, and it’s still not entirely clear from where. Be careful about your security concerns about JS and only enable it on trusted resources.
BUT! Usually such vulnerabilities cost a lot of money, and the fact that you are the one to be hacked decreases. Despite the fact that they will be interested in you, the probability is extremely small. As I already wrote at the beginning of the encryption lesson - all this information is needed even when you have achieved some kind of success, there are always large sums on your wallets, and you have a whole arsenal of different techniques.
(For example, I have several PCs on different operating systems. One PC is a test one, on which I test different methods of work, programs, links, etc. It does not store any important data, to all this it is connected to a different network. The second and the third PC is exclusively for work. Well, and the fourth PC for myself is social networks, games, the Internet, etc. It also does not have any important data, and it has nothing to do with work, so if it gets infected somehow, then I won't lose anything).
By the way, a little more information. If you are concerned about your security and anonymity, then you must be very careful on the Internet. First, always keep in mind that the Internet is the abode of deception and lies (especially the shadow Internet). Forget about such things as meeting people on the Internet, because you cannot know who is sitting on the other side of the screen. Friend or comrade major. Second, always remember that your social media friends can be hacked. And, you will be lucky if you just fall for another divorce, where you will be offered to transfer money to the card. And it will not be lucky if, on behalf of a friend, using correctly SI, they can find out some data from you (the same link).
So, okay, we closed this topic. And now I would like to make some kind of risk assessment and based on these moments, so that you can also do it yourself without any special skills, purely by your own logic.
Perhaps you are interested in the question, which of the operating systems will we consider the weakest? Windows, OS X, or various Linux systems, perhaps the Linux kernel, which has been the most vulnerable in history?
cvedetails.com is a free CVE vulnerability database / source (This is a generally accepted standard for naming vulnerabilities found in commercial and open-source software). You can view information about vulnerabilities by CVE number, exploits, links to vulnerabilities, a complete list of vulnerable products and CVSS assessment reports and most common vulnerabilities over time, and more.
Let's try to work with this site. To begin with, we will go to this page of the site - cvedetails.com/top-50-products.php - there is a list: “Top 50 products by total number of vulnerable vulnerabilities” (from 1999 to the present).
And as we can see on the second line, we have the Linux Kernel. Simply put, this is the Linux Kernel, as we can see it ranks second in terms of quantity. And you probably ask, why?
The numbers shown in the right column are the number of vulnerabilities found in a particular operating system or application.
Let's go down to the very bottom of the web page. We see the following there: “The total number of vulnerabilities is 50 products by manufacturer”. And, as we can see, Linux no longer occupies the first line, but you say that Windows (Microsoft) is constantly updated, and it also has a bunch of products on the Office market and other programs, and Apple has different versions of the operating system, and there are also some nuances.
Yes that's right. All of you will be right, but Linux has a ton of stuff too. Let's take a closer look at the specifics of this use. Let's take it all out in practice, and then, I think, you will all understand what I want to tell you about.
Go to the page: cvedetails.com/vendor.php?vendor_id=33
This page shows the statistics of vulnerabilities in Linux. What you should pay attention to:
1. Number of vulnerabilities by year.
2. Vulnerabilities by type.
Now it is necessary to analyze what parameters should be paid attention to:
The first thing we should pay attention to is the number of vulnerabilities by year, as we can see that every year there is a trend towards an increase in the detection of vulnerabilities.
The second thing we should pay attention to is the severity of the vulnerabilities, as we can see the serious ones here are execution of the code (Execute Code) and buffer overflows (Overflow).
Red and orange:
• The red column is the execution of code on the client's side without his knowledge, I think there is no need to tell what exactly this is fraught with.
• The orange column is a buffer overflow, which is a phenomenon that occurs when a computer program writes data outside of the buffer allocated in memory. It is fraught with the fact that there will be an increase in the level of privileges and a lot of other things.
More details can be found here: https://ru.wikipedia.org/wiki/Buffer_overflow
And for the sake of completeness, we can go a little higher and see a table with trends in vulnerabilities over time. Based on structured data, we can easily analyze, since we can see the ranking of data by time cycle, as well as by the degree of danger of vulnerabilities (Columns). You can click on these numbers and see detailed statistics about the vulnerabilities.
Now we have a small picture of how everything works, we analyzed it on the basis of Linux, but several candidates are required for the analysis. Now I will consider in a concise, capacious manner using the example of three main developers, namely:
• Linux
• Microsoft
• Apple
As we can see, in the general statistics of vulnerabilities for all products:
• Microsoft - 10947 vulnerabilities.
• Apple - 6595 vulnerabilities.
• Debian - 2619 vulnerabilities.
Based on facts and statistics, let's try to figure out where we really come when it comes to the security of these operating systems.
Windows
So, the first we will disassemble Windows, how full of a leaky Windows operating system can be argued for years. Just look at the statistics previously described. And the very red light should light up in your consciousness, which would signal to you that, perhaps, this is not the best option. But statistics are statistics, but let's see why. She initially had a weak security system. Give her credit. In later versions of Microsoft operating systems, they began to take security seriously.
And with the latest products, the latest security features like BitLocker, EMET, Device Guard, Windows Hello, and Windows Trusted Apps, there is now a pretty solid set of security features. But is it really so? In general, I agree, the security of operating systems of the Windows family is gradually improving, but this is not enough, and even more so for us.
In these operating systems, everything is closely interconnected with the Microsoft servers, all your actions in the system, as they report to the Microsoft servers by strings, also fail Windows, especially in the current version of Windows 10, problems related to surveillance and privacy, this is not particularly related to the means safety, but it turns off some people, what to say already about us.
An important point: If you read the licensing agreement from Microsoft that comes with every operating system in the Windows family, you will see that they will give your encryption key from BitLocker at the first call from law enforcement, and this in turn stumbles upon the idea of what the fuck Windows ?! Why do you store my encryption passwords on your servers, what are you doing?
The fact is that by ticking the box in the licensing agreement with Microsoft, users give the corporation the right to dispose of their data.
“We may access, disclose and store for ourselves your personal data, including any content, any files on your devices, in your letters and in other types of personal communications, if we have reason to believe this is necessary to protect our customers or to comply the terms and conditions governing the use of our services ”is
stated in the license agreement.
In other words, whatever you say on the network - write, save, create or download on your computer or any other device with Windows 10, all this can be remotely deleted or copied from you - if someone at Microsoft decides that it is for them need to. That is, according to the terms of the Microsoft EULA, intervention in the privacy of customers and control over it does not even require government sanctions! All that is needed is permission from users who are too lazy to read the entire license agreement when installing the OC. This is probably all there is to know about Windows.
Mac OS X
Next, we have Mac OS X. Today, again, like Windows, it contains reliable security tools. Stuff like address space allocation randomization, app launcher sandboxing, FileVault 2, privacy settings, and Apple's AppStore. All strong security features.
But if not for one "BUT", Mac OS X also has problems with privacy. If you've upgraded to Mac OS X Yosemite (10.10) and you're using the default settings, every time you start typing Spotlight (To open an app or find a file on your computer), your local search terms and location have already been sent to Apple and third parties (including Microsoft).
The Washington Post also posted a video demonstration of Yosemite's live tracking:
washingtonpost.com/posttv/business/technology/how-apples-os-x-yosemite-tracks-you/2014/10/22/66df4386-59f1-11e4-9d6c-756a229d8b18_video.html
Let's analyze this video:
1. For example, a simple Spotlight search output. (This is a tool for finding files on your operating system) now sends your location and the names of the files you are looking for to Apple on a permanent basis. You may notice that your location is being transmitted to Apple even though you are not shown the corresponding notification icon. They decided to hide this notification under the pretext that users would be overwhelmed by too many notification messages. This means that if you agreed to use the location services, then you also agreed to share your location with Apple.
2. You may notice that data starts to be sent before you type, and also when you press the keys. That is, as you type, data is sent too.
3. As we can see, the author of the video says: “I'm looking on my computer for a document called" The Secret Plans Obama Leaked Me ", and Apple receives information about this along with my location and user ID, which is a unique string of letters and digits used to identify me. Apple tells us that this value changes every 15 minutes, but we have to trust that the new value does not bind to the previous one. Again, they receive information about our location, and as the author shows that he is indeed at the Washington Post office, based on the coordinates transmitted.
How can we turn off these surveillance things? To disable these things, we first need to go to System Preferences> Spotlight. There we see all the places Spotlight looks to search for you. This can be very helpful. However, this can also be a privacy issue, as you can see just now. I would recommend disabling everything, but if you need something, you can, of course, leave it.
If you are using Safari, then you need to disable the following, click Safari> Preferences> Search and you need to uncheck Include Spotlight Suggestions.
Linux
Linux-like operating systems, Unix-like operating systems. There is a wide variety of them, I group them all in one category. If you are looking for the most secure operating systems, then you will find them only here (Will be below).
Things like SELinux are good examples of this. It is an implementation of Delimited Mandatory Access Control (MAC) that meets the requirements of the government and the military.
Mandatory access control (MAC) is a differentiation of access of subjects to objects based on the assignment of a confidentiality label for information contained in objects and the issuance of official permissions (Admission) to subjects to access information of this level of confidentiality. Also, it is sometimes translated as Enforced Access Control. It is a combination of protection and restriction of rights applied to computer processes, data and system devices, and designed to prevent their unwanted use.
SELinux is a kernel-level enforcement access control system. This is not so much an important point for you to focus on at this point.
Let's take a look at more standard operating systems: Ubuntu, Debian, Fedora, Arch Linux, Tails and others - again, they all have fairly reliable security features.
When we look at Windows, Mac OS X, and Linux, they are all in similar terms. But when it comes to their existing security features and functionality. When we add privacy to our security suite, we need to start looking at Linux distributions.
I would recommend using Linux distributions for security, but you will have to sacrifice interoperability and usability. For example, you will not be able to use Photoshop or Microsoft Office, although this can be solved using “Wine” - you can watch what it is on YouTube.
In a nutshell, if you don't know, there are many, many operating systems that have evolved in some way since the mid-1960s from an operating system called UNIX.
Keep a list of operating systems. You can see clearly how many Linux distributions are there and from whom they originated:
Just look at how many operating systems are based on Debian, now you can go back to the statistics we did on the analysis earlier and look at them from a slightly different angle.
I would recommend using Debian based distributions - Debian, Kali Linux, Parrot OS as well as Fedora, Arch Linux.
A little about these operating systems. As you have already noticed, upon a closer look at the infographic above, the two main communities are Debian and RedHat, there are also a bunch of others, but there is one BUT: "If you have a lesser known Linux or Unix-like operating system, then you may find that the release of fixes is slower, because they are not backed by huge multi-billion dollar corporations, in which the release of all fixes is on the flow. "
Fedora Linux is a Linux distribution with one of the largest user communities of any distribution. But it is not as popular as Debian. There is a common perception among users that Fedora is difficult to use and difficult to configure. A big plus of this system is that Fedora is only free software. The Linux operating system is very often viewed as free software. But this is not 100% true. While most of the software you use is free software, some hardware drivers and firmware are proprietary. Also, there are open source components, but with a limited license.
Distribution developers determine how often their users will come into contact with proprietary software. They may include MediaCodecs, drivers for video cards and network adapters, as well as additional modules, for example, Adobe Flash, as part of the distribution kit. It will help users listen to music, play games, and surf the web, but it is not free software.
Fedora takes a principled stand on this issue. This helps to avoid legal action against RedHat. Proprietary software is simply not allowed in the repository. The distribution kit will not prevent you from installing such programs, but it will not help you either. You will have to use third party repositories like RPM Fusion. This is one of the reasons why Fedora is considered difficult. But adding a repository to the system is a matter of a few minutes.
But, for example, such articles habrahabr.ru/post/337290 are, of course, slightly misleading. Since before, non-commercial products, as far as I remember, did not fall under such prohibitions. The Fedora Project, although sponsored by the Red Hat to develop new technologies, is a non-profit structure and does not profit from its activities, as far as I understand. It's all strange.
Arch Linux is an independently developed Linux distribution optimized for i686 and x86 / 64 architectures, aimed at power Linux users.
In general, you need to be a competent user to use this system, you need to be aware of this in advance. She uses Pacman, a proprietary package manager from the creator of Arch Linux. Pacman provides the installation of the latest updates with full control of package dependencies, working on a rolling release system or Rolling Release. Arch can be installed from a disk image or from an FTP server.
Let me explain that a package manager / repository is like the App Store or Google Play, from where you can download and install the application or program you need in two clicks.
The default installation process provides a solid foundation to enable users to create a custom installation. In addition, the Arch Build System (ABS) utility provided the ability to easily build new packages, modify the configuration of stock packages, and share those packages with other users through the Arch User Repository. It is a lightweight Linux distribution. It runs predominantly free and OpenSource software and software from the community-supported AUR repository.
Ubuntu - To dismiss this question, I'll just say that Ubuntu sends your data to third parties without your consent. If you're an Ubuntu user and you're using the default settings, every time you start typing Dash (To open an app or find a file on your computer), your search terms are sent to various third parties, some of which advertise you.
By the way, you can remember the situation about Windows, which decided to distribute WIndows 10 for free, but in the end collects all the data, supposedly for advertising. That is, all your personal information and so on. If you would like more information on this system, please read at least the WIndows License Agreement. And your eye will start twitching.
For Ubuntu, to prevent sending data to third parties, you need to follow a series of instructions on this site: fixubuntu.com Following the
instructions here, here's how to change the settings you want . Above, we have already analyzed a similar situation on the example of Mac OS X.
However, I do not recommend Ubuntu in any case, I only cite this for your interest in the event that it so happens that you are using this system. Ubuntu is better for privacy and anonymity than Windows or Mac OS X. I recommend Ubuntu to people with no Linux experience and who think the above distributions are too hard to digest for them.
Debian is a Linux based operating system, it is a Linux distribution. It consists entirely of free and open source software, most of which is under the GNU General Public License.
The Debian distribution contains over 51,000 compiled software packages that are
packaged in a great format for easy installation on your machine. They are all free. It looks like a tower. At the base is the core, above it are the main tools, then all the programs that you run on the computer follow. At the top of this tower is Debian, carefully organizing and putting it all together so that all the components can work together. With this approach, your system will not knock on Microsoft home servers.
Tails is a Debian-based Linux distribution built for privacy and anonymity. It is a continuation of the development of OS Incognito. All outgoing connections are wrapped in the anonymous TOR network, and all non-anonymous ones are blocked. The system is designed to boot from LiveCD or LiveUSB and leaves no trace on the machine where it was used. The TOR project is the main sponsor of TAILS. The operating system is recommended for use by the Free Press Foundation, and was also used by Edward Snowden to expose PRISM.
Use it only to search for something on the Internet (which you yourself understand), as you will quickly get tired of it. For example, they came somewhere, inserted a USB flash drive from their OS, looked for what you need and pulled out everything.
Kali Linux is a GNU / Linux-LiveCD that emerged from the merger of WHAX and the Auditor Security Collection. The project was created by Mati Aharoni and Max Moser. Designed primarily for safety tests. Kali's predecessor was BackTrack, built on several Linux distributions. It was originally intended for use on Slackware OS, and then smoothly migrated to Ubuntu.
After that, Debian became the basis.
Parrot OS - An increasingly popular Security distribution based on Debian-Linux. Quite easy to learn, suitable for both beginners and professionals. This distribution is aimed at both penetration testing and anonymous work on the Internet. Quite a lightweight and effective tool, many Security specialists have found in it a replacement for the increasingly "gluttonous" Kali, especially since Parrot uses the Kali repositories to update. Uses MATE graphical environment and LightDM display manager.
In terms of functionality, it is similar to Kali Linux; here, too, a huge amount of special software for security testing is supplied with the system.
As you can see all the systems I mentioned above are mostly Debian based in one way or another (since Ubuntu).
How you handle security updates on Linux will depend on the distribution you are using. I'm going to talk about security updates using Debian and Debian-based systems as an example.
See here - wiki.debian.org/Derivatives/Census
All Debian-derived distributions are listed . Many of them are security critical operating systems such as Kali, Tails, and so on. The Debian project does an excellent job of providing security updates for Debian.
Security is a priority for this project and this operating system. For details of the security issues that are being patched, take a look at the security information page provided by Debian (debian.org/security).
If you go down below, you will see all the updates. You can click on any update and get more information about that particular update. You can go to the Miter CVE directory and learn more about the vulnerability you select. See here for details on this vulnerability. We see even more details here. And from here we can get to various sources for more information, and in principle, we can even find the Exploit code for this vulnerability.
We analyzed this above using the example of the site - cvedetails.com
The Debian Project claims that they process all security issues brought to their attention and fix them within reasonable time frames. They also say that many security alerts are coordinated by other free software vendors and published on the same day as the vulnerability found, and that they have an internal Security Audit team that looks in the archives for new or unpatched security bugs. They also believe that security by obscurity does not work and that public availability of information allows security vulnerabilities to be found.
This is all well and good, which is why I recommend Debian-based distributions as the main reliable operating system for everyday use when it comes to security, privacy and anonymity.
About the installation and all that stuff. Perhaps, I will not paint how to install each OS, because then we will get out of the manual. If you want, you can find everything on the Internet, on the same Youtube there is a bunch of videos on how to install this or that system.
In addition, it makes no sense to describe the installation here, since it is almost always individual and everyone will face their own problems. In general, as they say, Google is there to help.
FAQ:
A: Are there any other popular hacking paths, apart from the hacking method through left links and executable files attached to the "Normal"?
B: There are a lot of them, usually vulnerabilities are used. The question is the delivery of malicious files and the ways of implementation (As I wrote, there are an ocean and more ways).
A: Is there any hardware binding other than MAC that can be tracked? Let's say I was using a Windows 10 laptop and then decided to use it for our "Business Purposes". Will they track me later, for example, by the motherboard ID? Do I need to take a separate new hardware for our work?
B: It all depends on your volume. And will they look in your direction at all. If you imagine that you are already a potentially dangerous person and they will calculate you, then you need to think about not only about MAC. Since, for example, most likely, everyone in the apartment has a router, quite ordinary. So, this router, if you connected to it from your PC via Wi-fi, most likely sent data to GoogleMaps or YandexMaps, as well as other sources. For the first time, you do not need any of this, you need this information for the future, when your income will already be in the millions, let's say.
A: Which link is better to use for our work? What is the Linux distribution, and is Windows really needed in a virtual machine, or is a browser with a substitution of the identifier enough?
B: IP → VPN → TOR → SOCKS, IP → VPN → SOCKS, IP → VPN → TOR → VPN → SOCKS.
Better to do isolation, of course. That is, let's take for isolation, for example:
VPN, TOR, SOCKS, VPN + SOCKS. Regarding the browser, Windows and so on - everything is individual, since everything beats in different ways.
A: Is it better to install Debian as the main one or on a virtual machine and work from it?
B: Basis. On a virtual machine, only if for training.
A: What computer characteristics do you need to work comfortably with Debian?
B: At a minimum, you need 8 GB to work, since you will also have a virtual machine. The best option is 16 GB of RAM. And so, in fact, the more RAM, the better.
A: Is there a semblance of an antivirus on Linux?
B: No, why is he? There is an application store, all applications are open source, and there is also a large community (30+ million people who constantly follow the replenishment of this store). In addition, when you want to download a program, the hash is automatically checked. If the verification is successful, then the program will download and everything is fine, but if not, then an error will be issued. This means that, most likely, it was malicious software.
A: I am a complete zero in Linux - which one should I set?
B: Don't install Fedora, look towards Debian-like distributions. Check out any distro with a pleasant interface for you. You can see which graphical shell you want: losst.ru/luchshie-graficheskie-obolochki-ubuntu
A: If we are talking about programs such as PSI and searching for "Something like that" on the Internet, then it is better to do it with a virtual machine of some kind, or you can safely on the main one, but the
browser, for example, can be stored on the hard disk, which encrypted?
B: It is possible and so, but it is better to store logs and everything else on an encrypted medium, not trying to store some kind of private information that can harm you on your medium without cryptocontainers.
A little more about safety:
1. Do not use your tongue, not on the Internet, not in life. No one ever needs to know where you are from, what your name is, how many children and any other personal information, it does not matter at all who asks - a friend or acquaintance, anyone may be not who he is positioning himself to be, and even me.
2. Do not use the Nickname that you took from your ID in VK, Steam, Email or any other service or site. Used in the white sphere Nickname - can bring people out of the gray sphere at you.
3. Do not register mails and accounts on your phone number, services that provide mailbox services will easily give out information on demand. To receive SMS, you can use online services (I will give you links). Do not use personal mails when registering on gray sites and stores, create separate ones for these purposes.
4. You should never think that "I am not such a big fish to be looked for" - often such people then look for money for lawyers, do not be mistaken, never neglect safety, because it is better to sleep peacefully.
5. Accept parcels only through intermediaries, forwarding services or dummies. Don't shine your names anywhere.
6. Jabber and all other means of communication are best stored in a virtual machine, if you store on the main one - it is better to disable saving history and passwords.
A virtual machine for searching the shadow internet. Lesson 3.1.
I personally recommend using VirtualBox or VMWare. Do not forget to enable virtualization in the BIOS of your PC - otherwise the virtual machine will not be able to work.
It is best if you put the virtual machine image in an encrypted media or container. For carriers, the best parameters are USB 3.0, 32-128gb.
We will encrypt with the following software:
TrueCrypt 7.1a or VeraCrypt
Here, the choice is, let's say, yours. See which one suits you best.
TrueCrypt versions are only 7.1a, the rest are not very secure, and VeraCrypt is a continuation of the TrueCrypt genus, since it was abandoned by the developers. I am using VeraCrypt.
We encrypt the media / SSD or create a container on a PC, then put the virtual machine image inside the container. Now, before starting the virtual machine, you will first need to open the encrypted container using a password.
How to encrypt - you can look in the help of the program itself or search on the Internet, it is not very difficult and requires pressing just a few buttons.
There are two alternatives to containers, namely:
• Encrypt the entire hard drive on your computer.
• Creation of a hidden OS.
With ordinary containers, the encryption key can be pulled out of the hibernation file and removed from RAM, so we disable hibernation on our computers. But when using a hidden OS, you can put all the information and files inside it, and even if you are tortured, you can give out the encryption password from a regular white OS, while the hidden one will peacefully store your files.
Encrypting the entire hard disk is a long one (it takes about 6 hours for 1 TB of memory), but a reliable tool, since the keys cannot be pulled out from hibernation, even if it is enabled, and in order to have time to remove from RAM, you have to try very hard, only Brute remains , and here we move on to the next security point, namely passwords.
With a hidden OS or disk encryption, to start the system, you will need to enter the password in the Boot-Loader, that is, even before the Windows account password, before turning on the system itself.
On any forum, page on a social network, mail or hidden container, you must follow the mandatory points when choosing a password:
1. It is at least 15 characters long, preferably all 30.
2. Upper + Lower case, numbers and special characters.
An example of a good password: sHO & D = 633qwvBB! AC {6} - this password will take decades, if not centuries, to Brute.
3. For one forum / store / site - one, unique password.
4. Two-factor authentication - use wherever possible.
If you use the same passwords, there is a good chance that everything you can get cracked. No one is safe from leaking or selling a database on some DS (Dedicated Server) store, for example. Attackers simply get your password, and then let them go around all the services / forums and take everything they can.
However, a strong password is not a panacea, because it can be intercepted right from your system by picking up a Stealer, malware or other virus on it. The way out is trivial and simple
- create a separate virtual machine (in general, any one) specifically for software and dirty, unverified files.
And run everything only on this virtual machine, let it suffer better than your computer. Observing basic hygiene rules is much easier than losing accounts or paying to the victims later, so don't be lazy and do it, but you will sleep peacefully.
The purpose of the virtual machine for you will be divided into two points, namely, the first is for searching through shadow resources and communicating in this environment (Forums, sites, shops, and so on), the second is for the drives themselves and work. The virtual machine setup for these cases is different, but still a bit similar.
What do you need to configure your virtual machine for the first option (search by shadow resources):
1. VPN. It is best to put your own. How to do this and all the nuances will be below in the guide.
2. TOR Browser
3. Jabber / ICQ
4. Replace your DNS, for example, with Google - support.li.ru/google-dns/win7/
They can also be added to the router. For the best effect, you can generally use the DNSCrypt software. Remember this program, you will have to use it often.
5. Browser for searching. (I always use FireFox)
6. Disable WebRTC. WebRTC allows third-party users to determine the IP address of a network user at once, bypassing the software barriers of VPN, TOR, SOCKS and other network defenders: whoer.net/blog/article/kak-otklyuchit-webrtc-v-raznyx-brauzerax/
7. If you use SOCKS or SSH tunnels, then Proxifer + Plinker (these programs will also be discussed below).
8. You can also close the Internet through a firewall so that when the VPN falls, the virtual machine does not have access to the network, and your real IP does not leak.
Setting up a virtual machine just for work will be already below. As detailed as possible and in different variations.
Terms:
AntiFraud - AF, antifraud. Our main enemy, who does not allow us to calmly withdraw money from the SS.
BTC - Bitcoin, cue ball.
Checker IP - checks the IP for purity and suitability.
IP - IP, ip.
SOCKS - sock.
SSH tunnel - tuna.
DS - Dedicated Server, Dedicated Server, Grandfather.
Pure IP is the backbone. Lesson 4.
The topic is simple. The final part on your Carding security is anonymity. First of all, you need to understand that you have two different concepts of anonymity.
The first is personal safety, so that you are not taken by the ass, so that you are not leaked by your provider. For these purposes, we will create a personal VPN. What will he give us? He will let us hide our real data. When you disable logs on the server, VPN will remove all your "Travel" in the network from the provider.
The second is anonymity, which must have a number of parameters in order to bypass AntiFraud when typing. Later you will get to know AntiFraud better. In a nutshell, AntiFraud is a system against fraudsters like us. She has a number of parameters that are individual in each store, but our task is to be her “own”, to be an ordinary KX for her. If we do not have any requirements for the IP of our VPN, except that your VPN must be set up outside the CIS, then we have the strictest requirements for the IP to bypass AntiFraud - cleanliness, absence from blacklists, minimum or no Fraud level ' and so on.
Regarding security. If you work in Russia, then sooner or later your priest will be in a bad situation, because everyone is watching, plus or minus. As for the United States, the work on it is therefore safe for us, that in order to attract you it is necessary to spend a lot of money on the investigation. It costs more to attract you than your hammered phone. Well, as you may have noticed, the level of security in Russia is on average higher, because we missed the initial stage of introducing banking technologies, and, one might say, we got to the level when the data, plus or minus, began to be protected.
The initial level of anonymity is to use TOR for shadow resources. Although, we are not held accountable for visiting sites, nevertheless, if you suddenly find yourself on the pencil to the security forces, then the first place where they will come is your provider.
torproject.org - link to download the TOR browser. This condition is optional, but forewarned means forearmed. Also, I'll also point out why we need a personal VPN. Logs. All these paid VPNs are great and convenient, but in fact, no one will give you a guarantee that they will not write you. The probability that they write is approximately 95%.
Get used to working to a minimum, without using services that you can do without. You will be able to put yourself your own personal VPN (This will be in the guide). For $ 5 per month (server rental). At a speed higher than many paid ones. Will work on the phone too. Therefore, if you haven't started a BTC wallet, start it. Calculations in our area are mainly made in BTC, and quite often through QIWI.
Exchangers (cryptocurrency):
bestchange.ru
localbitcoins.com/ru/
risex.net
It is not worth keeping money in BTC all the time, as the rate can both rise and fall. Therefore, assess your risks and desires yourself.
By the way, QIWI - not everyone accepts it for payment, but it is possible as one of the options.
Pros: Possibility of direct withdrawal to the card, if you do not shine the phone number, it is almost impossible to steal
Cons: They can block the wallet, the Russian payment system, which means it will give out any data on demand, therefore I strongly recommend it, if it is used, then only in the following format: left SIM, left mail, don't use your phone, buy a left one or use a virtual SIM. Display only on a dummy card. Do not use your IP and PC (you can use a virtual machine).
If we talk about withdrawing money through BTC, then the situation here is a little more complicated, but you can still withdraw money:
1. Through the exchanger, you can exchange money from BTC to a card, QIWI or bank.
2. You can withdraw in cash, but you need to look for a good seller, let's say.
The fact that BTC is anonymous is a myth and misconception, all transactions in BlockChain, at a glance, are not very difficult to track, just no personal data is needed to register.
Therefore, to preserve the anonymity of funds, I recommend using BTC mixers.
FAQ:
A: Do I need to change IP if I live in Europe / USA? How reasonable is it to use the public Internet - in a cafe, shop, subway, and so on? And if you break Wi-fi networks and sit from them? In short, does it make sense?
B: It is necessary to change. Firstly, you need a personal VPN so that your IP does not shine anywhere. Secondly, when driving, you will need an IP for a certain area. It is better to use a VPN in a Wi-fi cafe, otherwise your traffic may be leaked. It is possible to break Wi-fi, but not everyone can - this is a separate topic. We will not touch on.
A: And how to start a BTC wallet so as not to burn your personal data anywhere, because they often require passport data and other nonsense? Is there any way to get around this? Or just buy left-hand documents and register on them?
B: Yes, to buy documents from 30 to 80 rubles. And register. In the process, everyone will find their own methods.
Many of you have already felt Jabber, but links to clients and descriptions will not be superfluous. Today this is perhaps the best way to communicate anonymously, but of course, do not forget that the servers should not be in Russia. Better start a few. Two is
enough so that if the server falls on one account, then you are not lost.
Some more information about Jabber:
OTR - https://ru.wikipedia.org/wiki/Off-the-Record_Messaging
Jabber clients - jabberworld.info/Jabber_Clients
The most convenient ones are PSI and Pidgin.
securityinabox.org/en/guide/pidgin/windows/ - about security in Russia.
ru-sfera.org/threads/nastrojka-otr-na-psi.2658/ - PSI and OTR guide.
As for passwords, account data, CC and other information, it is convenient to use the Keepas program.
keepass.info/download.html Keepas
works simply - a file is created to contain your data, it will be encrypted. You will have a master password from it in your hands. It can be used both on a PC and on a phone. The thing is extremely convenient. To always be at hand, you can upload it to the cloud, DropBox, for example, and files on the cloud can be encrypted with BoxCryptor.
boxcryptor.com/ru/
Provide BoxCryptor'u access to your cloud and perform encryption on it, even if the cloud is hacked, they will not be able to access your files.
Let's talk about the second point of anonymity, more precisely, about the IP and the requirements for it. Checker IP sites will help us with this:
Checkers IP:
whoer.net/ru - Basis.
witch.valdikss.org.ru - I don’t trust much, but sometimes you can check.
whatleaks.com - DNSLeaks.
check2ip.com - Check for blacklists.
ip-score.com - Fraud Points.
getipintel.net - Fraud points and check for open ports.
ipqualityscore.com/user/proxy-detection-api/lookup - Important check! (registration required)
dnsleaktest.com - Check for leaks.
fraud.cat/Home/Faq - Paid (by subscription)
What do these sites give? They help us find out information about our IP, not only the IP and DNS itself, but also others that can shoot us down. Based on these sites, we will configure our systems and addresses. We must adjust all the parameters so that AntiFraud does not fire us and does not give us unnecessary Fraud points. If there are a lot of such points, then the Decline will fly to us automatically. The main rule is that the IP must be clean. The IPs of popular VPN services are blacklisted or marked as anonymizers,
as they are used by a huge number of people for a variety of purposes. Websites Checkers IP will show you this.
A little about Telegram. Telegram, as you understand, is not an anonymous thing. Anything that you do not control is inherently dangerous. Therefore, I do not advise you to once again use it to carry out any illegal business. By the way, those who have not heard recently found a vulnerability in secret chats, the bottom line is that they are not so anonymous.
So, if everything is clear with the first point on anonymity - we will create a personal VPN, then to work with the second point we will use special tools:
1. SOCKS.
2. SSH tunnels.
3. Dedicated Server - dedicated server.
4. VNC.
1. SOCKS. Proxy server.
Cons: Short-lived, live up to 3 days. Traffic is not encrypted. They can die in the process of driving, it happens.
Pros: You can buy a subscription and use many different IPs. Suitable for the type of work hammered and forgotten. Suitable for the SS.
2. SSH tunnels.
Cons: Difficult to find clean ones.
Pros: They live for a long time, for months. They cost about one dollar. Well suited for bank accounts and PayPal, those places where it is desirable to have one IP for a long time. To swing your account, that is, to have constant access.
3. Dedicated Server is a dedicated server. In simple words, this is someone else's computer. Connecting to DS we find ourselves on someone else's desktop and our IP will correspond to IP DS.
Pros: Same as SSH tunnels. You need to take it with administrator rights so that there is no one else on this DS except you.
4. VNC - https://ru.wikipedia.org/wiki/Virtual_Network_Computing... Very similar to DS. With a significant difference, when we connect, we sit directly in the session of our KX, which means that we have not only IP, but also Cookies in common. This can make driving a lot easier. However, there are not many of them on sale and I personally met their prices from 10 dollars and more.
How they look: 122.156.2.14:22@user:1234
Where - ip: port @ username: password
When using a colon and a dog you do not need to enter (122.156.2.1422@user1234) Ports can be different, for SSH tunnels 22, for others tools any free ports out of 65535 possible ports.
A little about ports - https://ru.wikipedia.org/wiki/TCP_and_UDP_port_list
whatleaks.com - you can check yourself now. The site will show your open ports. Just for the sake of interest, driving does not affect.
We have the following working methods (Everyone chooses what is more convenient for him, but I advise you to try everything):
1) Use DS and, if necessary, SOCKS and SSH tunnel to it.
2) Use a virtual machine, that is, run a SOCKS or SSH tunnel on it.
3) Use a separate PC with English Windows and run an SSH tunnel or SOCKS on it.
4) Use different Anti-detected + browsers (SOCKS or SSH tunnel), which can be very flexibly configured not only by IP, but also many other parameters that are important to us. An example is Linken Sphere (more on it later).
FAQ:
A: What is pure IP? Will the payment be canceled if I try to drive through the native system that I have now? Or through a friend's / girlfriend's computer? And, as I understand it, Telegram is not an option at all, if you want to discuss with a person, at least some kind of criminal case?
B: You can connect any public VPN and go to the Checker's IP sites. They will show you that your IP, most likely, is not "Native", which means that the store will give you Fraud-points and cancel the transaction. When there is a lesson about AntiFraud, you will understand why you cannot drive a girl from a PC, because AntiFraud looks not only at the IP, but also at the fonts in your PC, Finger Print, Java fills, DNS Leak has such a parameter and all this needs to be taken into account.
A: And how much money do you need for software (Not for CC), if you take the ideal, average and beggarly option?
B: If you take a subscription to Anti-detected, then there is $ 100 per month. And if the bundle is virtual machine + SOCKS, then the virtual machine is free. SOCKS from $ 0.5 each. If DS, then a normal DS from $ 5 and above with administrator rights.
A: And if you take DS without administrator rights, they burn it? Is it so critical?
B: They will burn you if you try to sort out passwords on this DS or start watching movies in high definition. Essentially, DS is your shared PC with KX. And it is logical that KX does not get nervous, it is necessary not to load his system.
A: Is it possible to somehow find out if I have some cunning guests now?
B: You will see if there is another person in your account. He, as a rule, will instruct his programs and engage in other activities.
A: What is DNS?
B: Domain Name System. This is the domain name server that we refer to when we try to visit a site. Better to watch a few videos to understand well. You should have a clear picture in your head.
A: And how does the DNS change if it does not correspond to the SOCKS country?
B: In Anti-detected browsers, you can change DNS in case of mismatch. And in Double SSH Manager programs.
SSH Tunnels:
sshseller.tk
getssh.net
farsh.biz
tunastock.ru
getssh.net/en/ssh
@sshTAMAPA
@sshseller_tk
@@amigo_trade
@@ almaz_00
SOCKS:
vip72.org
911.gg
faceless.cc
luxsocks.ru
DS - Dedicated Service:
f-pc.net
dedicatesales.com
xdedicvhnguh5s6k.onion Driving
tools. Lesson 5.
So. Let's talk in more detail about the programs that will help us establish connections. Software tools for driving. What tools for changing IP have we reviewed?
1. SOCKS.
2. SSH tunnels.
3. DS.
4. VNC.
Everything is correct. So that our provider does not notice us, where and what we do, and our foreign friends do not catch us. If suddenly SOCKS falls, under it will be the IP of our VPN, and not the real IP. We have tool pie. At the very bottom is a personal VPN for security, and on top of it SOCKS / SSH tunnels / DS for AntiFraud.
Consider such a case that we have chosen to work with a virtual machine, on which we will install the operating system with which we will do it by driving. If we work in the USA, then we need to install the English version of Windows, but our system is English, and the IP remains the same, so, to change it to the US IP, we must use an additional tool. Its name is a proxy server. SOCKS and SSH tunnels. If we have the opportunity to install English Windows on the main PC, then the need for a virtual machine disappears by itself, but we still use SOCKS and SSH tunnels to change the IP. It is better not to connect your personal PC with Carding. Personal is
personal and work is work, so either a second laptop or a virtual machine. Alternatively, you can use DS.
By the way, you can also make DS from your PC, connect to it from another PC and also work. The principle of operation is close to that of TeamViewer, who used it will immediately understand what is at stake. Thus, when we launch DS, we find ourselves on someone else's desktop, and we are already working on it. DSs are mined by Brut of PC ports. Most often, Brute is a hack carried out through the selection of a username and password using special programs. DS can be purchased by country or state. The DS survivability is usually about two weeks, sometimes less, mine once lived for a month, but I did not load it and worked occasionally. Also, you need to consider a tool such as browser Anti-detected. For example, as I already wrote - Linken Sphere - LS.
This is a browser that allows you to change the data that AntiFraud fills. For example, IP, DNS, time zone, WEBRTC, system emulator, that is, you can configure that we will be seen as if we are working with IPhone, Android, Windows, Linux and so on. He has a lot of opportunities, he goes by subscription, on the site the prices and the description are detailed.
LS helps us change a lot of parameters, but we still need to purchase separate SOCKS or SSH tunnels.
As a result, SOCKS and SSH tunnels are required in almost all cases except DS, since DS already has the IP of the country you are buying, but in order to more accurately position your IP, you can hang an SSH tunnel or SOCKS. This is necessary if DS is in Ohio, and you need to beat in New York.
Summary - options-bundles for work:
1. Virtual machine (or a separate PC) + SSH tunnel or SOCKS on it.
2. DS + SOCKS to change the IP if needed.
3. Anti-detected + SOCKS or SSH tunnel.
And in front of each bundle is our personal VPN. It should always be there to hide our real IP. VPN is always installed on the main machine, not on the virtual machine and not on the DS. If you put a VPN on DS, then your chain will look like this: your IP - USA IP DS - IP of your personal VPN. It is in order to encrypt the connection to DS that we put on the main VPN system.
We turn off the logs so that the VPN server does not store the compromising evidence of our connections in the log. This is evidence.
If you use LS or another Anti-detected, then the software is not needed there. We will disassemble the connection of each program if someone has problems. I once spent a lot of time working on them. I advise you to try to use everything.
See all the pros and cons.
Connection to DS. You can use the standard Windows method. Run command on the Start menu, where we enter mstsc. A window will open in front of us where it will be possible to
connect to a remote desktop, and there we enter data from our DS - IP + Port, login, password. Instructions - akak.ru/recipes/6577-kak-vyipolnit-vhod-na-dedicated-server-dedik. Or you can use programs from xDedic, the principle is the same, only the question is to whom, which is closer.
xDedic RDP Client v1.0 - for connecting to DSs.
It is important to understand that DS are different in capabilities, they have different OCs, with or without administrator rights, just like our PCs are different for everyone. In order not to leave traces when connecting to DS, you can use Log Cleaners.
xDedicLogCleaner - for cleaning system logs.
It is better not to store files compromising you on it. Remove all unnecessary, use Portable versions of the programs, so that everything is quiet and invisible to KX. For the best work, you need to take DS with administrator rights. This will allow us to create our accounts, hide them, which will provide us with an increase in the lifespan of DS'a.
xDedic Log Cleaner is designed to clean up system logs, clean up temporary folders, for example, temp, you can also delete an account from DS along with all the files that you created during use. Cleaning is done not on behalf of your account, but on behalf of the system (System).
Attention, very important: The program works ONLY on servers with administrator rights! OS: Windows Vista or higher.
Description of buttons for xDedic Log Cleaner:
[Flush] - cleaning logs in one click. There is no point in explaining further, and so it is clear!
[Auto Flush] - clears the logs at a specified time interval, that is, choose the time, click OK and that's it, the program can be closed, the logs will be cleared every N minutes.
[Flush & LogOFF] - clean the logs and exit the account. It is useful if you did not create an account for yourself on DS, but work under a purchased account, that is, you disconnected from DS, and the record that you disconnected remained in the logs, it must be erased. Finished working with DS - chose an option, set the time, clicked OK, disconnected from DS. The program itself will cover up the traces and disable the account.
[AccountDelete] - A useful and dangerous function at the same time. Usefulness:
1) Disables your account.
2) Removes it from the system.
3) Deletes your account folder from C: \ Users.
4) Cleans all logs. Complete covering of tracks on DS.
Danger: You will no longer be able to log into DS with this account. Also, if the only account on DS is Administrator, and you delete it, no one else will be able to log into the server, only reinstalling the system will help.
Dedic RDP Patch v2.1 - to create a hidden account on DS.
DS characteristics and rights are negotiated upon purchase. DSs are divided into - server: Windows Server 2008/2011/2012/2016 and home: Windows 7, Windows 8, Windows 10. Several people can work on server rooms, only one at home. Also, for a better understanding, you can read: dedicatesales.com/faq.html
And a little about VNC. VNC, in fact, also connects like DS, only through its client. DS has RDP, VNC has VNC. The difference is that you are sitting with the user in the same account, but in different sessions. That is, in fact, you and KH are like one person, which, of course, successfully influences driving, because you do not invent - you collect a personality, but use a real KH.
So, we connected our VPN, connected our bundle and got an IP that will be used on the drive. Our IP has such a parameter as RiskScore. Its value is from 0 to 100, the smaller it is, the better for us. RiskScore measures how fraudulent our IP is (Indicates how likely it is that the IP address is associated with high-risk transactions). There is a service, its name is MinFraud, and it is engaged in determining the RiskScore of our IP. It is better not to check the RiskScore directly, but rather to check such an indicator as the Proxy Score, knowing the Proxy Score you can approximately find out the RiskScore.
"If Proxy Score 0 - RiskScore will be 0-10. Proxy Score 1-2 - RiskScore will already be about 60"
Let's talk about Proxy Score. IPScore is used by more than 7000 online stores to identify fraudulent transactions, if from some IP address they made purchases under someone else's name, such IP is entered into the database, and the next purchase will be carefully checked by the store employees, and the chance that the drive will be successful is minimal. Proxy Score ranges from 0 to 4 and shows the probability that the user's IP is a public proxy server. A Proxy Score of 1 or 2 indicates a medium risk, a Proxy Score of 3 or higher indicates a high risk. Proxy Score 0 shows completely anonymous proxies.
0.5 15% / 1.0 30% / 2.0 60% / 3.0 90%
There are services for checking Proxy Score - fraud.cat
FAQ - fraud.cat/Home/Faq
maxmind.com/en/explanation-of-minfraud-riskscore - a little about how the systems that check us work. Also, IP has such a topic as blacklists. The absence of your IP in these lists has a beneficial effect on driving, on its success.
ip-score.com/ - go to this site. Right column - Blacklists check. If more than two indicators are Listed, then it is better to change the IP. Whoever has zero and one is good.
Let's go further - getipintel.net. Come in, scroll down to the line where you need to drive the IP. If the IP indicator is higher than 0.6-0.7, then it is not suitable for driving. One is the maximum, the maximum
- badly. This means that we are being fired to use a proxy server. which is not good, because ordinary KX rarely uses proxy servers. This value depends on the provider, on your connection, on SOCKS. Remember, if the IP indicator is higher than 0.6-0.7, then it is not suitable for driving.
Then we go here (registration is required) - ipqualityscore.com/user/proxy- detection-api / lookup
Our IP will be in the window. We select item 3 in the options and check. There will be four parameters:
Proxy / VPN Detection: false VPN: false
TOR: false Fraud Score 0
100 is bad. We read.
In short, everywhere should be False, and Fraud Score less than 60, then it makes sense to use this IP for driving.
ipqualityscore.com/user/proxy-detection-api/documentation - How bad IPs are calculated.
In fact, you now understand how, by running your IP through the Checkers, the AntiFraud site decides to give you a product or make a cancellation when you drive in.
FAQ:
A: That is, you can clog your IP under VPN until it becomes "Dirty"? Or how?
B: You can beat it while it's clean, but you don't need your personal VPN, it's not for that.
A: Is it desirable to drive IP through the entire complex of your designated resources?
B: It is desirable, because what one does not see can be seen by another.
A: It turns out that while the IP is clean, you can not hide at all and try to drive in or what?
B: Your IP is IP RU, which means it is clean for driving in by RU. Ideal, but you must admit, it's strange if KH from the United States will shop while in Vladivostok.
A: What if I'm in the USA?
B: And if you are in the USA, sooner or later they will grab your ass. Working in the country where you live is a lot of problems.
Additional material:
About anonymity on the Internet:
habr.com/post/190396/
habr.com/post/190664/
habr.com/post/203680/
habr.com/post/204266/
sourceforge.net/projects/whonix/ - What very important for anonymity.
myshadow.org/trace-my-shadow - What can be tracked over the Internet.
panopticlick.eff.org - Check if your browser is collecting data.
A little about Cookie:
habr.com/post/126643/
habr.com/post/104725/
habr.com/post/190488/
Logs:
habr.com/post/332502/
thesafety.us/ru/vpn-logs
The necessary software to run on a virtual machine:
the VMWare:
mega.co.nz/#!gwRFRY4I!6SvVM9QIX0LLeXjcz5XgrG1HDxOSEtiY6Kg_0uaSVK4
nnm-club.me/forum/viewtopic.php?t=964361
nnm-club.me/forum/viewtopic.php?t= 931454 (for MAC users)
Installation:
Download different OS:
nnm-club.me/forum/viewtopic.php?t=337306 (Windows 7)
rutracker.org/forum/viewtopic.php?t=4461985 (XP x32)
rutracker.org/forum/viewtopic.php? t = 4602474 (XP x64)
Installing OS on a virtual machine:
Other required programs:
mozilla.org/en-US/firefox/new/ - Firefox
portableapps.com/apps/internet/firefox_portable - Firefox Portable
ccleaner.org.ua/download/ - CCleaner
sendspace.com/file/lf3rvd - Plinker - program for launching SSH tunnels,
Proxifier - a program that allows programs that do not have the ability to work through a proxy server to bypass this limitation
Bitvise SSH Client 6.08 and Proxifier v3.31 work well with each other, so try to comply with the versions. Different versions react differently to each other. This bundle works.
Connection to DS. Questions and answers. Lesson 5.1.
You can connect to DS using the built-in Windows utility: Remote Desktop Connection. Start => Programs => Accessories => Communication => Remote Desktop Connection.
You can also do this: Start => Run => mstsc.
Another utility for connecting to DS is [BL4CK] VNC Viewer: Authentication Bypass.
Just start it up and enter the IP address of the DS.
How to upload software to DS?
Also, there is nothing difficult. If it (Soft) is on the Internet - then you do everything as on your PC - open the browser and download, if it is on your computer - then first you need to upload it to any file hosting service (dump.ru, sendspace.com), and then using the received link from the DS browser - download it again.
Also, you can connect your local disk to DS drives using the mstsc options (Menu - Options or Advanced). We select which disk to connect and then connect to DS. On DS, open My Computer and there we see our disk, from where we copy what we need.
After purchase, it is recommended to change the password to any of your own.
How do I change my password?
On DS press "start" "run" cmd. Enter: net user, user, password and Enter.
How do I create a new user on DS?
I must say right away that extra accounts are an additional reason to lose the server. For example:
Click: "start" "run" write cmd and enter:
Code:
net user sql 1234567 /add
net localgroup Administrators sql /add
In this case, an SQL account with a password of 1234567 will be created.
What if the clipboard does not work? You cannot copy text, links, and so on. Execute:
tscc.msc> connections>% connection_name%> client settings> clipboard mapping
Effective after restarting the RDP service.
It happens that rdpclip.exe works crookedly. It only helps to reboot the process (Kill in the task manager and Win-R -> rdpclip.exe)
What to do if it displays a message when connecting:
Code:
terminal exeeded the maximum connections?
In this case, in 99% of cases, the so-called console connection, or connection through a zero session, will help.
To do this, in Start-Run, type:
Code:
mstsc /v:0.0.0.0 /admin и бьем ENTER
Or: mstsc /vternet.0.0.0 / f -console (of course, instead of zeros, we type IP DS).
When logging into DS, it is not possible to change the layout.
To enter your username / password in English. The solution is as easy as shelling pears. After dialing the IP, do not press the connection to DS, but go to the "Advanced" option, where we enter the login on the desired layout and only then join the DS and enter the password (it will be entered in the same layout as the login).
What does "Log in to local computer" mean?
In this case, when logging into DS, after entering the password, you need to select another line in the field that is under the password, the one where it says "...... (This computer)" and after that we already enter the server.
What if I see other "left" users in the purchased DS?
In this case, there is no need to panic and rush to accuse the service of selling “Not in one hand” - this has never happened and will never happen. First, you should definitely be sure that these are NOT local DS users (the owners themselves). Secondly , it is quite easy to get rid of unwanted neighbors and with this request you should contact a consultant in ICQ 311582 and you will definitely be helped.
How to work correctly?
The main thing here will be:
• Hide your software deeper in system folders, such as c: / windows / system32 .
• Do not create a number of additional accounts in addition issued to you when you purchase.
• Rename your .exe files by analogy with the system, such as svchost.exe.
• Warn Anti-Virus alerts - immediately configure them to work together with your software.
• Do not touch accounts already existing on the server.
• Do not overload the server unless absolutely necessary.
• Avoid heavy processor load (up to 50% dangerous maximum).
• When installing programs, make sure that shortcuts do not appear on the desktop and in the Start Menu, or manually delete them from the All users profile.
Configuring Linken Sphere (LS). Lesson 5.2.
I will say a few words about Anti-Detected. In my opinion, the thing is very useful and necessary in our craft. However, they are divided into two groups. Those that hide the hardware (Processor, video card) and those that replace the browser for us.
Of those that replace hardware, I can recommend Aff Combine. It costs $ 1000. Maybe someone needs it.
And those who replace the browser - there are quite a few of them, but I can only single out Linken Sphere, because they have some of the most reasonable prices, they have technical support, frequent updates, and you can also buy config (more on that below). I am silent about other Anti-Detected, since their prices are $ 2000, and they work worse than the same Linken Sphere. In general, decide for yourself.
So, one of the tools that simplify our work is Linken Sphere (LS) ls.tenebris.cc.
The site has a short FAQ for the product. The cost of the product when paying for one month is $ 100. If paid for 6 months (Pro Version) - $ 500.
What does the Pro version give? By purchasing a license, you get the opportunity to buy private config'i on their website. The cost of one config is $ 3. Config is a "model" (assembly) of characteristics - OS version, browser version, and so on. That is, it is a config merged from a real machine.
It all works quite simply. We bought a CC, made a separate config for it, put an SSH tunnel or SOCKS in config - and off you go. In LS itself - like in a browser, tabs are also opened, and you can open tabs of different config '. With LS I drive in the best stores, with the strongest protection, if anything. You don't need a virtual machine to run Linken Sphere.
Let's continue. So how do you set up LS? First, open it, go in, click Setup New Session.
After opening, we will see a window like this:
This is a new design, then the photos will be with the old design, but nothing much changes there.
Next, select our User Agent (you can add them yourself): useragentstring.com/pages/useragentstring.php?typ=Browser
Then click on the Config Manager button:
We see the options that are available to us:
We selected and click the Generate button:
What we got:
Going to WebGL from the screenshot above. In WebGL, we check that WebGL got up by itself. If we see this at once, then he stood up:
That is, when we opened this window, what we see in the red rectangle should already be up. If he did not get up right away, I delete this config.
Delete config:
Then back here:
Next, we expose our SOCKS or SSH tunnel. Example with SOCKS:
(1) - this is a note, I myself write an SSH tunnel (SOCKS) there, it remains there and so on, this is just a field for comments. Below is where we enter our SOCKS or SSH tunnel
- its IP and its port.
After that we press Check Proxy (button 2). And we get the result (indicated by the number 3) that the tunnel or SOCKS is alive and its ZIP.
The time here (in the green frame) is automatically pulled from the tunnel / SOCKS, you can also change it here yourself. If everything is as we see now, press the Save button in the lower right corner.
We get an open window:
How do I:
1) I go to Whatleaks and see the quality of the SOCKS (SSH tunnel)
2) I look at the open ports and so on.
3) Close config.
Pressing Setup again. Looking for my profile "No name"
I choose and change the name:
For convenience - under the name of KH. Save again and go to config. What else is interesting here? For example, you can put GEO under KX.
In this place. Where can I get it? GoogleMaps to help:
We drive in the address of the KX and on the maps we get GEO to this address. It is necessary to click the mouse next to the position of the house. We take this information and paste it here:
GEO and other details - you don't need this for the first time. It is enough what I described above.
Creating a personal VPN. Lesson 5.3.
VPS servers (Buy):
my.blazingfast.io
cp.king-servers.com
abusehosting.net
morene.host
abuhost.net
vps.ag
profitserver.ru
Open your personal account at my.blazingfast.io. Before that, you should already buy yourself a VPS server. Usually it costs from $ 3-5. (Now it's better not to take a server there)
Click on the panel, get our server, click on it.
We receive data from our server, we are interested in IP and password. We save ourselves somewhere in a notebook for convenience. Open PuTTy, enter the IP of your server into the HostName window.
We press Enter. Next, we entered the IP into PuTTy, clicked the Open button. In a new window, you will need to enter a login - we write the word root. We press Enter.
IMPORTANT! After pressing Enter, you were prompted for a password. Copy the password, and right-click on the terminal and Enter. By default, passwords are not displayed in terminals. If Access is denied twice, then close PuTTy and re-enter.
Now enter - wget https://git.io/vpn -O thisiseasy-ru-vpn.sh && bash thisiseasy-en-vpn.sh - ALSO RIGHT BUTTON AND PRESS ENTER. We press Enter. We are offered to choose a protocol - we leave it by default - press Enter. Next, we are offered by default port 1194, we also press Enter. Further, we see that we are offered to choose DNS for our VPN, we put the number 3 - we are interested in DNS from Google. Press Enter.
Next, you will be prompted to enter the name of your client, enter whatever you like.
We press Enter. We are waiting for the process of creating the config file to be completed. Will write Finished and a terminal line will appear.
Now minimize your PuTTy. We go into the WinScp program.
Enter IP, your password and username (root).
Here, we see the contents of our server on the right, and our PC on the left.
Let's immediately edit our config for logs. Open ClientName.ovpn. OpenVPN config files have the .ovpn extension. Find the value of verb 3, correct verb 3 to verb 0. Enter (Go to the next line). Add log / dev / null
We save the changes. Now we will transfer our config from your server to your PC. Go to your PC at ProgramFiles / OpenVPN / config. Copy your config to this folder. (If you can't copy it, then first transfer the config to the desktop, and then to ProgramFiles / OpenVPN / config. That is, we created a config in PuTTy, then found the config file through WinScp, edited it so that no logs were written. Now we copy our config from the server of our VPS to our PC. Launch OpenVPN.
Find the monitor icon and connect. Open the whoer.net browser.
So, reopen PuTTy. In PuTTy we now insert again - wget https://git.io/vpn -O thisiseasy-en-vpn.sh && bash thisiseasy-en-vpn.sh Now we create the second config. Now we add a new User. Therefore, we create a new config. Thus, we will have two config'a on one VPS server. This is necessary in order to sit on the PC and on the phone at the same time.
A new config is created. Open WinScp and see that our new config is next to the previous one.
Now we are ruling again. Verb 3 to Verb 0. log / dev / null.
So, who created the second config and edited it, you can safely copy it to your phone, download OpenVPN to your phone, find the path in the program where your config is on the phone and connect.
So, let's make a summary of creating a personal VPN.
We need the PuTTy program in order to log into our VPS server and create a config.ovpn with certain characteristics on it. PuTTy is essentially an SSH client. Instead, it can be any similar, for example, Termius. It is for information only. You can put it on your phone and also go to your server while sitting on your phone. This happens if you don't have a PC at hand, but you need to create a VPN.
WinScp is a program for connecting to the "file" component of our server (in fact, the GUI). That is, we need it in order to transfer our config to the desired directory on our PC. OpenVPN is the GUI of the OpenVPN client. We need it for convenient connection. In fact, all these actions can be performed in the terminal, but you can easily master this if you are interested in Linux.
There is such a thing as DNSLeak. DNSLeak is your real IP leak. For example, you have connected to SOCKS, and the Checkers' sites of your IP give yours that your IP is USA, and DNS is USA and Russia. This is bad for us, because what good is our crystal clear IP if you can be seen behind it by DNS. Read more about DNS on Google - it's the domain name system. DNSLeak arises due to the fact that your requests to the American do not go directly, but through the You-Russia-USA chain. As a result, some Checkers are able to see the entire chain, which we don't need. How to beat this?
comss.ru/page.php?id=2814 - we use the DNSCrypt program.
Installing the DNSCrypt-proxy service on Windows, Linux and MacOS to encrypt DNS traffic between the user and secure DNS servers. This prevents snooping attempts, DNS hijacking, and MITM attacks. That is, your DNS traffic is encrypted and not tracked.
You can check your connection for DNS leaks here - dnsleaktest.com
Information that can be obtained via the Internet - myshadow.org/trace-my-shadow
How to clean the logs on the server? Lesson 5.4.
Let's talk about the logs on the server, not only the OpenVPN logs, but also about all the logs that are written on the server. A good help for us will be an article from Habr, describing the types of
logs and their purpose:
habr.com/post/332502/ - logs and their purpose.
Note that most of the log files are contained in the / var / log directory. We do not like logs and therefore we ask a question. Is it possible to delete all the contents of / var / log and not worry about the logs? Not. This can lead to crashes and frequent error messages. If we cannot delete them, then we need to clear their contents. Thus, by clearing the contents of these files, we actually clear the main logs of our actions on the server. What types of logs in the / var / log directory we are interested in:
----- / var / log / syslog or / var / log / messages contains a global system log, in which messages are written from the moment the system was started, from the Linux kernel, various services , discovered devices, network interfaces and much more.
----- / var / log / auth.log or / var / log / secure - information about user authorization, including successful and unsuccessful login attempts, as well as the authentication mechanisms involved.
Since we are working with OpenVPN, it's worth dwelling on it in more detail. OpenVPN is a tunnel creation program. She writes logs - who initiated the connection to the tunnel and from where, how the connection went, and so on, that is, writes logs throughout the entire work. We can tell it the file where the logs will be written, but if this is not done, then by default the OpenVPN operation logs are written to / var / log / syslog.
So, we figured out the types of logs. We also figured out where the OpenVPN logs are written, now about how to clear them.
Launch PuTTy. Enter your username and password. And, thereby, we connect to our server. We know that all kinds of logs are kept on our server, and we know the / var / log directory.
Let's see the contents of this folder, enter the command in PuTTy: dir / var / log / -l
You see a bunch of log files, which are described in detail in the article on Habr that I gave.
These are all logs. Where we see numbers after the name or the .gz extension, we can safely delete it. The service will not be affected. Now we will not do this, because these logs do not bother us. These are basic logs, but now we are only interested in the contents of the syslog file, because OpenVPN sends a report on its work there by default. We want to see what kind of logs have accumulated there.
We enter the following command:
Code:
cat /var/log/syslog
Now let's check if our OpenVPN logs are written here. Connect your OpenVPN config that we created. Now let's go back to the terminal, to see the changes in syslog, you need to restart OpenVPN with the command:
Code:
/etc/init.d/openvpn restart
The server gave us a message that OpenVPN was restarted. Now we have to look again at the contents of syslog, and we will find our old log + OpenVPN log:
Code:
cat /var/log/syslog
That the first, that the second, as we can see, are written to Syslog. Now that we have clearly seen that the log of our connection is being written to Syslog, our task is to clean its contents. Enter the following into PuTTy (command line, terminal):
Code:
cat /dev/null > /var/log/auth.log && cat /dev/null > /var/log/syslog
This command clears the contents of Syslog and auth.log.
How can we verify that we have cleared the logs? We must check the contents of these files with the commands we are already familiar with.
We reboot the server:
Code:
/etc/init.d/openvpn restart
We view the contents of the Syslog:
Code:
cat /var/log/syslog
We look at the contents of auth.log:
Code:
cat /var/log/auth.log
They now have 2-10 records (or even empty) instead of a huge sheet of rows. Only the log of the last connection remains.
Congratulations, you have manually cleared the logs on the server. Now I do not have a ready-made solution on how to do this on the machine, most likely, it is necessary to write a script (I can give it to anyone) and give it the right to be executed every day. But we don't need it. Clean this way once a week and you will be happy.
A summary of how to quickly clean (That is, a summary of our lecture on cleaning logs on the server):
Go to PuTTy. Enter your username and password.
We execute the command:
Code:
cat /dev/null > /var/log/auth.log && cat /dev/null > /var/log/syslog
And that's it, there are no logs. It's a matter of two minutes.
Everything that I described can be done in the WinScp program, go into the folder with logs, open, clean it manually, but why do this if we have a ready-made reliable solution, and an easier one.
And of course, do not forget that the provider of our VPN can still keep logs of our activity, which in fact does not matter much, because in order to prove something, your IP alone will not be enough. The logs on your PC and on the server are proof that we clean up.
The main
thing : - to understand, as long as the condition is fulfilled that it is more expensive to catch you than to cover the losses from you
- you will be safe.
Consider a case where you have syslog and for example syslog.1 in / var / log folder. That is, two files. To understand this, we go back to the logs directory and see what files are there:
Code:
dir /var/log/ -l
If you see there, for example, there is a syslog.1 file, then you can delete it with the command:
Code:
cd /var/log && rm syslog.1
Instead of Syslog.1, it can be the name of any file you want to delete. We figured out the logs on the server.
Let's continue. And now about the logs on your PC. Logs on your PC are written here:
Go there and see, there are usually no more than 10 lines. So little, because we have already prescribed in the config itself so that the logs are not written on your PC. If we did not correct our config after its creation, then in this file that you have on your PC all the OpenVPN GUI activity would be registered. For the sake of experiment, you can create a new config without editing it and look at its logs, what and how it writes.
Thus, you learned how to disable logs for your PC, and then delete them on the server itself.
PS: All the necessary programs are on the Internet.
VPN + TOR + VPN bundle. Lesson 5.5.
This bundle only works on VBOX.
From whom VMWARE can import your system under VBOX.
Even though you will be working through 20 VPN servers, it will only increase the time it takes to catch you. How is your identity revealed? It's simple, there is your VPN server, any VPN server has a provider. They send a request to the provider and ask who connected to this server, respectively, they find out your IP.
What is the way out of this situation? VPN-TOR-VPN, universal chain. The first VPN will protect you from various SORM systems and hide the use of TOP. Next, you have TOR, which covers your tracks. And the last VPN or DS provides us with a white IP on the output.
1.virtualbox.org - Download VirtualBox.
2.whonix.org/wiki/VirtualBox/XFCE - download Whonix Gateway. You can also download Workstation and be super anonymous working from under its environment.
3. Press Ctrl + I in VBox and import the downloaded Gateway
4. Go to Settings (gear icon) - set 380MB of RAM (then Whonix-Gateway will open in terminal mode, which is more than enough for it to work and does not eat RAM).
5. In the Systems tab, also put a check mark only in HARD DRIVE and drag it to the very top.
6. General - Advanced - Shared Clipboard (Bidirectional)
7. Drag'n'Drop - Host to Guest
8. Launch Gateway.
9. Select "Iam Ready to Enable Tor", wait for "Next" 10.
Now traffic from the main machine goes to the Whonix Gateway. Whonix will boot in console mode, no further changes need to be made in Whonix Gateway.
1. Now we connect Whonix and Windows.
2. Launch our Whonix Gateway. RMB on the Windows virtual machine, select the "Configure" item, then go to "Network", disable the first adapter -> enable the second adapter -> select "Internal network", select "Whonix" below
3. Done! Now all traffic goes through TOP and Whonix Gateway.
Again. First based on VPN, launch GATEWAY, then VPN on virtual machine again (I am using second VPN Nord) Done. (Then we hook SOCKS / SSH tunnels / DSs)
Ideally, install a virtual machine with a script in order to override the VBOX parameters.
ANTIFRAUD. Lesson 6.
Let's talk about AntiFraud. As already understood from the safety lesson, in order to complete a successful driving, you need to follow certain rules. AntiFraud - protection against fraud. Fraud is a scam. In our case, bank card fraud. That is, AntiFraud fights fraud. AntiFraud has its own settings, ranging from simple to the most complex, the more complex the settings, the tougher the transaction checks are. The simplest ones are protection by CVV code, analysis of the card by country of issue, check of the IP address. The more complex AntiFraud is, the more expensive it is for the online store, basically they pay money for AntiFraud based on the number of transactions that go through it. Automatically, we can conclude that not all stores use high-level AntiFraud, since it is not always profitable, which is confirmed in practice when driving in.
AntiFraud has a group of filters through which information passes and after that the system calculates the so-called Fraud-points. Based on Fraud points, the system decides what to do with the transaction - skip, cancel or send it to the manager for manual review. When we drive into the store, we have the opportunity to specify two addresses.
Billing address and Shipping address. Billing address is the address of residence of KX, that is, when a person issued a card, he indicated this address. The shipping address is the address where the goods need to be delivered. This must be remembered. Let's say we scored certain Fraud points when typing, for example, problems with IP, besides, our Billing and Shipping addresses do not match, that is, in the Billing address there is one address, and in the Shipping address - another, then additional Frauds will be added to our payment -points.
pochtoy.com/newbies/billing-shipping-address/ - you can still look at the addresses here.
Also, the domain addresses of our mail can be verified. What does it mean? For example, there are postal services, such as mail.com, where registration takes place without SMS verification, that is, it is quite simple to register. Therefore, it is better to use mail like Gmail, yahoo, aol.
Services of the type help us to
receive
SMS : simsms.org sms-reg.com
sms-activate.ru
@ rodik19 (expensive)
You can also use corporate mail, that is, company mail, but I do not recommend it. You can buy corporate mail here - fraud.cat
Why I do not recommend corporate mail, you can read in the material:
Three Most Popular Carder Mistakes - AntiFraudScore
Здравствуйте, Уважаемые Кардеры, с Вами Учитель и "AntiFraudScore"! Поговорим сегодня с Вами о транзакциях в среднестатистических магазинах с среднестатистическими антифрод системами, а также разберём, почему у Вас отменяют массово Ваши ордеры. Как обойти антифрод? Или почему шоп не даёт У...
There is such a moment with AntiFraud that ordinary buyers often suffer due to strict checks. Therefore, on peak sales days, the level of verification is reduced to the system - Black Friday, the time before Christmas - these are the days when driving in are easier. Because of this, December is considered the most favorable time for our craft.
Some stores even have such moments that the information from where we entered their site is read - through a direct domain or from a third-party source, so it is better to go to your store while typing through search engines, for example, through Google. It may be that the open tabs in your browser are firing at the moment and the time that your IP address is on the network. So to have a store in open tabs, into which they were going to drive in and with it Carding forums, would not be entirely correct.
But again, this does not bother us everywhere. Depends on the store. I will clarify that the programs on the PC, information about the hardware - all this is not noticed, if anyone thought. Only data provided by the browser. Everything that can be spied on is here - whoer.net
There is such a thing as "warming up", that is, before driving in, warm up the store. Warm up - climb through the pages, add / remove products from the cart, you can talk to online support, clarify a couple of questions - this is never superfluous.
AntiFraud often sends an order for manual check and, for example, if you have previously communicated with technical support, then the order will be checked more loyally. By Email, I will also clarify the moment that you need to do it under the name and surname of our KH, that is, so that there is a match with the Billing name.
Attributes table by which some AntiFrauds can notice us.
WHAT IS THE ONLINE STORE LOOKING FOR:
Code:
Mail similarity to billing name - От 0 до 1. (от 0% до 100%). Насколько E-Mail адрес (Без домена и цифр) совпадает с Billing именем (Почта).
Unique billing last 4 (past hour) - Количество разных 4 последних цифр CC за последний час (Карта).
Unique billing addresses (past month) - Количество разных Billing адресов (Домашний адрес КХ СС).
Email domain - Домен почты (то, что идёт после "@") (Почта).
Number of users with the same shipping address - Кол-во разных пользователей, которые используют адрес доставки, как у нашего "клиента". (Пересылка/Посредник)
Estimated email address age - Ориентировочный возраст почты "клиента". Возможно, просчитывается по словарям или базам почты. К примеру, сейчас почту: [email protected] - вряд ли зарегистрируешь, она, скорее всего, древняя. А вот [email protected] зарегистрировать легко (Почта).
Unique billing BINs (past month) - Кол-во разных BIN'ов на данном аккаунте за последний месяц (Аккаунт).
User location - Локация "клиента" по IP (IP).
Browser/OS - Система и браузер (Система).
Shipping/billing address distance - Дистанция между Billing и Shipping адресами (Дистанция между домашним адресом КХ и адресом, куда он хочет доставить посылку).
Changes in payment methods in the last day - Кол-во измененных видов оплаты за последний день (Аккаунт).
Network - IP-сеть (IP).
Payment method payment gateway - Способ оплаты (Способ оплаты. К PayPal, к примеру, доверие может быть больше у магазина, чем к CC).
Unique billing postal codes (Past month) - Кол-во уникальных Billing почтовых индексов за последний месяц (Аккаунт).
Account age - Возраст аккаунта (Аккаунт).
Unique billing BINs (Past day) - Количество разных BIN'ов за последний день (Больше BIN'ов - меньше вероятность на успех).
Unique billing postal codes (Past hour) - Кол-во уникальных Billing почтовых индексов за последний час (Больше адресов - меньше успех).
Shipping address country - Страна получения товара.
Purchase amount in USD - Стоимость заказа в USD.
Number of users with the same billing address - Кол-во разных пользователей, которые используют этот же Billing адрес (Известные адреса Drop'ов у магазинов в черных списках).
Time since previous transaction - Время между последними транзакционными событиями.
Shipping name length - Количество символов в имени получателя (Аккаунт).
Unique billing addresses (Past day) - Количество разных Billing адресов за последний день (Чем меньше, тем лучше).
Unique Billing Names (Past month) - Количество разных Billing имен за последний месяц (Чем меньше, тем лучше).
Timezone offset - Разница между UTC временем и временем "клиента", в минутах, узнается через браузер (Система).
Number of digits in the shipping address - Кол-во цифр в Shipping адресе. (Дома мало цифр имеют, если много цифр, то, наверно, определяют как посредника).
IP address - IP с которого зашёл "клиент" (IP).
Unique billing names (Past hour) - Кол-во разных Billing имен за последний день (Чем меньше, тем лучше).
Mx records from email domain count - Количество MX Records на домене почты (Почта).
Credit Card BIN And Last4 - BIN и последние 4 цифры CC (Карта).
Unique billing BINs (Past hour) - Кол-во разных BIN'ов на данном аккаунте за последний час (Аккаунт).
Number of digits in the billing address - Количество цифр в платежном адресе.
Digit-Normalized email address - Адрес электронной почты с пониженным регистром и с заменой цифр на знак "#" (Почта).
API event without page view - пользователь получил "Non-transaction" API событие. Но обошёл/не прошёл Javascript AntiFraud'а.
Signup to transaction time - Количество дней между транзакцией и регистрацией (Аккаунт).
Browser fingerprint - Уникальный идентификатор браузера (Система).
Unique Shipping Add in Orders (Month) - Количество уникальных адресов доставки за последний месяц (Чем меньше, тем лучше).
Billing last name in email - Отображается ли последнее слово имени Billing адреса в адресе почты ([email protected]) - John Smith.
Latest name - Последнее имя (Карта).
Billing address is reshipper - Является ли Billing адрес известным адресом пересылки/посредника (Адрес Drop'а/Посредника, что находится в черном списке).
IP/credit card country match - Соответствие стран IP/CC (IP+Карта).
Transaction billing last 4 - Последние 4 цифры Billing транзакции (Карта).
IP connection type - Connection of the IP block the user connected from (Проверяют не заблокирован (Для их магазина) ли у тебя IP).
Device fingerprint - Уникальный отпечаток устройства, с которого подключился пользователь (Система).
Unique Billing Names in Orders (Month) - Кол-во уникальных Billing имен за последний месяц (Чем меньше, тем лучше).
Latest changed password - Последний измененный пароль/изменялся ли пароль (Аккаунт).
Full checks are not carried out everywhere, many moments are bypassed using Anti-detect (LS), or if you beat through a good DS.
You can read a few parts: habr.com/post/253725/
FAQ:
A: If I communicate with those. support through a Google translator, then they will understand that I am a scammer or it can all be attributed to the fact that I am Russian, for example, but live in the USA. Or how does it happen?
You said that then the order is sent for verification to a specialist. So who is this specialist? The same person, like us, is only trying to protect the store, or there may be some grandmother who is not particularly versed in these Internet. And if there really is someone with brains, then what data does this specialist have, and what can he request from us in order for the transaction to go through?
B: The USA is the most multinational country, so no one there will understand anything. An ordinary store manager can request additional verification, for example, draw a map or call, for this there are services on different forums.
A: I, as I understand it, need to make new mail for each CC, but if AntiFraud notices the mail on time, what should be done then?
B: It is extremely rare to notice this, I myself have not even met this.
A: The order went to the manager for verification. Will I call 100% or can I somehow solve it?
B: Yes, they will call or draw documents will be required, but not 100%.
A: What if you do it by dialing in, it will be more successful?
B: I would not say, now it rarely works.
A: Fingerprint, device fingerprint is the MAC address?
B:https://ru.wikipedia.org/wiki/Digital_Device_Fingerprint
A little about AntiFraud: habr.com/company/payture/blog/250437/
What is FingerPrint: habr.com/company/oleg-bunin/blog/321294/
How AntiFraud works ... Lesson 6.1.
For example, you did it by driving, but for some reason it did not come in. Here's what AntiFraud found out from you, and why it understood that you are a fraudster.
This is an example of only one drive - through DS, so the information can always be different, and it depends on the store itself. But this is just so that you are aware of how strong your opponent is - this AntiFraud.
Data List:
• First and Last Name Billing. Roy Lee
• Phone Billing. 512-750-5839
• E-Mail Billing. *********@carlosrul.com
• Billing Adress. 5502 Blueridge Ct, Austin, TX, 78731
• First and Last Name Shipping. Roy Lee
• Phone Shipping. 512-750-5839
• E-Mail Shipping. *********@carlosrul.com
• Shipping Adress. 5502 Blueridge Ct, Austin, TX, 78731
• IP : port. 97.79.172.134:3391
• BIN or full CC number. 4050371112147141
• Order amount in USD. $ 432.99
• What type of online store is yours? (Giant / Large / Medium / Small) Rather large, as it has orders of this format BBB6159269514
• How to set up the system for you? (Aggressive / Untrusted Client / Neutral / Trusted Client) Aggressive
• How many orders were previously entered in the online store with similar data? (For example, before that you entered one order with the same E-Mail. Then you need to write "1".) 1
• What are you hitting? (E-Gift, Amazon, Ebay, PayPal, Clothes, Appliances, Flights, Food / Alcohol, etc.) Technique Dyson V7
AntiFraud System Labels:
Extreme Risk - multiplies FraudScore.
Medium risk - greatly increases FraudScore.
Small risk - increases FraudScore.
Neutral value - does not increase FraudScore.
Trusted value - decreases FraudScore.
Attention!
Different AntiFraud systems can work differently, not "recipes for the golden rules" are written below!
More> 60 FraudScore - Order Cancellation.
More> 40 FraudScore - the bot carefully checks your order and decides what to do with it.
More> 20 FraudScore - sent for human verification.
The rest of the orders are passed as approved.
FS - FraudScore
# Check Scores #
FraudScore: 79 out of 100 - Risky (Medium risk) [Order will be checked by bot and human, most likely call / documents needed, cancellation possible]
RiskScore: 8.65 - (Neutral)
ProxyScore: 0.00 - (Neutral value)
# Description #
USD> 600 - False (Trusted value)
The order amount is less than $ 600 (Does not exceed the standard transactions of large online stores with appliances), this is good.
The correct Billing address was specified, the distance between Billing and IP is large enough, this is suspicious.
No social networks were found for the specified E-Mail, the used KX usernames were detected. Some IP indicators indicate the use of anonymity tools.
All characteristics of the mail indicate that the mail is fraudulent - left.
The Business number is indicated, the real number is identified, the indicated number does not apply to KX - left.
3 ports are open!
# Check Location #
Distance IP / Billing Location: 73.59 miles / 118.43 km (Medium Risk)
Distance IP / Shipping Location: 73.59 miles / 118.43 km (Low Risk)
Distance IP / New Billing Location: N / A (Neutral) [Specified Faithful Billing]
Distance Billing / Shipping Location: N / A (Neutral) [Bill = Ship]
Ship Forwarder Address: No (Neutral) [Not the address of a known intermediary]
# Billing #
Address Type: Single Family [The specified billing is Multi-Family Residential]
Neighborhood: Lakewood Village [Neutral] Valid Address: Yes [Valid Address]
Billing Country Matches IP Country: Yes
Billing City Matches Shipping City: Yes ( Neutral
Billing State Matches Shipping State: Yes
Billing Country Matches Shipping Country: Yes
Billing ZIP Code Matches Shipping ZIP Code: Yes (Neutral)
Full Name: Roy I Lee III (Neutral) [Revealed full name]
Current Address: 5502 Blueridge Ct Austin TX 78731-2636; 7505 FM 215 Valley Mills TX 76689- 3114; 28343 Willis Rnch San Antonio TX 78260-6056; (Trusted value) [Address identified, KX lives at the specified Billing address; other property identified]
Previous Locations: Austin, TX; Eagle Pass, TX; Rockport, TX; Manor, TX (Neutral) [Former Cities of KH identified]
Relatives: Robert L Lee; Elisa S Lee; Lisa S Lee (Neutral) [Relatives identified; some live at the specified Billing address;]
# Social media #
Username's: royxlee, leer76 (Extreme risk)
Not found either on Billing name with associated E-Mail, nor simply linked to E-Mail (Extreme Risk).
# IP #
User Type: Business (Medium risk) [IP belongs to business; Non-consumer
IP ] IP Country Match: Yes [Country IP matches Billing]
Corporate Proxy: No [No corporate proxy used]
Proxy IP Address: No [No proxy used]
IP ISP: Spectrum Business (Medium Risk) [Well-Known Internet Service Provider for Business]
IP Usage Type: Fixed Line ISP (Neutral) [IP belongs to the cable Internet, the IP provided is not Web Hosting; IP is not commercial;]
IP Time Zone: -05: 00
IP Loc: 29.42412, -98.49363
IP Region: Texas (Neutral) [IP state matches Billing]
IP City: San Antonio (Medium risk) [IP city does not match Billing]
IP Zip: 78201 (Small risk) [IP Zip does not match Billing]
IP Continent: North America [IP Continent matches Billing]
IP Domain: spectrum.com
IP Net Speed: DSL
Proxy / VPN Detection: Not A Proxy / VPN (Neutral) [No Proxy
Usage Detected ] Hostname: rrcs-97-79-172-134.sw.biz.rr.com (Extreme Risk) [There is a given hostname - but no Ping, this indicates that the IP is not a public server, but it can be a private service of anonymity means]
Ping Hostname: 100% Packets Loss (Trusted value) [Communication with host not established, host is down; this is not a public server]
Ping: Two-way PING (Extreme risk) [Proxy use possible] Blacklist's: 0 (Neutral) [IP not found in any of 139 BlackList databases) [IP not found in Blacklists]
Server IP Domain: - (Neutral) [No Domain Found]
# BIN #
Issuing Country: United States (US)
Issuing Bank: CHASE BANK USA NA
BIN Found: Yes (Neutral)
BIN Name Match: Yes (Neutral)
Bin Country Match: Yes
Prepaid Card: No
# BlackList's #
IP Address In Blacklist: No
Email In Blacklist: No
Credit Card In Blacklist: No
Shipping Address In Blacklist: No
Phone In Blacklist: No
# E -Mail #
High Traffic Domain: Yes [Known E-Mail Provider] Free Email Domain: No [Paid Mail
Domain ] Domain Authority: 2 (Extreme Risk) [Domain has no authority] Alexa Global Rank : 0 (Extreme Risk) [Domain has no Alexa rating]
Domain Register: 2018-06-09 (Extreme Risk) [Domain Recently Registered] Updated On: 2018-06-09 (Extreme Risk) [Domain Not Rebought Yet]
Fresh Email: Yes (Trust Value) [Fresh E-Mail]
E-Mail Owner: - (Extreme Risk) [Email Owner Not Found, Does Not Match Billing Name]
E-mail First Seen: - (Extreme Risk) [Your EMail unknown to databases]
Email Longevity: Never seen before [E-Mail did not appear in White / Black databases]
E-Mail Valid: Yes [Mail exists]
E-Mail Address: - (Extreme risk ) [Email address not identified, does not match Billing address]
E-Mail / Name: False (Extreme risk) [Email address not associated with Billing name]
PR-E-Mail: 5 (Extreme risk) [From 0 to 5, a combination of mail address elements is usually associated with fraudulent orders, everything indicates that the mail is left]
# Verify Phone Number #
Type: Mobile [Mobile]
Org. number: AT & T (Neutral) [Known Service Provider]
Registered in: Austin, TX (Neutral) [Same as Billing Address]
Status: Active [Call Available]
Listing Type: Business (Extreme Risk) [Number belongs to a business company / not a work, not a consumer number]
Name First & Last Mobile: Timothy Knetl (Extreme Risk) [Name Revealed, does not match Billing Name]
Current Address: 609 W High St, Goliad, TX, 77963 (Extreme Risk ) [The number address does not match the Billing address, only the state matches]
Owner: Timothy Knetl [The owner of the phone is currently identified, does not match the Billing name]
Valid Phone: True
Spam / Fraud Potential: Low Risk
Explanation: Phone and address are not linked, name and address are linked. The phone is not associated with a name. (Extreme risk) [The link between the number and the KX was not identified, the link between the number's address and the Billing address was not identified; Name and address are linked]
Phone / Name: False [Billing name is not related to number]
Phone / Address: False [Address and number do not match]
Name / Address: True [Name and address are linked]
Based on Adress - Current Phone: (512) 343-7416 - Landline; (830) 438-2501 Landline; (361) 729-3086 Landline; (Extreme risk) [The real city number of the specified Billing address was detected]
# Data B #
Based on Phone - Name: RL TRANSFER ST
Based on Address - Name: RL TRANSFER ST
Based on Address - Phone: 5123437416
# Open Ports IP #
80 (http ) - open, low risk, using Web Proxy is possible.
3390 (dsc) - open, extreme risk, Dedicated Server can be used.
3391 (savant) - open, extreme risk, Dedicated Server can be used.
Terms:
Billing-address - the address to which the card was made (registered).
Shipping address - the address where the parcel should arrive.
A fake, Drop is a drop. This concept almost always means a person or an office that takes on all the most important risks that we do not want to take for obvious reasons. Quite often they plant and catch.
An intermediary is, relatively speaking, a delivery service or mail that can deliver goods to us or send to a figurehead. Ideal if we want to send goods to ourselves in Russia.
The dialer, the call is a person with good English (any foreign language you need). Needed in order to call the post office, bank, online store, anywhere else. Used for a variety of purposes.
The basic concept of driving. Lesson 7.
Let's consider the basic concepts, a few points and along the way I will say what we need to practice. The first and main region of work is the United States. We will consider their features.
The first and main feature of work in the United States and, concurrently, the main problem is AVS (Address Verification System). The system that recognizes KX addresses, it is triggered during the ordering process, this is, one might say, the central mechanism of AntiFraud in US stores
Code:
4037840052172271 | 2024 | 11 | 475 | Jonh | Doe | 2970 Park View Drive | [email protected] | United States | U.s. Bank National Association Nd | IN | Columbus | 47201
2970 Park View Drive United States IN | Columbus | 47201
Here we have a street and a house, a state, a city and a ZIP (also known as a postal code). The essence of the AVS system is in verifying the Billing address. They verifies the Billing we specified with the one recorded in the KX bank file. Bank file - a file in the bank that contains information about KH. It is the BILLING address that is verified, that is, the Shipping address is not verified by the AVS system, but we cannot always send to different Billing and Shipping addresses, and in general, stores have a negative attitude towards this. The important point is what exactly the AVS system checks. She only verifies the numbers from Billing. That is, from here - 2970 Park View Drive United States IN | Columbus | 47201. It will match 2970 in the Address Line and 47201 in the ZIP. The letters are not matched.
There are two methods of driving:
BillShip - Billing = Shipping
Bill not Ship - Billing =! (Not equal) Shipping'у
BillShip means that when driving, we enter the same addresses, both in Billing and in the Shipping address. This can be either sending a parcel to the KX address, or (If we managed to change the Billing address or there is simply no AVS in the store), we indicate Billing from Drop \ Intermediary and Shipping, respectively, too.
Bill does not equal Ship means that we enter different addresses, in the Billing address from the card, in the Shipping Drop / Broker. There are stores in the US without AVS, but there are quite a few of them. Also, there are those that only verify ZIP.
What algorithms for driving in all these situations can be:
1. Driving in different addresses. That is, Bill is not equal to Ship.
That is, we enter Billing from the card, and Shipping from Drop \ Intermediary. The option is not the most reliable
but a worker. It is paired with some additional body movements. Here it is important to warm up the store in advance, write technical support, for example, and explain that we temporarily live not at the main address. There can be many reasons - repair, fire, hurricane, whatever, as long as it is believable. And after that you can already drive in. Also, in such a situation, they will most likely then be asked to call or request documents. They can be drawn, and in the case of a call, you can ask to dial to the store and confirm everything. With this type of work, it is very desirable that the ZIPs of the Billing and Shipping addresses are as close to each other as possible, this increases the level of trust and AntiFraud does not throw such a brutal amount of points on it as for different states in opposite ends of the United States.
2. Possibly in stores where only ZIP is checked.
This can be found out by breaking through there by working off or any SS in advance. That is, we drive in Billing and Shipping any that matches the real ZIP'om from the card, and try to place an order with the smallest product. That is, ZIP with CC, the addresses are left, but under this ZIP.
Options after that:
- Can immediately knock out an error that the address is incorrect, then a reconciliation of all numbers.
- Can accept payment, but refuse the letter, say that the address does not fit.
- They can send the goods.
If the goods have been sent, then the store verifies only ZIP. Well, in fact, it is not the store that checks, but the payment system. If we find such a store, then we take the CC with the ZIP'om, as in the address of our Drop'a or the intermediary, and drive it in. That is, ZIP KX, Drop or intermediary addresses in both Billing and Shipping.
3. Driving European cards into American stores.
We can take a European card and drive it into the US store. The AVS system will not be able to verify such Billing, therefore BillShip is also using such a billing.
Here either:
- They will refuse under the pretext that we cannot verify your address, pay with another card or PayPal.
- They will ask for documents, they can be drawn.
- They will send the goods.
4. Enroll
This is access to online banking, like Sberbank-online, for example. In many Rolls, you can change the Billing address. There will be a separate lesson on this topic. After the change, respectively, you can drive in with BillShip.
5. PickUp, Rerout.
The essence of PickUp is driving BillShip into KX, that is, we hit the goods to the address of the card holder. When the goods get there, using the PickUp service and a call, the parcel is intercepted. This is also a topic for a separate lesson. Rerout is similar in its mechanism of operation, but here the message is not intercepted, but redirected.
As for AVS, this system can check the phone. This is not often the case in payment systems, but it happens. Here the way out is to take the SS with the data on the phone and drive it in as it is, and then either call with the substitution of the number and ask to make a call some time after the order, or flood the KX phone.
For example, through this service - ebomb.biz
Mail and phone spam:
just-kill.cc
ebomb.biz
@@ Serggik00
@BlueSunset
Credit Cards (Buy):
bankomat.cc
fe-acc18.ru
validcc.su
27kaqicipyhous2p.onion
UNICCSHOP.MN
approved.xxx
bingo.hi.cn
carderbay.com
uniccshop.bazar
clevershop.cc
hustlebank.com
thebulldog.vip
cvv-me.su
freshbay.cc
entershop.uk
pluscc.mn
rescator.cm
validcc.ws
briansclub.cm
Check CC:
undef.su
Intermediaries:
my.meest.us/en (America)
pochtoy.com (America)
posredniki.info/category/usa/ (List)
shopopoisk.ru/posredniki/ (more list)
Number service (VOIP):
evoice.com
gvoice.pw
textnow.com
Or just buy GoogleVoice.
Rerout:
@Researcherwwh (UPS, Fedex)
@rasmus_call (Fedex)
@Nika_Nikola (Female voice - Nick)
@fbi_call
@ dark68
Interception Service (PickUp):
@ ninjablack63
@HotChiliMe
@ MoonService2
Frontman / Drop's:
@NormanSpears
@ Project_13
@ARENASERVICE
@leon_support
@ bocman11
@dolbim_us
@vikontesssi
Prozvonit (Calls):
@Malfey_Prozvon
@brabus_call
@Mr_Gruffelo
@VeeChe
Drawing documents:
@ meyer1ansky
@Angedaniya
@ Serggik00_Otrisovca
@getla
@docerfake
FAQ:
A: Is it somehow clear that the store does not have ABC? Some kind of badge? Is it reasonable to immediately write in those. support? In the sense that at first you try to make a purchase, you fail, and only then write in those. support with indignation and anger, then solving all other problems. Silly question, but which method is the least expensive, but at the same time the most profitable?
B: No, it is not visible, only by tests. About writing in those. support - yes, these are impossible situations, they are resolved before the purchase.
A: 1) If we hit the European card in the US, then BillShip of a European country? That is, international shipping is required? 2) If the payment system verifies the phone, then we do PickUp / Rerout on BillShip KX, or just specify the phone number and then flood / call?
B: 1) BillShip Drop \ Broker. 2) Depends on other circumstances, but since it verifies the phone, then everything else also verifies.
CC shops (Credit Card). Lesson 8.
Let's analyze FESHOP - fe-acc18.ru. Go to your account. There will be nothing complicated, but we will analyze the structure of the stores. We need a CVV's section. As you can see, it has its own filters, using which we will select the SS precisely for our needs. BIN's is a window for searching CCs by their BINs. In the process of driving in and gaining experience, you will form a list of good, read, those who go into stores, BINs. You can write any BIN and check if there is CC in the store for this BIN.
440293 - We drive in how many cards did you find? Lot. In addition to BIN, we can select by country and state, and so on. This is useful if we are looking for a CC for a specific IP. Ideally, the IP should be the same as the CC ZIP.
What is Base in your opinion? Right. Base. Maps are mined in different ways and added to the site at different times, from which they are divided into bases. May be by date of addition, by country.
Most often mined by SNIFF. SNIFF databases. SNIFF is a software (Software) that intercepts CC data, usually hang it in stores, collect data and sell it. Also, in the description of the base, it is stipulated that the SS is without a name or address, or additional information. Pay attention to which base you buy the CC from - this is important. It happens that there is no AVS in the store, then CC without an address will suit us.
By the way, I will give you one VPN service, it is without AVS - tunnelbear.com/download
You can drive a VPN into yourself by checking the CC. CC without address is usually cheaper. In some stores, for example, JOKER, Valid bases are also indicated.
The percentage of validity of the base is found out as follows, they take several dozen cards from the base, run through the Checker and get the percentage of Valid. If the database is fresh, then it is logical that there is more Valid, but this is not always the case.
Choose any base. We see the Check time column. What's in it?
BASE HASN'T REFUND - time for checking is not given. Irrevocable. Bought everything, even if not Valid.
5 MINUTES TO CHECK - given 5 minutes. Bought, hammered in, did not enter. go back to the store, check on the store Checker, if not Valid, then the money will be returned. For all 5 minutes. We draw a conclusion from this, before driving in the SS, everything must be ready for driving.
In fact, it is best to buy CC with a refund, because no one will give you guarantees that not Refund 100% Valid will enter easily.
Each store has its own search engines, some have more information, some less. Pay special attention to the Level of the card, that is, its status. If the store does not write what level of the card, then you can punch through the BIN.
Prepaid, Business, Gift - These levels are right by. Focus on Classic, Gold, Platinum. Sometimes Premier, but the first three are better.
Also, you can also note - validcc.su (registration costs $ 200, if you have an invitation, you can get it)
Now they are complaining about Valid. Be more attentive.
I also note that it is easier to search for SS under IP. And finally.
Assignment:
If you have funds, then register here and purchase LS (Linken Sphere). You can buy for two or three, it works quietly and does not crash. The subscription costs $ 100 per month.
Warming up the store. Lesson 8.1.
Warming up the store means communicating with it - SI (Social Engineering). What categories can be divided into communication:
1. Communication via Email.
2. Communication via Live-Chat (it may not always be available, depending on the time zone)
3. Communication via the phone.
Now about each item in more detail.
The advantages of communicating via Email - you have the opportunity to prepare your questions / answers in advance, build a certain strategy for your communication, predict it to some extent, but there are some drawbacks here, namely that the store can respond within a few days. Here you need to take into account that due to a long wait, the obligations of the seller who sold you the CC (By Replacement), of course, will no longer be relevant. In this case, you need to warm up the store in advance and only then buy the material.
Communication via Live-Chat. Pros - no need to wait a day / two, as in the case of E-mail, all communication will take no more than 10 minutes, after which you can start the process of driving our SS.
I must say right away that for those who do not speak English well enough, I recommend using the Yandex translator. The rest make the translation crooked and not very natural.
And, of course, the best product can be taken out if the store is warmed up through the bell. Even in those cases when, it would seem, there is no longer any hope of breaking AntiFraud with the first two options, a competent call by you personally or through a service that makes calls will play a decisive role here.
Let's take a closer look at different situations. As we all know, the United States is famous for its natural disasters and a sense of compassion and tolerance for everyone, without exception. So, in the USA, almost every month, nature arranges another test. Usually these are fires, floods, hurricanes. And this news is always spread all over the world - and we must follow it. There is such a thing, Americans are kind people and are always ready to come to the rescue, to go to a meeting. Therefore, we find the material (SS) of the state, in which the trouble happened, and write to the store that we have become a victim of a disaster.
And then according to the situation. The house burned down, along with a laptop and phones, so I am writing from a friend's or relative's PC. Ask the manager to pick you something in the middle price range (PC or phone of some kind) and ask to send it to the address of a friend or relative, since only a torn American flag remains from your house. The options are different, it all depends on your imagination. Follow the news and give it a try. He also works with Canada. The people there are also extremely friendly.
In Canada, too, AVS, plus they can request drawing or other verification. If you do everything as asked, they will send you, then everything is fine.
Now how to do it is not worth it. Forget about gifts, departures and other too primitive stories and fairy tales. Be original and convincing.
I had a case that a complex store wrote me a letter after ordering. From the series, why are you sending here to different BillShips, and I said that my house had termites, now disinfection (This often happens to them). I live with my relatives and all that.
Do not forget that the manager is sitting at the other end, and he is, first of all, a person with a bunch of everyday problems, just like yours. Also, good topics are bachelor / bachelorette parties, family showdowns (quarrels, divorces, infidelities). In general, fantasize and go ahead. You can send to a dummy person (Drop'a, dummy person) and to an intermediary, as you like.
Now about another driving method. Driving through the form. This form is called - Authorization Form. So, we go to the store, walk around the store, add the product to the cart. When we have reached CheckOut, we write to the chat that we cannot pay. Like, I click on CheckOut and nothing happens. You will be prompted to clear the cookie / restart the browser, this is the standard.
You are like that, you have tried everything, but nothing has changed. We reach CheckOut again, and write again. You ask what other payment methods are there. In response, you may be offered: PayPal, Bank, Form or drive for you. We are interested in either the form, or by hammering in for us. If they give you a form, then you need to fill it out - enter the CC number, full name, address, the amount to drive in and the name of the product and send them by e-mail. You can do it yourself if you have a printer and scanner.
You can order a rendering.
The second option, driving in for us. The store manager himself will beat the CC and send us a check to debit the money. So, the obligatory rule of payment in the form is that you must send them a photo of the SS from both sides. It is better in this case to beat the European SS, since the cancellation will go on for a couple of weeks.
Driving in with a form, as well as driving in with a call, is an Offline purchase, that is, the store does not see the settings of our PC and AntiFraud will not work. If you are more or less fluent in English, then my advice to you is to learn how to speak English on the phone with shops. Just call and talk. And in a couple of months you will be able to easily place an order by phone without paying calls - you will save a lot of money. Of course, the first times will be difficult, but everything comes with experience. Over time, you will drive into the lung with your voice.
And yet, a couple of tips. Let's say we have a store with a watch. Before calling, create the atmosphere of the fact that you are in the United States, turn on the TV in English in the background, preferably louder so that you can definitely hear it on the other end. Or radio. In general, something in English. Further, let's say the watch costs $ 1,500.
We walk around the site and find a review about our watch. And when we talk to the manager, we say that my friend bought a watch from you. I really liked them, and I would like to buy the same for myself or give it to someone. Only I don't know the brand of the watch. And then they drove, the manager starts guessing the hours that we want, according to the parameters that we gave him. And in the end it offers exactly ours. And then, having already driven in by phone, goes: Billing address, card number, and so on.
Don't worry about the accent. America is a country created by immigrants and everyone has an accent there. Of course, at first you will be faced with the fact that you will not understand what you are told. Refer to a bad connection, ask for repetition. Watch TV shows in English, helps to quickly master the language.
I recommend calling from the Sip-System service to change the number. That is, when they call the store, they will see the number we need - the KX number.
FAQ:
A: These three warm-up methods are specific to online stores. And what is the principle, say, on Ebay?
B: In the case of Ebay, we can also use email communication with the seller, you can also pre-add the products you are interested in to the basket, and after there, for example, 3-5 hours try to punch them.
A: Isn't the topic of cataclysms outdated yet?
B: This topic will not become obsolete until the cataclysms stop, which I highly doubt.
A: How to understand when you need to warm up the store when driving?
B: It is almost always necessary, it will always be useful. Of course, it is possible and warming up, but the chance that it will be possible to drive in is somewhat reduced.
A: Is the purchase of a cheap product, for example, $ 100, considered a warm-up for the store? That is, after such a purchase, the store's confidence in us will be greater and it will be possible to place an order for $ 1000 already?
B: Yes, of course, if you entered not from a guest, but from an account, then a Feedback is generated after each order, which has a beneficial effect on the next orders.
A: What if you ask for a photo of the card from both sides? Will they be able to draw this?
B: Yes, they will do it in 5 minutes. It's not very difficult.
A: If you drive only one store constantly, does it make sense to come up with a new story each time, or is there enough of several options?
B: Depends on how big the store is. If it is large, then no one will remember. And it's better, of course, to try to talk to different managers.
A: Does it make sense to drive in every little thing to the KX address to warm up the store?
B: It won't be superfluous. I do that sometimes.
A: If you enter a name that is on the intermediary, and not KX, there will be no suspicions?
B: Depends on the store, how strong AntiFraud is there.
A: Where is the best place to watch the news on the USA / Canada?
B: On major news portals like CNN and so on.
Mediators. Lesson 9.
The first thing that is important to know and remember about intermediaries is a completely white legal entity.
Also, it can be called a forwarding service, but this is less common. Usually, an intermediary is an official office that provides services for the receipt of goods and their subsequent shipment. Services are offered to residents of Russia, for example, so that they can order goods in America, even in stores that do not involve shipping to Russia.
Or, where delivery is very expensive. More expensive than the product itself. So, if I live in Russia and I need to place an ordinary white order in the USA, but there is no delivery, then how do I proceed. I go here and choose an intermediary for myself - posredniki.info/category/usa/.
For us, intermediaries are also very useful, but since this is a white organization, you need to be careful not to lose your package. Popular ones like ShopFuns definitely don't take.
And before choosing, we look for the type of intermediary + Carding, because such a request will help to check if there is any information on intermediaries in other forums, or on the intermediary's website there may be a whole canvas about our craft and how they are fighting it , such we bypass.
After choosing, we register an account. There are two ways to go here, both are normal. Register for your data or register for someone else's passport. Not all intermediaries require any documents at all, but those that do do so without fail. Or they may already ask for documents before deportation. The intermediary itself is, in fact, a warehouse with cells. There you can save up your parcels and then collect them into one and send them.
If you register on the left data (someone else's passport), then immediately buy a complete set of documents, so that there are no problems with drawing (passport - both pages, SNILS, documents for payment of utilities - gas, water, electricity). That's all, buy a VPS server or just SSH tunnels from which you will always log into your account. Also, make yourself an account in PP (PayPal) on the left data, link it to this intermediary.
A couple of examples of popular intermediaries:
meest.us - quite good for work, loyal to names other than the account name - more on that separately.
fishisfast.com - I personally had problems with them, but I know that some of them work successfully.
mainbox.com
pochtoy.com
After registering an intermediary, you are given an address in America or two addresses in different states. For example, they registered an account in the name of Mikhail Bakunin.
You get the address.
The physical address here is 600 Markley St. Port Reading, NJ 07064. And your cell number Suite 098489. We
register intermediaries strictly in Slavic or Caucasian names. Some intermediaries are loyal when parcels come to the left name. It is quite convenient. Depending on the intermediary, after the goods arrive, they are accumulated for a certain time there for free. Usually a month or two.
Regarding payment for the services of an intermediary - only in white money. The intermediary's account can be blocked, for example, if a store has contacted there, but in some cases you can
agree and pull out an account. But these are not common situations when they block about different names. It is advisable that more than two or three different names do not come, there may be questions further.
There is also such a thing that they can steal your package if they see different names. There are moments like that sometimes. Because, as the parcel arrives at the warehouse, and there it is already distributed to the cell by a person.
FSB notification: portal.eaeunion.org/ru-ru/public/main.aspx
Recommendations for working with an intermediary:
1. Do not send a million parcels immediately after registering an account. Take a week, and preferably all two. Send 1-2 packages per week. And gradually increase the amount. The swing rule works here, as in many other topics.
2. Clearly study the rules of the intermediary, this will avoid the loss of parcels.
3. Start a portable browser for the PP and reseller accounts, and work exclusively with it. Cookie is our everything.
4. Do not overload the intermediary with expensive packages. It is better to create several accounts, and send a little to each one. No normal person will buy 10 expensive phones for themselves in 10 days. Remember this.
5. Do not use an intermediary to drive in expensive equipment, it is better to use a figurehead. This way you will not kill your account if canceled.
6. When driving in, indicate the left phone number or ГВ (Google Voice). It is not worth writing the phone number of the intermediary or KX.
Recommendations for sending goods to yourself:
1. Do not exceed the customs limit (for Russia) 1000 EUR or 1200 USD per month - for one parcel. That is, if you indicated that the goods are in the parcel for 1200 USD, then this month you will no longer be able to send the parcel to the same name. He will barge in at customs, and you will wait for a new month to go through customs.
2. To be clearly aware of the indicated prices for goods, links, as well as FSB notifications. For example, an IPhone X came to the intermediary, your task is to do the following: write that the product is used, set the price 2 times lower than for a new product, find the model allowed for import by the link (portal.eaeunion.org/ru-ru /public/main.aspx) and indicate the FSB notification number on the intermediary for this product. To search for models, I most often use EBay, 90% of intermediaries are happy to accept such links.
3. Always underestimate the value of goods for clothes. For example, if you send Nike sneakers for 300 USD, write that the sneakers are Nifi and indicate the cost of 30-40 USD. I always do this. The same applies to bags, pants - in general, all things. Always rolling. Because no one will bother and set a clear cost of things.
4. As for the watch - please open the box and send the watch separately, the box separately.
5. As for jewelry - we write that it is jewelry. And you should not put a lot in the package. It is better to send the chain separately, the ring separately. I recommend sending jewelry with a bunch of clothes, there is less chance of customs being burned.
6. Equipment to send 2-3 items in the parcel. For example, one IPhone + one PS 4 + one
video card. There is no need to cram 10 items of all goods into one package. Remember that if there are 5 or more of the same items in the parcel, then you will fall under a commercial consignment, and then you will lose the parcel. Since they will ask for invoices, account statements and so on.
7. Do not store up parcels at an intermediary, especially valuable ones. IPhone / IPad / Rolex came to the intermediary - send it right away. It's better to pay extra 60 USD for shipping than to lose everything.
8. Pay the intermediary only with your own money. No carding. Do not cut the branch you are sitting on.
FAQ:
A: 1) And how to receive the goods if you made an account for another passport, and not for yourself? 2) How do shops treat intermediaries? 3) We are only interested in intermediaries who are loyal to names other than orders (that is, so that the account name in the intermediary is different from the name in the order? It turns out that the name may not match twice - in the order and account, in the account and yourself Is it possible, in this case, to register an account on Drop'a in Russia in order to remove at least one discrepancy? 4) What to pour into the ears of stores about the difference in names with the order?
B: 1) You can send to a different name from the one that is registered. 2) Moderately negative, but if BillShip, then no problem. And if Bill is not equal to Ship, then they may be asked to clarify the situation. 3/4) Stores do not verify names on the map. Only numbers. With the exceptions when stores manually check everything and ask for a name and similar data, this is only in the largest stores.
A: 1) White money - how is it? 2) We get out of the situation with several names for one account - just register more accounts?
B: 1) Regular money. 2) Better a helmet with the same name.
A: Is there any risk when receiving goods in Russia?
B: No, everything comes out smoothly and cleanly from the mediator.
A: Conditionally, we drive into the CH, and the helmet on ourselves to Russia, it turns out that there will be several parcels on the account driven into different CHs, is this normal?
B: How will they end up there? If we drive into KX, and the helmet goes to Russia?
A: That is, you can specify the name in the store when ordering, like Petya Petrenko with a US map? We accept it for an intermediary, where is also Petya Petrenko, and the helmet is for Evgeny Krasnopolsky (On us)?
B: Yes.
Note:
As for the bundles for working with tunnels, this is either Bitwise \ Plinker + Proxifier, or Bitwise \ Plinker + Firefox itself, or Double SSH Manager, or sphere. All these bundles allow DNS spoofing. You will need Linken Sphere, CC, SSH Tunnel \ SOCKS
A little more theory. If you take from a base where there is time for Refund, then keep track of the time in order to have time to send the card for verification, if you have not entered. The services that you will hit, you can simply take material for the state, but in the future it is better to search generally under ZIP. Before taking the SS, if we see the name of KX, we register mail in advance in his name. Gmail, Jahoo, AoL, Outlook - there is SMS. Mail.com without SMS, is suitable for simple typing,
there is also a choice of different domains. To accept the SMS code when registering mail, you can use the service - simsms.org - it's cheap there.
After we will register for those who have never driven in at all, I advise you to start with driving in skype.com
How to drive in Skype. Driving first. Lesson 9.1.
So. The procedure is standard, as with any driving:
• We buy CC USA, Visa or MC.
Find the SOCKS \ SSH tunnel under the city \ state of KX.
• If desired, check for RiskScore.
• We check on Whoer.net in IP blacklists or not.
• We set the time zone for the state (It is the time zone, and not just the time we translate).
• We register mail under KX. I register every time on mail.com (Many people ask if it is possible to use purchased mails. Here, at your discretion, someone uses such mails, I personally always register under Skype, especially on mail.com it takes less than a minute of time) ...
If everything is ready, let's get down to business!
• Go to skype.com and click on Sign In.
• Click on Create an account.
• We fill in all the data, the KX phone number with a few modified digits.
• Specify the desired username / password, leave a tick on By email, fill in Captch and go on.
• The account is registered. Now let's open a loan. Click on Discover credit on the left.
• Next, click on Add credit to your account.
• Choose the size of the loan. Do not tick the box "Automatically replenish the loan with a low balance"! Click further.
• We indicate the data of the CC with the SS and click on.
• Select Pay by card as a payment method, enter the CC number \ validity period \ CCV-code. We agree to the terms by ticking the box and click on.
• If the CC is alive and Skype has accepted it, we will see the following message. If the card is dead, you have 2 options:
1) Start the whole process with a new CC, after cleaning the system with CCleaner.
2) Just take a new SS for the same state and drive it in right there (In this case, the account can be blocked, or it will not live long).
• $ 25 was credited to our account.
• Scroll down the main page of your account and click on Purchase history.
• The Delivered status indicates that the payment has passed, the Refused status - that the payment has failed. Next, click on Stored payment details. Next, in the next step, click "Delete" in front of our card and agree to this action. That's it, the card is unlinked from the account.
• We return to the main page of the account and scroll down again. Click on Skype Number.
• Click on Get a Skype Number.
• We choose the country you need.
• Next, select the state / city. A list with available phone numbers will appear, select any and click buy.
• We choose to rent for 3 or 12 months, depending on the size of the balance on the account.
• We put a tick and buy a subscription (We agree that the money for the rented room will not be returned).
• Subscription purchased.
• On the main page of your account, click on Caller ID.
• This section will display all your purchased numbers. A check mark opposite the number indicates that the person receiving the call will display this number.
If you call from another number, uncheck the box in front of the current number and put it next to the required one.
If you are friends with spoken English, then record a voice message on an answering machine without any problems.
Launch skype and go to Tools -> Options -> Calls -> Voice Messages. We press the record button and speak into the microphone.
Otherwise, refer to calls.
Personally, I don't balance my account. I immediately buy the number I need and don't untie the card.
I also fill in all the data in the KX profile (City, state, etc.) as much as possible and put an avatar in Skype itself.
One CC = one account! Don't drive this CC anywhere else! Leave it to top up the same account.
My record for account survivability was 5 months.
Okay, let's continue. We take the SS under the tunnels that are, register mail and start. If they have hammered into Skype, then our next goal in practice is teespring.com (now it is quite hard and tight to drive in, but you can try).
The site is designed in such a way that there are many campaigns, from different people, during which money is collected to print this or that picture on a T-shirt. We are interested in those where there is the least time left before printing. At TeeSpring, the less time, the faster our order will be generated. You do not need to register. If it has been driven in, then the order number will be sent to the mail. The order number is not the track number. After confirmation, we are waiting for the track, how it will be given out, you can drive this CC into another store.
What CC we don’t take:
1) American Express, Discover - We don’t take any.
2) Prepaid, Electron, Classic, Standard.
3) Major bank cards - Bank of America, JPMorgan Chase & Co, CITIGROUP INC, Wells Fargo & Company, Goldman Sachs Group, Morgan Stanley, Metlife, Taunus Corporation, HSBC North America Holdings, US Bancorp.
4) Desirable without VBV. (SMS check)
What you need to buy before work:
1) Pure IP = $
2 2) CC = $ 15 (Yes, expensive. From my own experience I will say that almost always, if it is very cheap, then it is junk and useless. Therefore, everything is better However, the high price
is not a guarantee that a lot of money will lie on the SS, and the SS itself will be without any protection)
3) SMS for mail registration = 0.25 $
4) Call = 10-15 $
5 ) SSN + DOB = $ 5 (This will be discussed further)
6) Scanning / Rendering passport = 2 $
7) Redirection = 40-50 $
8) Interception = Expensive.
9) Flood mail / phone = 5 $
10) Payment of the intermediary = Depends on the product, its quantity, and so on.
As you can see, we have a very expensive craft, so it is very important to come here with at least some free finances. At one time, I just put it off from work. Maybe these numbers do not inspire confidence, but I will say this - one successful drive will cover all your costs tenfold. Here the snowball works correctly. If it turned out once, then it will turn out the second, and very soon the third, and immediately overwritten the fourth.
Therefore, we must work and fight!
How to get into a really good store? Lesson 9.2.
First of all, we prepare the system, I use VMware Workstation 11.0.0, with Windows 7 x64 Home Premium installed on it. (Mandatory English (EN) version) Allocated 4GB of RAM and 4 processor cores for the system. HDD - 80GB.
After installing the system, go to the firewall settings and set a ban on ICMP traffic on the Base and the Virtual Machine.
In the search bar or in Menu-> Run, enter the command firewall.cpl and press the Enter key - and in the advanced settings, create a rule to deny.
Lyrical digression is important to understand:
Imagine some Steven from California who wants to pay for an Iphone. He enters a store, then another, reads, looks at reviews, sees a shopping cart, registers an account and pays. Steve doesn't track his IP, doesn't pump DNS, he logs in and pays. Stephen does not need to gain the store's trust, read entire threads on forums before buying something for himself. So, how can we seem to be Stephen and not Vladimir in the eyes of AF.
Ports
Imagine that you are AntiFraud. Sit looking at orders and here someone wants to buy from you, who have 80, 443, 3389, 22 ports open. Only by looking at these ports is it already clear what this man is up to. Stephen wouldn't pay with DS, SSH tunnels, SOCKS, proxies.
Solution: use DS with no visible ports or SSH tunnel with non-standard port
Two-way Ping and belonging to a hosting provider
Two - way Ping makes it clear that we have SSH tunnels, VPN, SOCKS over Ping and the time difference received in the loop.
Solution: Close ICMP, or change such a tunnel / SOCKS, or add TOR in front of the SSH tunnel (I haven't tested it, but I've seen such a solution).
Belonging to a hosting provider - I think it's clear here, we don't use SSH tunnels, SOCKS, VPN hosting providers, consider that if the IP belongs to the host, then it is on the black lists.
Webrtc and DNS
There is a lot of information on preventing these leaks, I will not duplicate them 1000 times now. Just remember to check and fix them. In my case, I cut off WebRTC in the Firefox settings, it is better to replace it - this is a more correct solution.
Flash
Of course, we turn it on, because we have nothing to fear and we went to pay for goods from our account. In general, turn in Flash - don't arouse suspicion.
With Flash, you need to be extremely careful, downloading the flashplayer to your PC (We use Anti-detected or DS) is the same as deliberately launching a virus into the system. Don't forget about your OS language and time zone.
Tab history and refer
Used by AntiFraud to see a list of recently visited sites. It's all just no whoers and other suspicious sites.
Walking on Google and Facebook, imitating Steven's behavior.
Refer - determines which site we came from, so we go, like all people, from Google.
Tab name
In short, with this parameter AntiFraud sees all open tabs in your browser in real time.
Imprint Audio
audiofingerprint.openwpm.com - test.
I checked it on the main OS and on a virtual machine with LS - the prints are the same. I have not tested it on DS yet.
Imprint Audio can really hurt you in two cases:
1) Deanonymization. Let's imagine that you go to the PP website and they take an Audio fingerprint. Further, after a successful case, you turn off the virtual machine and go to Youtube or Google, even worse if to social networks, and all these sites also take an Audio imprint on you. Deanonymization will look something like this:
"20:00 fingerprint 2a3b4c5e went under IP 192.168.0.1, 20:30 fingerprint 2a3b4c5e went to youtube under IP 192.168.1.100 (the IP from which you went to Youtube)"
2) PP or other sites using this fingerprint can see that they already had you. Solution: Look for how to replace it.
Uptime and Os fingerprint
Uptime is the time your VPN, SOCKS, SSH tunnel is online. Agree, it's strange that Stephen's PC has been working without rebooting for half a year.
Solution: Go to the SSH tunnel console and write reboot.
OS fingerprint - in simple terms, each OS has different packages. That is, when you use an SSH tunnel over Windows, it turns out that you have packages from Linux, and User Agent from Windows.
Solution: Anti-detected / Do not use such an SSH tunnel / Raise the server on the OpenVPN SSH tunnel and write the line mssfix 0 in the server and client configurations. (I have not tested it, I have seen such a solution on the network)
As a bundle, I use: Bitvise-SSH -Client-6.08 + Proxifier + FirefoxPortable
And now, step by step, as I hammered in:
1. Took an SSH tunnel with non-standard ports and requested their ZIP.
2. In parallel, under ZIP, I looked at the maximum matching cardboard by ZIP, and the nearest neighbors, comparing it with the BIN that we had. In the end, I decided to take a chance and took WF Bank, since CC and ZIP matched 100%, and the rest of the banks did not inspire confidence under the one they liked, initially I knew that I would change the password on VBV.
3. Taking the SSH tunnel, I checked it only for 3 main parameters, for the presence in black sheets, IP-Ccore, lack of VPN visibility. FraudScore gave me 70% and a proxy was seen.
Accordingly, Score <= 70, VPN is not visible, TOR does not see, there are no black lists, IP-Score 0.16, AT&T provider, you can work. Rebooted SSH tunnel! (It hasn't rebooted for 122 days!) - You can reboot through the Bitvise terminal panel. Uptime - we look at the time of the SSH tunnel (and we are surprised (or not)) Reboot - we reboot it. I paid 140 rubles for the tunnel.
4. As we know, to check the validity of the CC we are given from 5 to 15 minutes, in my case on the JOKER, the time for checking is 15 minutes. Before opening the card details, I prepared everything for driving an E-gift Card into Ebags.com (I checked the payment system, looked at the rating), registered my mail at aol.com, registered the number at textnow.com. For about 15 minutes
he behaved like a “buyer” on the site, looked at products, read reviews. Asked a couple of questions to support. An important point, I went to the site through a Google search query bags + card intext: “cart”, I inserted a Gift-card on $ 50. Everything has gone - it means the Valid card. I gave $ 12 for the SS.
5. After driving in, I let the map rest for several hours, went to punch my KX, but then the first problem arose. My KX was not found in the SSN database. Having broken through did not give anything, search for services too. I went to mylife.com and at the address, first and last name, I found my KX. Having driven in $ 1, I opened all the addresses where he lived, made sure on his social networks that DOB was correct and with this data again went to the puncher, the result - SSN was found. I gave 400 rubles for the service.
6. I went to the site: secure2.es.arcot.com/vpas/wellsfargo_vbvisa/enroll/index.jsp?locale=en_US&bankid=932
Now knowing all the KX data, I easily changed the password on VBV and indicated a hint.
7. I walked for a couple of hours on Google and went to different stores with Apple equipment, looked through the products and on one of them followed the advertising link to NewEgg (The browser should have eaten up useful Cookies beforehand) I will repeat from the tips above: you should not go shopping for the purpose driving in if your browser has eaten whatleaks and whoer Cookies or other
dark gray services. I came across an SSH tunnel whose ISP was blocking these sites! Either clear the cookies or use a second browser to check. It is also not worth keeping the same gray services next to each other in the tabs!
8. Threw everything into the basket - BillShip on KX drove Iphone XS Max 256GB
9. Got a track, BUT! After waiting for it to appear in DHL on Demand, I found out that the sender indicated the wrong phone number and I could not change the address without SMS, under PickUp in that area there were only services with which none of ours worked.
10. I wrote to the technical support chats for a long time (And then there are the holidays) 5 times wrote to both DHL and NewEgg, but they threw up their hands and told me that only the one who sent the half-message can change the phone data. The sender was Vipdomo from Spain (As I understand it, NewEgg has partners who post their goods on their site). He never answered. Well, okay, the last hope was for the FBI Call - which rang DHL and they changed their number to mine at textnow.com. He entered the DHL on Demand panel and changed the address and ZIP to a figurehead (Drop). Attention! You cannot change the name of KX to the name of a dummy, you will not receive a payment for such a trick, since you will kill the dummy. The name can be left either KX, or any other, but not a dummy person! I gave $ 4 for the service (I gave him a little for a good job).
11. The package now goes to the Don't Worry Be Happy Drop-service (dwbh.us) - in it you need to register an account in advance via Jabber and add dummy people (Drops) to your panel in advance.
And yes, I advise absolutely everyone who will engage in our craft seriously and with all conscience - to make tables for themselves to work with. It is possible in Excel - no difference.
A table in this format:
• The date when it was driven in
• The CC store, where the card was taken from
• The store where it was driven in
• CC country
• Card type (Level, Credit / Debit)
• BIN CC
• CC bank
• How the store was warmed up (if warmed up at all )
• How did they do it - from a virtual machine, from Linken Sphere or from DS. Here is how the system was set up in general
• Alexa rating
• Phone KX
• Order amount
• Delivery method
• Primary result (whether it was canceled, immediately refused, or everything went well)
• Track number
• Full explanation
A small note so as not to ask stupid questions and not be shocked. All reasons for cancellations and refusals:
• Refer to card issuer. (You need to call the bank to complete the transaction)
• Invalid merchant. (Invalid merchant ID)
• Pick-up card. (The card is blocked by the bank due to fraud)
• Do not Honor. (The transaction was rejected by the bank without any explanatory reason)
• Error. (Unknown error on the bank's side)
• Pick-up card, special condition. (The card was blocked by the bank due to fraud)
• Invalid transaction card / issuer / acquirer. (The payment system does not accept cards of this bank)
• Invalid amount. (The amount has exceeded the bank's transaction limit)
• Invalid card number. (Invalid card number, or the card is blocked by KX or bank)
• System Error. (System error on the side of the payment system, you need to repeat the transaction)
• No Action Taken. (Prohibited by the bank without any explanation)
• Suspected Fraud. (Suspected fraud)
• No Credit Account. (No credit card account)
• Lost Card, Pickup. (Card lost)
• Special Pickup. (Card stolen)
• Hot Card, Pickup. (Card stolen)
• Not sufficient funds. (Not enough money on the card)
• Expired card. (Card expired)
• Incorrect PIN. (Invalid PIN)
• Transaction not permitted on card. (The payment system does not accept cards of this bank)
• Txn Not Permitted On Term. (The payment system does not accept this type of transaction)
• Suspected Fraud. (
Suspected fraud) • Exceeds amount limit. (Amount exceeds the allowed daily maximum)
• Restricted card. (The account on the card is frozen)
• Security violation. (Card account frozen)
• Exceeds PIN Retry. (PIN entered the maximum number of times)
• Function Not Available. (Card number is not valid or does not exist)
• CVV Validation Error. (Invalid CVV code).
• Issuer not available. (There is no connection with the bank)
• Transaction violates law. (The transaction is illegal)
• Duplicate Transaction. (Double transaction)
• System Error. (System error on the side of the payment system)
3DSECURE. Lesson 10.
This lesson is about the 3D Secure system. 3D Secure is a system that provides additional verification of payments. It can be installed from the side of the card (BIN) and from the side of the store. Represented by 3DS by several systems, depending on the payment system.
VISA - VBV, Verified by Visa.
MasterCard - McSC, Mastercard Secure Code.
American Express - American Express Safekey
Discover - ProtectBuy
This can be implemented in three ways:
1) In the form of a code that sets the KX.
2) In the form of a dynamic code that KX receives in SMS (like ours).
3) In the form of a code in the application, some banks have such a service.
As I said, the system can work both on the side of the store and on the side of the card. As for the cards, the system works only on cards of certain BINs. That is, if one card of any BIN has VBV or McSC, then you can be 100% sure that it is present on all cards of this BIN. And vice versa, if there is no system on one or another card, then it is not on all cards of this BIN.
If the store has 3DS, that is, the store's payment system provides verification of the payment, and if there is no 3DS on the card, then (With some exceptions) we will have no problems with the payment and will not be asked for anything.
If the store has 3DS, and the map also has 3DS, then we will be asked for either a code (If it is the USA) or SMS (If it is not the USA, there are also exceptions here).
If the store does not have 3DS, then it does not matter whether it is on the card or not, we will process the payment without any requests.
The exception is some European stores, which, before making a payment, write in plain text that in order to pay, the card must support the 3DS system. How, in fact, be with the second option, when both the store and the map have 3DS.
1) You can just change the BIN, that is, take the one where there is no 3DS. This is a good option, but for example, if we are doing potentially suspicious driving, for example, on different Bill and Ship, it is better not to consider this option. Because stores are more willing to send in such cases if the card was with 3DS, because in this case, the return of the KX money falls not on the store, but on the bank.
2) Reset the code and change to your own. This is a good option, it is possible on the vast majority of BINs in the United States. To reset, you need, depending on the BIN, to know either SSN + DOB, or just ZIP. There may also be SSN + ZIP, for example. Resetting is possible in other countries, but there it is very difficult to punch data needed for this. Bank account number, for example, IBAN, and even DOB in many countries is very difficult to punch through.
Also, it is mostly dumped in UK by DOB + ZIP. Sometimes the phone also requires you to indicate from the card.
Actually, how to find such BINs. To my gigantic regret, the main shop was closed this year, namely the official site of VBV. Therefore, everything is very, very difficult now, but doable.
First, you can find such BINs in practice by buying a card and driving it (even a dead one) into any store with VBV. The payment will not work for you, but you will see a window that will let you know that there is VBV on the card. It will look like this if there is 3DS on BIN and the code itself is installed:
Or so, if there is 3DS on BIN, but the KX code has not been installed:
It will look exactly the same when you dump the already installed code.
Secondly, you can find such BINs in advance, before buying cards, but alas - not at all banks. To do this, you need to find the site of the VBV bank. Using a request to Google - NameOfBank + Verified + By + Visa. And after wandering and searching, you may or may not find the bank's website. For example - secure2.es.arcot.com/vpas/wellsfargo_vbvisa/enroll/index.jsp?locale=en_US&bankid=932 - Wells Fargo VBV site.
After finding such a site, we go to the generator of card numbers by BIN. For example, in this - bincodes.com/bin-creditcard-generator/ (or namso-gen.com/).
And in it we generate a BIN map and then insert it into the site that we found. This card does not exist, but since the system is on all BIN cards, we will see if there is VBV on the BIN or not.
For example, you can check BIN 434257 and BIN 491991. And compare the result.
There are two main ways to find such BINs. On those sites of banks that you find, the code is also reset if it is already installed on the card. That is, if, while driving into a store with 3DS, you saw a request for a code, and not SSN and other data (that is, as in my first screenshot, not the second one), then you go to the site and reset the code there.
The same two options therefore apply to MasterCard. That's all about the 3DS system.
FAQ:
A: It turns out that you can only check empirically, or if we go to the bank's website and check there, right?
B: Right, and not just to the bank's website, but to the site for registering the code for the bank, which we find by searching.
A: What is SSN + DOB, SSN + ZIP, what are SSN and DOB in general?
B: DOB - date of birth. SSN stands for Social Security Number. They can be punched.
Punchers:
infodig.is
robocheck.cc
@@XardySSN
@@SEARCHSSNDOB
A: So, that is, we are potentially hunting for BIN without VBV in order to hit stores with VBV? Except when we pursue the goal of increasing the store's trust in us, then we take AutoVBV / Just VBV followed by a reset (preferably by ZIP)?
B: That's right. If we hit stores without VBV, then it makes no difference at all, but after you have received the track, you can check the BIN in any store with VBV along the way.
A: On most VBV cards in the United States, is it just not in stores because of the country's leading place in the world in terms of household consumption?
B: Right. For the same reason, many KX do not install it, so when driving such a card into a store with VBV, in most cases, you just install your code right away.
As for the choice of BIN, we do not accept American Express, because cancellations come very quickly on it, it is suitable in very rare cases, when, for example, a store in the same state as Drop / Reseller or a digital product. That is, when we quickly receive the track \ item, without waiting for the cancellation.
With regards to Debit Classic, Standard - there is very little money for them, on average, 100-150 dollars from them can be hammered in. There are, of course, exceptions, but if you plan to drive a little, you can take them.
Spoofs and interception services. Lesson 11.
We have a theme - Drop, then - dummies. And stingy, in fact, then - hucksters, buyers. Actually, bogus people are people who provide us with this or that service and, as a result, alas, become scapegoats. In our context, the dummy
people are people who receive packages. They take them to their address. We do not interact with them directly (if these are not our personal figureheads), but we do it through Drop-services. There are quite a few of them, they work almost throughout the United States and, in general, there is always a dummy person for our needs. The most common scheme for working with Drop services is buyers, that is, the Drop service works with a huckster, usually buystuffusa.com, and with the help of dummy people they send the goods we have transferred there, and then, having received a payment, they transfer our percentage to us. Usually BTC or WMZ. Some Drop-services also work on delivery on different terms - this is either 50/50, or a fixed price. If 50/50, then we must send two goods in one order, one goes to the service, one is sent to us. Previously, they bought mostly easy-to-sell goods, now they also often buy up various rubbish. Blenders, binoculars and the like - the list is very long. Product lists are similar, but each drop service has its own, as well as percentages. Also, light goods are sold through Drop-services on Amazon, the percentage is higher and the list of heavy goods is much larger, but sometimes you have to wait a long time.
Each Drop service has its own account, it allows you to choose a dummy person, beat him up and then add the goods going to him, after you have received the track code. Payment always goes on delivery to the huckster, that is, after the goods sent by the dummy to the huckster, it reaches him. Some services also provide their own calls, but it's better to use third-party ones. Fake people, with the exception of PickUp services, accept any name, so in the order you can indicate at least the name of the fake person, even KX, no difference.
A good list of verified Drop-projects (drop-services for staff and cash-in) is here:
CashOut Services & Drops for Stuff
ATM. Any cashout. Exchange, purchase, electronic currency. Drops for stuff.
Buyers of goods (stingy):
Stuff Market - [ru] Карженный товар
Sale / Purchase of carding stuff. [ru] Покупка / продажа карженного товара. Барахолка.
When choosing others, look at the reviews, because new ones can be thrown, especially if there is no deposit. That's all for the front men.
FAQ:
A: Are there fake people for each state / major city?
B: Not for every large city, but for almost all states, plus new ones often appear and non-working ones are replaced.
With regard to interception. Driving under the interception - this is driving when we drive into KX - in the name of KX, on Billing and on Shipping KX. And after that, the task is to intercept the parcel in the mail. The parcel first goes to the warehouse of the delivery service, before arriving at the address, and our task is to make sure that it does not reach the address to the KX. This is the method of driving in to interception.To
implement the whole scheme, you need:
1) Competent call
2) Interception service
Interception service (PickUp) is a service with dummies who come to the post office with fake documents and pick up the parcel. The call is needed in order to be able to delay the parcel at the warehouse, that is, to make sure that it does not leave for the address. The call calls on behalf of KH and asks to delay the parcel at the warehouse, arguing that he will come and pick it up. Also, now they call on behalf of store managers, saying that the client asked not to send the parcel to the address, he will pick it up himself. If we managed to detain the parcel, then we register it at the interception service, he makes the
documents for the dummy (Drop). And then the package is picked up and sent to the huckster.
Intercept-service example - @ ninjablack63
Each intercept service has a zone of its work, that is, from where they can pick up the parcel. For example:
google.com/maps/d/viewer?mid=1O7ic6CFuOdnN8FdJ7npcxfIypM8&ll=33.66949700076431%2C-116.55532833281251&z=7
On the left - available states for interception. Those that are highlighted are branches in the black lists, in no case can you send them to them. All ZIPs that fall into the interception zones (except for black sheets) are suitable for driving.
By mail, the main ones are UPS, USPS, Fedex. At UPS and FEDEX, it is sometimes possible to delay right through the site along the track. When choosing a branch for Fedex delay, if delaying through the site, select the branches where it will be indicated - Fedex Office Print & Ship Center. Such branches in the list will be listed with a phone number, which will allow, if something happens, to call this branch through a bell. We delay the parcel after it has arrived at the post office, that is, we track it by the track code. That is, the algorithm is like this - they hammered in, we wait for the track, after the parcel gets to the mail, we write to the call, it calls, delays, then we transfer the data to the interception service.
Regarding the choice of CCs, fat CCs are best suited, that is, Classic is definitely bypass here.
Because interception services work with packages from $ 1000. Whereas ordinary Drop services start at $ 250.
Of the banks for interception, Credit Union is
best : KINECTA FCU
ROBINS FCU
TOYOTA FCU
NEW MEXICO FCU
MUNICIPAL CU
BRANCH BANKING
STATE FARM
FINANCIAL
That is, with CU at the end. If the delay has not passed through one call, you can later through another, there is a chance to get to another operator.
Few contacts calls, but in general almost any will suit those who have a delay service:
@Malfey_Prozvon
@fbi_call
@brabus_call Store
rating - webstatsdomain.org
Redirecting parcels. Rerout. Lesson 12.
This lesson will be about Rerout. Reroute means forwarding, redirecting mail, in our case, from one address to another, the one that we need. What is a redirect for? It happens that the store has already become competent in terms of security and already has enough addresses of various kinds of intermediaries in its black lists. But trying to beat an unfamiliar store at once by redirecting is also a personal matter for everyone, many test stores by driving them into an intermediary. It turned out, great, it didn't work, you need to go to look for a store that will give it to an intermediary or try it by driving it with a redirect, that is, to the Billing data of the cardholder.
And so what we need to prepare is:
1) KX data, for example: Elsie Guzman, 1425 utopia ln, Vineland 08361, 8568994854, [email protected], 4147202111064760, EXP 10/18, CVC 199
2) SSH or SOCKS is desirable, as close as possible to the Billing address (aka Shipping), ideally the same ZIP. But this happens quite rarely, so a city may be enough, well, in an extreme case, it's the same state. Using a different state is already a 50/50 idea, or even less.
3) The address of a figurehead or intermediary to which we will redirect the parcel if everything is successful and it will be sent. The situation with this address is about the same as with SSH and SOCKS, ideally you need the same city as in the Billing address. As a last resort, see the nearest state on the map.
4) Contacts of services, who can make a redirect.
FAQ:
A: How does the redirect happen? In fact, the call rings and negotiates for the parcel to be redirected?
B: Yes, there are a couple of methods of redirecting through call services and through the mail account, everyone does this using the contacts that I will give, or you can find it yourself on the forums, and you can also do it yourself if you do not want to pay money. The call rings the delivery service when the package has been sent. But you can order a call to try to change the delivery address before the parcel is sent, but in most cases, the store asks to reorder, and this is no longer a very idea.
A: How far can SSH be removed from the Billing address?
B: For example, I try to keep no more than 500 miles, but there were cases that passed from a neighboring state. Depends on how the store's AntiFraud is configured.
Now specifically the process. Found a website, prepare a basket, fill in the columns. And a few more subtleties, as for phone numbers and Email, you can put your own. If AntiFraud is fierce, then there are several options:
1) We put the KX mail and flood it (In the case when AVS checks the mail with Billing information).
2) We put another mail, BUT NOT FRESH REGISTERED. That is, from another CC from working off and so on.
3) We buy mail with a long-standing registration Made in USA and use it.
We leave the phone under our control, they often call. You can leave the name KX, if the redirection goes to a dummy, if to an intermediary, then drive it to the name that is in the intermediary (not all intermediaries accept anyone).
Everything else - address, city, state, ZIP, everything is like in the Billing address.
Next, fill in the Shipping or Billing address in different stores, the order goes differently, put the Same checkboxes, that is, the Billing and Shipping addresses are the same. We drive in. We are waiting for the result.
If the store decided to call the KX number that you indicated in GoogleVoice or TextNow, then there are voice messages and many managers leave their questions or requests to call back and clarify something on the order. They can just call and not leave a message, which means we look at what number called and look for it in Google, usually we find a store. And now it is clear which store called, if they called, then 99% of them need to find out something. We order a call to steer the situation. Make an order for a call, and he tells you the result
Further. You now have a track number by which you can determine what mail is sent, when and from where it was sent, when and where your parcel will arrive. It is important to understand some points here. Not all mails are currently forwarding without any problems.
Let's analyze this question:
USPS - there are no services at the moment (And no options have been found yet).
UPS - redirection is possible through a call or through the UPS My Choice system (through your personal account on the website).
FEDEX - redirection is possible through a call or through a Fedex account.
DHL is a rare mail, but it is also possible to make redirection by call or via delivery.dhl.com FAQ:
A: That is, redirection is done after the parcel has been sent, and not before that?
B: Yes, exactly, after the dispatch took place.
A: How does the delivery service believe the call? Does he provide them with any data? Or is it just overwriting something?
B: There is a special order form, there is all the information that a call or service needs, you fill in the order information, and they will already work.
A: If you made a parcel to KX, then ordered a call, and they sent it there, that is, in this case KX will receive a gift.
B: Yes, if the service failed, you don’t pay him money, and KX gets a gift!
A: If you redirect from the mail site in your personal account. Do you need to create a new mail account every time? How to assign this package to a new account?
B: Registers in the name of KH and to his real address, because the post office verifies everything. Further, in the office, you can see all the parcels that go to this address.
A: Does it often happen that the service could not?
B: Often, especially calls rarely cope, because of the ban that the store has set. It is more realistic through the mail account, but Fedex has some kind of prohibition, which cannot be done through the account. It all depends on the store, that is, on the sender. There are services that bypass the bans, but more on that later.
So, you have a track, but you shouldn't immediately step on the gas and contact the service. You need to find out when the package will move from the department and will be in transit. Great, the package is in transit,
went, we look when his delivery is on schedule and two days, maximum one day before delivery, you need to make a redirect request. Some do it right away, and generally from California to New York, but this may end sadly, because the store can set itself notifications and follow the track. This is especially true for small shops. And do not forget that even if the store does not follow the parcel, then a quick refund can force it to make a U-turn back. Therefore, we try to work on a short shoulder. And one more subtlety, not long ago I got caught with the fact that I drove a store located in California and the address of KH was also not far away. The service stupidly did not have time to make a redirect.
Conclusion, if you redirect, then you need to calculate the warehouse of the store, in what state it is, then we contact the service or do it ourselves. If the redirection is successful, it will be seen that the request to change the address has been accepted by the system and is awaiting its execution.
An example of a successful redirect looks like this:
If the redirection is not possible, then you will be told about it, and you do not owe money.
Now the subtleties. If we plan to contact the service, then it is best to start with a call, it is cheaper. In the region of $ 10-15. While, redirecting through accounts or for items with a ban costs from $ 40- $ 50. This is my personal experience, if the call failed, I go to a service that works with bans. Further, you are already waiting for the parcel from a dummy person or from an intermediary.
Sample Service Request Form:
Shop: www.shop.com
ORDER INFORMATION
Shipping Address:
Derek Jame
4757 N Ridge Ave Apt 2, Chicago Illinois 60660
3474279920
Shipping Method - FedEx Home Delivery
453070888888
Forwarding to this address:
1235 AVENUE B COUNCIL BLUFFS IA, 51501
A: How to find out if a parcel is in transit? By track number? That is, it is desirable that the warehouse is not in the same state as KX? How to calculate?
B: The inscription Pending is visible, and after it Transit, then the package went. Everything is visible in the track! Yes, it is highly desirable that the store and the KH live a little further away.
A: How to find out where the store has a warehouse?
B: Sometimes they write on the site, but you can safely write to technical support and ask.
Contacts:
I often use this call - @fbi_call, it does UPS and Fedex, but it does not bans.
Female voice - Nika (@Nika_Nikola)
Regarding problematic redirects and bans bypass:
Fedex - @rasmus_call
UPS and Fedex - @Researcherwwh
Phone numbers:
textnow.com
evoice.com
gvoice.pw
Operations in Europe and Asia (Features). Lesson 13.
Everyone remembers what AVS is? So, one of the main advantages of working in Europe is the absence of AVS, with the exception of UK, where it is available offhand in 60% of stores, and also partially in Italy, Germany, where a small number of stores have an AVS system.
The second feature is the lack of calls, in Europe they really do not like to call from stores - this is also a big plus, but there is also a minus, they ask for documents. They will not call in any case, but they can ask for documents in which case they can, but after providing the docks with 99% probability they will be sent.
The third feature - the ubiquitous 3DS system - is available in almost every European store
- it can be bypassed or by driving in the US BINs with VBV and McSC reset - this is a good option, but not for all stores it is suitable, for the reason that some European stores in general, they close the payment with US cards. Also, there are UK BINs with VBV and McSC dumping - this option is already better. And NoN VBV are European BINs, they are pretty hard to find now. And another option is to drive in American Express, but these are quick refunds, so it is suitable for ordering by express delivery or for Gift.
And the fourth feature - manual check, is available in some European stores, sometimes for all orders, sometimes only for suspicious ones. For example, at ASOS, all orders are manually checked. With her, despite the absence of AVS, the store calls the bank and finds out your real Billing address. There is no way around it, just beat Bill! = Ship, and then send fake documents. In this case, the order will be sent.
Another option is to drive through the PP (PP), the work with which will be in the next lessons. An important point when working in Europe is not to take the card of the country where the delivery is going, that is, if we send a parcel, for example, to Germany, then we do not take the card to Germany. By
it is better that the map does not coincide with the country of the store, but this is not necessary. The main thing is not to coincide with the Shipping address, otherwise you will kill the figurehead. Also, in Europe there is such a problem as a region of prohibitions, that is, a ban on payments outside a specific country, but here it is only to check this by tests, it is not found everywhere. And another big plus of Europe is that it can be sent directly to Russia. Everything in Europe.
As for Asia. First, again, let's start with the pros, the region is less used than the US and Europe. The second plus is that Asia takes any SS in general - the United States, Europe, and Asia itself. And, in fact, the third plus - many stores are ready to send to Russia, as for the cons. Delivery to Russia is very long. Moreover, from any Asian country, so it's better to send it to an intermediary in the United States - it's much faster. Also, they often ask for a fake (Render documents). There is no AVS anywhere in Asia at all, but at large sites there may be manual verification of data after the payment has passed, and at small stores there may be manual processing. That is, we leave them the card details, and they make the payment themselves. In this situation, we indicate Billing from the card and wait for a request for forgery (Documents).
Regarding the fact that any SS climbs - there is a nuance, if we hit Europe or the CIS, then we take the map of Europe, if in the USA, then the USA. And if we take the SS of Asia, then in this case we drive it into the very country where the SS is from - if we hit the middleman in Asia. For example, with regard to VBV - VBV is, but not far away everywhere. Moreover, Asians sometimes like to hang VBV or McSC badges, but in fact there is no reconciliation. Where there is VBV, you can punch any CC - USA without VBV, USA with VBV, Europe.
Regarding driving, another point - despite the absence of AVS, it is better to beat especially expensive parcels on Bill! = Ship, since they can check manually, up to $ 1000 you can beat BillShip. As for the search for stores, I will tell you separately about Asia.
Terms:
Shop - online store, shop.
Payment system is a merchant (for example, Shopify). It is worth clarifying here that the concept of a payment system includes many meanings, now I will explain.
For example, VISA and MasterCard are a system of settlements using bank cards (CC).
PayPal, QIWI is a system of settlements with electronic money on the Internet.
And such things as Shopify and SagePay are already payment systems inside the online store. Relatively speaking, you can call it their engine.
Do not be afraid to get confused, the context will make it clear what exactly it is about.
Search for online stores. Lesson 14.
So, search for stores. Actually, oddly enough, everything is simple here - it's easy to find stores. The main task is to filter them. Stores are mainly searched through conventional search engines. The search itself is carried out from the IP of the country whose store we are looking for, so that there are no unnecessary results.
The main tool when searching for stores is the operators of the search engine that we use: 1ps.ru/blog/dirs/2016/operatoryi-poiskovyix-sistem-google-i-yandeks/
About the correct search on the Internet: habrahabr.ru/sandbox/46956 /
Here are the key Google operators - they refine the search query very conveniently.
The main ones that are regularly used:
site - You can specify the domain.
Intext - You can clarify what should be in the text of the site.
inurl - In a site link.
Also, you can use + so that there are no word exclusions, as well as keywords with the corresponding operator and the related operator.
What you DO NOT NEED to use:
Words and phrases: buy, pay visa, pay mastercard, shop with. In general, you can also search by payment systems, but more on that later. After we have found a store, we need to check it out. First of all, we check it for publicity using, again, Google. By requesting StoreDomain + Сarding. Thus, there will be a search for those sites where both the store's domain and the word Carding are found, and since carding is spelled out in keywords on all carding forums, you will find that if this store was mentioned somewhere, it was merged. If this was before 2 years ago, then it is better to leave this venture, most likely, with such stores you will lose either a lot of nerves, or money, or all at once. If, for example, the posts are relatively new, then somewhere information may be leaked on how this store is better to beat, that is, the presence of AVS and so on.
The second thing you should definitely check, especially at your stage, is the popularity of the store. The universal measure of this is Alexa Rank. It is checked here, for example - alexa.com/siteinfo or on any similar site, the higher the rating, the less popular the store, the lower, the more popular. The higher the score, the more likely it is that the store is easier to drive in. Also, on whois.net, you can, for example, see how fresh the domain is on the site, but that would not say that it is a defining indicator. In Asia, everything is the same, but you can connect the search engine baidu.com.
As for payment systems, to find out the payment system of the site, you can, for example, use the site builtwith.com - it does not always detect, but it does.
Basic information on payment systems:
USA
1. Shopify - tightens the screws tighter and tighter every month. Notices DS and other IP spoofing. Knows Billing. Doesn't bother himself, even with cancellation letters and letters about possible fraud on your part. The way out is either to look for innovations in the system settings, or the most straightforward stores that are not scared until the checkbox is a possible Fraud. Or beat very cleanly
2. WooCommerce - traffic depends on the online store, on how the system is configured.
3. BigCommerce - basically everything is the same as above.
4. Magento is simple, so stores may require verification.
5. Shoprunner - this is the payment system of many mono-brand Internet stores. Easy enough to work with.
6. Braintree is quite lightweight.
EU
1. SagePay - always VBV, depending on the store, different types of cards. Important: There is no SafeKey for AmEx. USA and UK eats under dump. It is important - if the payment has passed, the store will send 99%.
2. CartaSi - always VBV, almost does not take non-European cards. SafeKey almost always.
3. BancaSella is one of the great VBV engines. USA and UK go well for a reset. There is a miracle and VBV is not. 100% hit if the transaction was successful.
4. Adyen is also handsome, all countries climb, there is no SafeKey, but with a successful transaction, the store can get to the bottom.
5. Bucharoo is the nastiest Dutch merch. And SafeKey, and only Europe.
6. Wirecard - No SafeKey, like AmEx, has practically stopped eating anything other than Europe. It happens without VBV.
7. Erstes - the same Wirecard ..
8. SaferPay - SafeKey is available, only Europe. It happens without VBV.
9. Nochex, datacash, ingenico e-commerce (Not to be confused with regular Ingenico) - always VBV.
Non VBV
1. Net-a-porter - all mono brands in Europe. VBV is rare. Everything will be hammered in there.
2. Deletion. The purchase amount is blocked and the final write-off occurs at the time of delivery of the parcel. Therefore, it is imperative that the card lives up to this moment. This is a maximum of 2-3 days.
3. Zerogrey - used to eat everything, now it has become more capricious, mainly Europe. 99% chance that the first order will need rendering. If done well (Photo, not scan), then success is guaranteed. I advise you to always create an account in the store, if the card survives after the first shipment, squeeze the maximum out of it.
In general, as you can see, everything is quite individual here, who is more convenient to beat which system. For example, I love to beat SagePay - the European system. He eats any CC with VBV (Almost any store). And if the payment went through, then the store in 99% of cases will send the parcel.
There are sites of such a plan: myip.ms/browse/web_hosting/World_Hosting_Companies_DB_140000.html
They allow you to search for stores using a payment system that also provides its own engine, like Shopify, for example, that is, if you specify the hosting company Shopify, you will see stores with by this payment system.
Builtwith.com is also possible, but for a limited number without a subscription. In principle, you can drive a subscription.
FAQ:
A: What should NOT be used?
B: What a bad and stupid request looks like - buy + iphone + xs + pay + by + card. How can you
make it ok - iphone + xs + sale intext: "cart". Why is the first one bad? It's simple - there is no Buy in the keywords for a long time. At the beginning of the 2000s, it was when stores were opened as a concept, now they are not. Pay By Card is also past - everywhere there is a card payment, and if you specify with the help of an operator, for example, that the text must contain the word "Cart" (basket), then this is completely different.
A project in Private Keeper for finding stores:
PK is such a platform, a license for it costs 200 rubles per month. It also works on search engines, but automates and simplifies a lot.
pk.woex.in - buy Private Kepeer key.
deival909.ru - official site where you can read about the program.
@holyrain - Makes projects on PK. Contact him if you want to have at your disposal a large list of stores where you can drive. Also, he also writes projects on Brute accounts in stores (later you will understand why this is a very useful thing)
Link parsing. Short. Lesson 14.1.
To parse links, we need SQL Dumper 8.2, SQL Dumper 9.2, Dorks Combine, and TextUtils.
Run TextUtils, then RMB on the document - Text Utils Pack - randomize.
A new file will appear on the desktop, filename_randomized. Open it up and copy Dork's from there.
Open SQL Dumper 9.2. We put our Dork's and ideas here in the Proxies List.
Click Clear (clear what is there by default) and look for a proxy. You can take, for example, at best-proxies.ru/good-proxies.ru
We load the base for brute-force, proxy, start. Press the folder - the folder with the scan results will open.
It looks something like this:
That's all.
E-Gift. Lesson 15.
There are two types of Gifts - physical and electronic. Physical Gifts are gift cards, they are rarely hammered in, because it is not often you can find their buyers, so we are more interested in E-Gifts. E - stands for electronic. Their essence is that if a person wants to make a gift to someone, he can give a virtual Gift-card. A certain denomination. The person who received the Gift can choose a product for this amount. E-Gift comes to the recipient in the form of a code by mail. After that, in the store where Gift is from, you can pay with this code. You can pay as part of the purchase, or as a whole, if there is enough face value.
It happens when the code from Gift'a is not entered when paying, but to the account itself in the store and the funds are debited from the account. Our task is to buy a Gift and cash out in the form of a product to ourselves,
or sell it, if such is bought up. Plus driving Gift - Gift beats BillShip on KX, and when Gift has passed, the recipient beats it with Ship = Bill. That is, on yourself entirely and completely (On a front person). E is a kind of bypassing different BillShips, which stores don't really like. In stores, an electronic Gift is designated as an E-Gift / E-Gift Card / Gift Voucher.
The disadvantages of Gift'ov include the fact that he can die, sometimes the store can throw off the Gift instantly, that is, immediately, drove in and after 2-5 minutes a Gift arrives, but then, when we use such a Gift, the store can take an order for processing ... And during processing, a refund may arrive because it can take 3-5 days. Another option is when the store does not send Gift instantly, but first processes the payment and then sends it. As for me, this is much better and more convenient. Allows, if something happens, to make verification with fake documents or a call, if the store has any questions. Sections with Gift'ami can be, both on the site itself, and among the goods, for example.
Maybe below, where are the delivery terms and so on, like here, for example: modeltrainstuff.com
It happens that something like "E-mailed within hours of purchase" is indicated - this means that the processing will go immediately after placing the order, and then the Gift will be sent. Maybe like "Gift cards will be e-mailed instantly and can be used immediately" - these will arrive instantly, and it is likely that they can be used immediately. With regard to the design of Gift'ov.
There are key fields here:
Your Name - Recipient's name
Your Email - Recipient's email
That is, the sender's name is the recipient's name. There are some tips here. First, a gift from a married couple, that is, in the sender we write, for example, John & Sara, you can write Smiths Family. Also, you can make the same last name for the recipient and the sender. That is, in the sender, write the name of a figurehead, for example, it will turn out as if they are family members and further develop this in a congratulation that always comes with a Gift-card. Here you should not leave an empty field, but you should write either wishes
or some wish found on the Internet.
With regard to mailboxes. It is best to take different domains, that is, the sender of Yahoo, for example, and the recipient of Gmail. As for the drive, everything is standard here, but we beat BillShip. IP is better for maximum under CC and it is better to drive in on Monday, Tuesday and Wednesday. When Gift came to the post office, what can be done - we buy goods ourselves, that is, we buy goods for Gift and enter our delivery address in the USA, or create a topic on the Carding forum with a proposal to sell Gift for a percentage, or simply look for a huckster. It is better to let him lie down a bit before that.
FAQ:
A: How many gifts can you send to one mail, without suspicion?
B: One.
A: How long is it better to let it rest, how much do the Gifts go for?
B: Maybe three hours. For any amount that the store allows.
Terms:
Enroll - enroll, roll (in fact, it's just registration and creation of a personal account in online banking).
Reroll is a reroll (this is the same registration, only we just reset all data and register again).
Verification payments - minikis, MiniDeposit (you will often see this thing later in the lessons).
“Opening” a card, hacking a card means that you were able to gain access to your online banking account, now you can see the CC balance and so on.
Enroll. Online banking. Lesson 16.
The first lesson on BA (This lesson is not about BAs themselves, but about Enrolls, keep this in mind for the entire duration of this lesson). BA is online banking. In Russia, this is the type of Sberbank-online, VTB-online, that is, the personal account of the card. In the USA, such an online account has more options. Who remembers how we can determine the bank, having a card in our hands? Correct - by BIN.
Let's understand the terms a little. There are Reroll and Enroll. Enroll is when KX did not Roll'il the card before, that is, did not create a personal account for it, did not register, and we do this for the first time for the card - this is Enroll. Reroll is when the KX card is already Roll'il.
And we, using the same data that are needed for Enroll, reset its data and, as it were, re-register. What exactly does BA provide. Different - it depends on the bank. First, verification payments, that is, MiniDeposit is such a small amount that is debited from the card to confirm that it is yours, as some shops do after payment, and some services may request MiniDeposit to link CC there. It looks like two small payments - usually one dollar. They are debited and then you are asked for the exact amount to be debited, and then they are returned to the card. This function may not exist. In this case, if the verification payment was debited one, then you can look at the statistics of the balance change and calculate it.
The next BA function, it is present in absolutely all BAs, is that we can find out the balance of the card. This is useful when making large drives. The third function - adding or changing the Billing address - is not available in all banks. The intermediary should not be added / changed, because they are blacklisted by banks. After changing or adding an address, it is better to wait 3-5 working days. Hypothetically, it may take longer to change the address in the database, but this is such a basic period for which it most often changes. If the address has changed in your personal account, this does not mean that it has changed in the database, therefore it is important to stay in bed. Also, not in all banks the added (exactly added) address can be considered as Billing. We roll the map in the same way as we beat
it, that is, also the LS-SSH tunnel. It is better not to take SOCKS, because they do not live long.
The Enroll order is as follows. Let's say we don't know which jars can be broken. And we don't know BIN's either. To find out, go to the bank's website and look for there - enroll \ register \ join \ sign up. Having entered
the card number, we already find out what is needed for Enroll, most often these are combinations of DOB, SSN and MMN. More often DOB + SSN.
As for the IP, let's take it closer to the dummy (Drop). It is better to take a fake person in one state, not to risk it. If we are doing Reroll, then it is better to take the IP under KX in order to reduce the risk of additional checks and notifications that KX has installed.
I recommend flooding KX's mail, since the soap indicated in the package with the card was most likely left by KX in the bank with Enroll and Reroll, especially since notifications about this will be dropped there - this does not always happen so far, but it can be.
Actually, if everything is fine, but the card did not open (they could not enter the personal account - personal account), then there are a lot of reasons, among the main ones are No Valid card, incorrect data, inappropriate BIN (some debit or just an unsuitable credit card), and also, which, in general, quite often, the card that you are trying to open can be the second KX card linked to the Internet banking of the main card, in which case you will not make either Reroll or Enroll.
FAQ:
A: Many banks ask for a Member Number, when you try to break the card, is it me, as I understand it, there is no way around it?
B: Rarely met, at most a couple of times.
A: Also, they ask you to choose the type of account, from the options: Cheking, Saving, Certificate Of Deposit, Commercial Loan, Line Or Credit. In general, what is it?
B: Account types. Settlement, savings, line of credit, loan amount in the form of Loan.
Actually, after we broke the card, we get into our personal account and there we have several lines with the amounts of money. So, usually this is Credit Limit, Available Credit, Current Balance. There may be others, with the postscript Cash.
Current Balance is NEVER a personal account balance - this is the amount that KX has already spent from the credit limit. Our balance is Available Credit. After entering your personal account, we check the last numbers of the card, in your personal account and your card they must match, we always do this first. If they do not match, then either the card has been reissued, or (If it is Reroll), then another card has been added to the personal account. We will not get access to it in any way, as in the case of the re-release. If everything matches, then everything is fine. Also, as already mentioned, do not forget to give the map a rest after changing Billing. You should NEVER change your mailbox. Everything else can be changed, including the phone. There are still notifications in your personal account.
After the first visit to your personal account, we unobtrusively look into the settings and check what notifications are on there. You should not turn off everything, only those that will definitely interfere. That is, for example, about transactions over a certain amount or about transactions as such.
Also, in the settings, you can sometimes disable the blocking of certain regions, if it is worth it. It is better to do this before all address changes and other things, that is, they opened the card and while spam is going on, we turn everything off, slowly. It is better to leave a couple of notifications that will not affect our work in any way. As for driving through your personal account, you can drive as usual - on BillShip, on a dummy. Or you can make a call - this will maximally protect your personal account from death, because such payments are processed in a special way and are displayed as Offline purchases. Not all stores support this, so you can either check with technical support, or it will be written like that. We throw all the data on the call, by order, by SS, and he drives in by phone.
Terms:
Brute - brute. (The way to hack an account through a simple brute-force. Does not work if the password is too complex)
Logs. Brute accounts. Lesson 17.
Lesson about working with hacked accounts and logs. And let's start with hacked accounts, that is, brute force data from one site to another site.
They look like Mail assword or Login assword. Also, together with Brute, Checkers are often used, therefore, as a result, accounts of the form are on sale:
Mail assword
Availability of
CC \ Balance
That is, the data that may be from the account is important. Let me clarify a little, hacked accounts can be of several types (If you classify them by belonging):
1. Store accounts
A) With a card.
B) With balance.
C) With orders, empty.
Store accounts with a linked card can also be of three types:
1) CVV is linked and never crashes.
2) CVV is linked and can fly off due to AntiFraud or / and change of Shipping address.
3) Without CVV.
With the first type, everything is clear - we change the Shipping - helmet. With the second, everything is a little more complicated. Here it is best to intercept / redirect and spam mail so that KX does not receive a letter about the order, along the way to watch the track in the store. And the third is essentially the same as the accounts with orders, empty. They are needed only for the reason that there is a purchase history, that is, the account is not fresh, but already more or less verified and there is more trust in it.
As for the accounts of stores with a balance, everything is simple here, it is usually a Gift balance, so you can send it anywhere.
2. Accounts of offices:
A) With balance.
B) With different advantages.
These are rarely sold, especially if everything is easy on them, you can either withdraw them or pay for something (Miles, for example). This includes different poker rooms. casinos, bookmakers, wallets and so on.
3. Payment accounts. These are Brute PP (Which has outlived its own) and BA, which can be screwed to the re-registered PP or used separately (There will be a separate lesson about these two types of work).
Actually, this is about hacked accounts. Accordingly, when buying, we receive the data that is characteristic of a particular store, whether it is a balance or the presence of a linked card, it is best to beat such accounts with IP Shipping. If we do not know where we got the CC from, but we are going to send it for interception, then it is better to go into the account, see its address and then lie down for 4-7 days. And then picking up already under KX - to beat. You can, if the store has an application, use them from a customized android. If there is no application, then you can use Linken Sphere, or DS, as convenient.
As for the logs, the logs are obtained from Stiller, mostly, sometimes from the KeyLogger, and together with them, in addition to the data from the account, we receive Cookies. They can be loaded into the browser using the Cookie Manager extension and will be, in fact, like KX. Otherwise, everything is the same as with accounts. Logs are sold either by offices or in a whole batch, which may contain different accounts. The offices usually sell PPs from the logs.
FAQ:
А: What is Stealer (Stiller, stealer, stealak), KeyLogger (keylogger)?
B: Malicious programs. Stealers steal saved data from browsers, which allows you to configure files separately, and KeyLoggers intercept all entered information.
A: Ebay + PP, Ebay + CC accounts is it worth trying to use?
B: With Android it is possible, but the screws have been tightened.
Selling accounts:
blackpass.info
blackpass.name
blackpass.cc
blackpass.bz
Selling social media accounts (if anyone is interested):
deer.ee/search/?q=instagram
akitut.ru
A small addition to the previous lessons. What does the store see? Lesson 18.
Here we have three topics on the agenda:
1) How do you know that the store is firing?
2) What to do with the virtual machine?
3) How to customize android?
Actually, AntiFraud. AntiFraud works by passing data through the included filters. In addition to him, the store also has this data, on the basis of which the security service or managers decide whether to send the order or not. The main filters are:
1) Verifier - checks the correctness of the card number, is everywhere.
2) Stop filters - available in large stores, provide interaction between banks on suspicious transactions and complaints.
3) Location - filters by location. All CIS + a lot of points to Fraud.
4) Technical filters - check the coincidence of technical parameters.
We are more interested not so much in filters, but rather in what the store reads from us when entering it. To determine what a store notices, we need two things. Mozilla v. 42 and the FP Block plugin.
It is designed to block tracking, in our case it is needed to show that it is being tracked. It works simply, installs, then when you go to any page, it displays what it reads.
It looks like this:
There are clear identifiers here, there are not very many. A complete list of them:
1) DOM Session Storage - data of the current session (these are open tabs viewed in this page window), when a new browser window is opened, a new session starts.
2) Color Depth - the bitness of the color rendition, in principle, does not really matter, because here the variability is small, you can score. Created to notice when you have turned on the minimum bit rate on DS (Dedicated Server) to make it run faster, and you have the whole image blue-green-crimson there.
3) Screen Width and Height - screen resolution.
4) Cookies
5) Plugins - sees plugins, so that all plugins for substitution in the trash can, but plugins, not extensions.
6) Mime Types - sees which extensions the browser can open, it could be hammered, but when replacing the browser, be careful, because, for example, some YandexBrowser will open both audio and video for you, and something else, but Mozilla 42 will not open anything, so take this into account when substituting, otherwise you will burn yourself when driving in and then that's it.
7) App Name - the name of the browser.
8) Timezone - time zone.
9) User Agent
10) Pixel-Depth - the same as the color depth, but sees differently, again, if you do not have DS, then you can score.
11) DOM Local Storage - data for all sessions. (Caution, this is tough)
12) WebGL - sees WebGL.
13) IndexedDB - in its task it is the same as DOM storage, but they store a lot of data for a longer period of time.
14) IE userData is almost the same as storage DOM.
15) Java - sees everything through JavaScript.
16) Language - language.
17) Geolocation - geolocation.
18) Audio Ctx or Fingerprinting - audio fingerprint.
19) App Code Name - Compares requests and browser headers.
20) App Version - browser version.
21) Platform.
22) Canvas - installed fonts. Fonts used to display pages, headings, and so on. It all adds up to FingerPrint.
What to do with DOM storage?
Go here: macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html
Such parameters are read by the store and during order processing are in front of them on the payment page, respectively (For requests from the payment system come from there), identifiers are also displayed, they may be different, this is what is read when paying.
As for the virtual machine. There are two ready-made solutions here. Anti-detect from VektorT13, installed from the .exe file, quickly configured, I haven't tested the latest builds, I don't really like Vektor, but judging by the reviews it will work. The second option is Script, it is installed after the virtual machine is created in VirtualBox
github.com/hfiref0x/VBoxHardenedLoader - the Script itself.
The manual for installing it: github.com/hfiref0x/VBoxHardenedLoader/blob/master/Binary/install.md
And there is one caveat. In the hidevm_ahci file, you need to replace
% vboxman% setextradata "% 1" "VBoxInternal / Devices / acpi / 0 / Config / DsdtFilePath" "% vmscfgdir% ACPI-DSDT.bin"
% vboxman% setextradata "% 1" "VBoxInternal / Devices / acpi / 0 / Config / SsdtFilePath ""% vmscfgdir% ACPI-SSDT1.bin "
- ON -
% vboxman% setextradata"% 1 "rem" VBoxInternal / Devices / acpi / 0 / Config / DsdtFilePath ""% vmscfgdir% ACPI-DSDT.bin "
% vboxman% setextradata "% 1" rem "VBoxInternal / Devices / acpi / 0 / Config / SsdtFilePath" "% vmscfgdir% ACPI-SSDT1.bin"
On Windows 10 it can sometimes get a blue screen of death. It replaces a solid number of parameters, mainly those that scorch a virtual machine like a virtual machine, including a video driver. If everything is correctly installed, after starting the virtual machine, a girl from Anime will appear. This is the criterion that everything was set up normally.
FAQ:
A: And how to determine all the same what kind of payment system in the store, even on the example of what you threw off, let's imagine that there is no information on the site.
B: Well, let's pretend, but it will be absolutely overwhelming. The algorithm is as follows - we go through a browser based on Chrome to the store, place an order, generate a card number, enter everything, number, left address, etc., just fill in all the forms correctly, then open Sniffer - this is done by pressing the F12 key - there is a Network tab, a tick to the Preserve log, so requests will be saved regardless of redirects. After that, "Pay" and see where the request goes.
Manual for setting up Android using the example of Nox. Lesson 18.1.
Step 1. Download everything you need. Nox App Player from the official site.
Xposed Installer from the w3bsit3-dns.com forum or any other source you trust. Device ID Changer Pro Xposed - one of the modules for Xposed, can be downloaded from any trusted source, for example, apkhere.com
Step 2. Launch Nox, set the English language in the system itself, as well as in SOCKS itself, in the settings, among other things, it includes Root rights.
Step 3. Install Xposed Installer. After installing it, open it, go to the Framework and install it there as well. Install Device ID Changer Pro.
Step 4. Install modules in the download section: Xprivacy, Root Cloak (any version). After installation, go to the modules menu, turn them on.
Step 5. Go to the Framework tab. We do a quick reboot (Reboot).
What needs to be changed for driving?
1. SIM card data.
2. Geolocation data.
3. IP and DNS.
4. Information about the hardware.
1. To fake SIM data, we need real data and Xprivacy. Real data: We take the KX number. Next, go to whitepages.com and enter it in Reverse Phone.
After that, we receive data over the phone, and mainly the name of the provider. We write it out. After that, go to Wikipedia: https://en.wikipedia.org/wiki/Mobile_country_code
Here we are looking for our operator and write out any suitable combination of MCC (Mobile Country Code) and MNC. Next, we compose the subscription ID - this is 15 digits. Among which the first are MCC and MNC. That is, let's say - 310410xxxxxxxxx - here I have MCC and MNC from AT & T and other numbers. In total with 15 digits, the subscription ID is 19 digits, where the first is always 8901, and then any 15 digits.
PS For the largest stores, check the subscription ID and ICC ID using the Luna algorithm. We enter all the data in the Xprivacy settings. Country code 01. The country itself is US.
2. Replace geolocation data with any tool like FakeGPS, as well as NOX tools. And you can just turn them off, a lot of KX does this.
3. IP and DNS:
• Proxy Droid on Android itself.
• Double SSH Manager based.
• Any bundle that is convenient for you based on.
DNS - from the base or through DNS Forwarder.
4. Iron is replaced by only one button Randomize in Device ID Changer Pro.
After that, you can install any application and beat from it. This is very, very good in terms of AntiFraud. This setting is suitable for a real device as well.
Setting up WebRTC. Or what to do with it? Lesson 18.2.
Actually, why replace WebRTC for us?
The SSH tunnel was taken by the first one that came across and the configuration was done in Russian DS (By the way, I want to remind everyone that if you suddenly found yourself in Russian DS by accident, then clean up
the logs after yourself, otherwise you will end up on a bottle) to complicate your task, so that we do not pay attention to the time and blacklists. The problem, in fact, is in WebRTC.
Why would I replace it? I can just turn it off, for this I go to about: config, write peerconnection there. Disable the highlighted item:
I go back to Whoer, everything is fine, WebRTC is disabled. In general, this is enough for 90% of stores, but if you use PP, banks, Amazon, Walmart, AT&T, Ebay, anything solid, in other words, you will be immediately sent and your order too.
What to do? It's simple. Downloading the extension (WebRTCFake). Extensions are not noticed by stores, they only notice plugins, remember this.
How do I install it? Go to the extensions tab, click on Settings - Add from file. Done.
Well, now everything is fine, except for a small stroke - the local address is not visible, which is bad. We go to the plugin settings, there we write any local address, for example 192.168.110. (Any number). And now everything is definitely fine.
Go to Browserleaks.com and click on Content Filters. Check if something is noticed? Not. Everything, you can order what you want on the intermediary.
On the newest versions, Mozilla works every other time, so:
Create a config.js file
Open a text editor and write:
Code:
// try {
Components.utils.import(“resource://gre/modules/addons/XPIProvider.jsm”,{})
.eval(“SIGNED_TYPES.clear()”);
}
catch(ex) {}
After making sure you have a JavaScript file and not config.js.txt. Next, copy it to your browser's installation directory.
By default, this is the folder: C: \ Program Files \ Mozilla Firefox or C: \ Program Files (x86) \ Mozilla Firefox
Next, create the config-prefs.js file
Similarly, but config-prefs.js and transfer the file to the directory with the currently active profile, by default this is the folder:
C: \ Program Files \ Mozilla Firefox \ defaults \ pref or C: \ Program Files (x86) \ Mozilla Firefox \ defaults \ pref
It should contain the following lines:
pref (“general.config.obscure_value ”, 0);
pref (“general.config.filename”, “config.js”);
For Google, you can fine tune WebRTC Leak Prevent, but use Mozilla better. In addition, I will recommend a couple of extensions to replace the Finger:
HTTP UserAgent Cleaner
Canvas Defender 1.0.7 (the seventh version)
Terms:
PP, PP - stick, PayPal. Those who hit the PP are usually called stick insects. Limit - ban. The PP system can throw you a temporary or permanent ban if it suspects you of fraud.
Self-registration is an account that you made yourself for some real person. With Full Info.
Full Info (fulka, fulinfo, fullz) - information about a person, which is enough to, for example, make yourself an account in the PP. And not only in the PP, by the way.
Knit, tie - link. This means linking (adding) an account to something or, for example, a card or bank account to a payment system account.
What is PP? And how to work with it? Lesson 19.
PayPal, PP - a payment system all over the world, is used in almost all American stores for payment, it also serves to send money between users of the system. At first glance, it is a very convenient payment system, but it is especially difficult for beginners to work with it, since very often it is unpredictable and constantly changes the algorithm of its work, but if you at least partially understand the principle of the PP operation in a certain period of work with it, then you can do yourself well provide.
There are two types of PP accounts - Personal and Bussines. The first is for personal use, the second, respectively, for business. They differ only in the limits on input and output, design and types of account limits (bans). Plus, it's easier to make sales from business accounts if you are doing this, since there are many chips that will make your work easier. Someone says that PP is more acceptable to business accounts, but in my own experience I did not notice the difference, each account gives in its own way, no matter what it is, a personal or business account.
What is an account limit (ban)? This is a limitation that AntiFraud PP puts on your account, and you cannot fully use it, the limits are different. There are those that can be removed simply by changing the password and accepting SMS to the number in the account, and there are those that can only be removed by calling or drawing documents.
So, a personal account is easier to limit in the case of a limit, since at its limit they ask for fewer (usually) documents for limiting, and if it is drawn, it is more expensive. If you still want to work with business accounts, then first register a personal one, and then in the settings you can change it to a business account.
Also, PP has SM - Security Measures. When paying or when logging into the account, the PP may ask to accept an SMS, a call to the number in the account. Less often, enter the full card number or the bank account that is linked to the account. It happens when you log in from another device, from a new IP, without the previous Cookie, due to other parameters (the PP may not be understood and SM may appear just like that), which PP does not like, when paying for a large amount, or have already scored AntiFraud points in case of suspicious actions and AntiFraud PP wants to check whether KX is using the account at the moment.
Very often this can be found in Brute-accounts, but also on self-registers. You can get around this only by receiving SMS to the number in your account, or enter the data that the PP asks for. If, when entering your account, you can still try to get around such a problem, then when paying only by accepting an SMS or a call - usually these two options are offered by the PP exactly if SM when paying.
The activity of the account is also important, if the account is active, regularly accepts, sends money and there are no refunds, then the PP will trust such accounts more and give more money to pay and send accordingly. Try to enter and work with the PP account from the same system, the PP gets used to the system with which they work. If you are working on DS, then use a portable browser and save the folder to yourself (Or just export the Cookie), because if DS dies, then you can safely transfer to the new DS. If you work from a virtual machine, then use whatever browser is convenient for you. After transferring your PP account to a new DS or a new system, which is very different from the old one, I recommend keeping your account on the new DS for a couple of days, if you do not immediately allow you to pay, do what you allowed to do with the account on the old DS.
But all these SMs are not scary for us with self-registrations if we use Google Voice or any US number where we can receive an SMS / call, and if we added this number when registering an account, because if there is no access to the phone that is in the PP account, then and will not come in and pay, which is more upsetting. And you can add a new phone to your account so that you can choose it with SM, you can only through a call to technical support, or you can simply add it to your account and wait a few months until it starts to be seen with SM.
A new number will be visible if added within about two weeks after registration, then it may appear with SM immediately or after a few days. If you change DS, the tunnel, then try to find the same city, state that was before in order to avoid SM, if there is no number with access or Google Voice died for some reason.
Personally, I use TextNow and don't bother with IP at all, I just take it under the same state or country. In this case, I work from a separate laptop and there are always cookies from accounts, and even on Russian Windows.
FAQ:
A: Is PP friends with Linken Sphere?
B: I heard several reviews that guys were getting bans using LS.
A: If a virtual machine in one browser has Cookies from 20 accounts at once, does SM see it? Or does it matter?
B: Sees, it's better not to do that.
A: As I understand it, you can no longer take Brute accounts, but you need to look for those who trade in logs?
B: Logs are nicer than Brute, since they come with Cookie, and if you have an account without Cookie, then 99 percent that you will catch SM.
A: I did not understand a bit about the browser. Let's say I made a virtual machine, put a browser there and I have a hundred self-registers, I clean the browser, then load the Cookie there, if I want to go to another account, then again I clean and load the Cookie from the self-register, which I want to go to?
B: Right, or separate spending browsers for each PP account, like mine.
Let's move on to self-registrations. Self-registration is a personally created PP account with the help of full information (Full Info). Full Info - full information about a person, containing name, address, phone number, e-mail, DOB - date of birth, SSN - social security number, less often MMN - mother's maiden name.
Example: WILLIAM CHAMP / 11000 GULE BLVD / TREASURE ISLAND / FL / 33706 / 407-44- 9880 / 09.20.1936
Where: WILLIAM CHAMP - First and last name.
11000 GULE BLVD - Address.
TREASURE ISLAND - City.
FL / 33706 - State / Zip.
407-44-9880 - SSN.
09.20.1936 - DOB. In the United States, the date of birth is in the Month / Day / Year format. It can be clearly seen here.
This data is quite enough to create a PP self-register. Please note that the SSN has nine digits, and the phone number is ten, as often the format of the information is not the same, and many cannot understand where what is.
BA, BA - bank account (WellsFargo, SunTrust, TDBank, Chase, Bank of America). These are the most common banks under PP.
Example of BA log: ss582202: loveyou1
Last Sign On: November 30, 2020
Email Address: [email protected]
Mailing Address: 123 NICHOLAS LN ASPEN, CO, 81611-3231
User-Agent: Mozilla / 5.0 (Windows NT 6.4; WOW64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 41.0.2225.0 Safari / 537.36
--- Cash Accounts ---
CUSTOM MANAGEMENT (RM) XXXXXX7478 $ 1,401.54
Cash Accounts Total: $ 1,432.35
--- Credit Accounts ---
--- Loan Accounts ---
Where:
ss582202: loveyou1 - login and password.
Last Sign On: November 30, 2020 - date of last login.
Email Address: [email protected] - email address of KH BA.
Mailing Address: 123 NICHOLAS LN ASPEN, CO, 81611-3231 - KX address.
User-Agent: Mozilla / 5.0 (Windows NT 6.4; WOW64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 41.0.2225.0 Safari / 537.36 - User-Agent (Not always available. Depends on which Checker the seller has)
- - Cash Accounts ---
CUSTOM MANAGEMENT (RM) XXXXXX7478 $ 1,401.54
Cash Accounts Total: $ 1,432.35
--- Credit Accounts ---
--- Loan Accounts --- - information about individual accounts and the amount of all accounts in the account.
We are only interested in Cash Accounts, since only they fit into our self-registration.
We don't need all the rest - Credit Accounts and Loan Accounts. This is the most complete log I've seen for a BA with Brute. Most often, this is just a Login / Password and information about the state of the account. It is better not to go to the BAs themselves, but to immediately knit them to our self-registers, or it is better to check with the sellers if it is possible to enter their BA through the official website.
You can check information on BA balances and accounts through third-party offices, for example, personalcapital.com and the like.
FAQ:
А: How much does a BA with a Cash Account cost?
B: From two dollars, depending on the balance.
A: What about PP loan? For self-registration it seems to give up to $ 100, if you mess up a little?
B: Now it is very tight with loans, in order to drain it you need to sweat a lot.
А: Where are such BA accounts sold?
B: Here - gamarjoba.info
So, further. Now I will register a PP account and describe each action with photos to make it clearer. So, to register a PP account, we need: Full Info, BA, email, phone number. If it's not a problem to make mail (it's better not to register a US PP account at mail, yandex, and so on), then you can buy the phone in GoogleVoice or make it yourself on TextNow.
Go to textnow.com and fill in the data. You can register an account using the same mail that you will use in the PP.
After registering in this window, enter the first three digits of the desired number, you can see which number is indicated in Full Info and take these numbers from there.
Success, got the number.
Now go to paypal.com/US/welcome/signup and fill in the details.
Name and surname with Full Info, mail and password are your own prepared, tick at will.
In the next window, enter the address with Full Info, and the phone number GoogleVoice or the one that was made on TextNow. A tick is already required.
If there is such a window, then all the data is correct and everything was done correctly.
Next, we can link the BA. I advise you to do this from the old design.
Follow the link paypal.com/cgi-bin/webscr?cmd=_profile-ach
From the BA list, select the one we need, if your bank is not in the list, click “I have a different bank”. There you will be prompted to enter the direction (routing) and the account number from the BA (more on these numbers will be given later), as well as select the type of account. There are Checking and Saving accounts. Checking for spending, Saving, as a savings bank basically goes, but it happens that Americans and actively use it. They have separate accounts for savings and deposits, but they are not linked to the PP and it is also impossible to withdraw from them before the deposit return period.
But I have Chase, it is on the list, so I select it and enter the login and password from the bank:
I press Continue. After that, you will be prompted to select the required accounts to link, if the login and password are correct. Select the ones you need and click Finish.
If such a picture, then everything is okay, BA has become attached.
It also happens that the BA is not attached.
There may be several reasons: it is already tied to the maximum number of PP accounts, problems on the PP side, problems on the bank's side. If there are several accounts in the BA, then only one can be linked, and the rest can already be linked in the PP, or vice versa, all but one will be linked. After linking the BA (or before), we can still confirm the mail. We go to our mail and see a letter from the PP:
Click Confirm My Email, enter the password from the PP account again and that's it - the mail is confirmed.
After confirming the mail, it can immediately offer a confirmation of the phone, do it if you wish, even to an unconfirmed phone you can receive an SMS / Call if you request them when paying, logging into your account. We can also check Full Info for Valid. Click on the main page of the PP (when logged into your account) the Add Money button:
Here we enter DOB and the last four digits of SSN with Full Info, just do not confuse it with the date of birth, because here it asks in the format Day / Month / Year, and in Full Info it is mainly Month / Day / Year.
We click twice on Confirm and if we get to such a page:
This means Full Info is good and we will be able to throw off on such an account, if, of course, the PP allows it. We can check it now, in the Amount field, enter the desired transfer amount. Click the Add button twice and if there is such a window:
This means that the transfer does not give PP. You need to track / rock your account. We can also go through the tabs for a general understanding. what is there.
Here we can send and request money from other people that use the PP:
Wallet - management of linked cards and BA (We can add and remove new cards and BA, specify priority accounts for payment). Offers - discounts and offers from PP in many stores. Help - communication with PP support.
In the settings we can also manage mail, phone number, password and addresses.
FAQ:
A: Is it bad when it does not fit instantly, but asks for a minimum (verification) payment? As for AntiFraud, the system loves when everything is checked and verified, when you ask secret questions. Why can't you just dial in support of the PP and say: “I have registered, I cannot make a transfer from my BA, I want to buy something through your platform ...” What will they say? Rock your account? What about transferring to empty mails and linking them to accounts for draining, does this work now? Previously, the SS of Italy tied to the PP and poured into empty mail, they did not even have time to cash out.
B: 1. No, not bad. 2. The main thing is to verify the mail, I seldom confirm the phone number when I confirm it. 3. You can call, but the operator will tell you to try again later, that he cannot help you here. 4. There is no transfer to empty mail (you probably meant sending), it worked well before (One moment), but has already been fixed. 5. I won't say anything about the SS of Italy either, but I tried to knit BA from other countries, and the US BA to Canada works.
A: What is the IP for PP?
B: Clean.
A: You can buy all kinds of virtual and electronic goods, thereby swinging your account on the PP, or is it more suitable for some real product?
B: It is better to send KX socks, virtual purchases are very difficult.
A: Are we looking for BA under KX?
B: You cannot know BA KH, as well as PP.
A: Can you hit the middleman with the PP?
B: Yes.
A: Does the PP have a similarity to the AVS system?
B: Only in the USA, other countries do not.
A: PP doesn't care what you screw to it?
B: Exactly.
A: It doesn't matter whose BA you fasten to the PP?
B: Yes.
Terms:
Make a deposit, deposit - send. Most often - just transfer / deposit money to your account.
Send, send - send. Usually used in the context of sending funds, for example, by mail.
Deposit and payment methods using PP. Lesson 20.
Consider a deposit and payment using PP. Deposit - transferring money from the BA balance to the balance of the PP account, in order to do this, we need to verify the identity in the PP account. This is done by entering the SSN and DOB the first time you click the Add Money button. In the last tutorial, I showed you how to do this. If, at the same time, an error pops up that we cannot confirm your identity, then it means that the Full Info curve is (invalid) and you cannot make a deposit to such an account, but you can pay or send.
If you entered the wrong data by mistake and jumped out that the PP cannot confirm your identity, then you can use such an account for payments, shipments, or close the account (Close Account) in the settings, that is, delete, and then create a new one for this Full Info, just enter the data correctly. But if, after all, Full Info is a curve, then normal sellers give a replacement for such Full Info. If you are not going to make a deposit, then you can register for random data. You can take it here: fakenamegenerator.com
Either invent it yourself, or even better register for data from CC, but I still make accounts on Full Info.
If suddenly the PP allows you to make a deposit, then the accounts will come in handy and there will be no need to register new ones on Full Info, I do not advise registering for fake data, since after all, the database is checked somehow in the PP, whether there is such a person or not, and such accounts can fly to the limit. (Previously, it was such that accounts flew to the limit, now I don't know, you can try). Accounts for fake data, unless you can do it for training, or if you make accounts with PPs of other countries, for example, Australia, where there is no check on the bases, or there it is in PP all the same. The deposit itself lasts 3-5 working days, so I recommend making a deposit at the beginning of the week, on Monday, or even on Sunday, then the money will fall on the PP balance on Wednesday or, in extreme cases, on Friday.
Now, a deposit from a BA in the United States is sometimes given immediately after registration, it happens after a check-in, it happens after the self-registration has been downloaded by payments and shipments, and it happens that a deposit does not give at all. You can also try to withdraw to the linked BA, and then make a deposit from it. You can also stir up your account in this way: Send from the Russian account PP to the US self-register account, or from the USA self-register to another USA self-register, or exchange it for BTC for PP at exchangers for localbitcoins. Just tell them to send money as friends / relatives, and not for services. Because, if they send it, as for services, then the money on your self-register may be delayed and you will not do anything with it, when the money is on the balance of your self-register, then withdraw a couple of dollars to the linked bank or buy from the balance, then wait a couple of days and try to deposit with BA or pay for something,
Hardly anyone can say the exact terms now, when they will give to make a deposit, they always give differently. Here for each account individually. After the deposit has come, do not run to make a deposit immediately the second time. You will make it in a couple of days or a week, but for now, start draining this deposit that came. You can drive money into the balance after purchases, ask the store / seller to make a refund (About refunds will be even further), but refunds should not be overused either.
This will either burn KX or the BA will not have such an amount. In this case, if there is no limit, we knit a new BA or make a deposit for an amount less, but the first is better. Old BA not
I advise you to immediately delete from your account. You can not delete it at all, but if you delete it, it is better in a couple of days. PP does not treat such sharp movements with the account very well, as practice has shown.
FAQ:
A: Is the deposit made only with BA or is it also possible with CC?
B: Only with BA.
A: What if there is no deposit button?
B: Try this - paypal.com/myaccount/money/claim-funds/learn-more?context=generic
A: Can I send directly from BA or from CC accounts to another self-register and get a net balance?
B: Yes, it is possible immediately, if it gives, of course, with the SS, most likely, it will give immediately.
Payment by means of a PP goes in 4 main ways: from the account balance, from CC, from BA and with BML - a loan given by the PP. There is also a combined method, when you buy and there is a balance on the PP, but the purchase amount is greater, then it may offer to withdraw the entire balance and pay the rest from BA or CC.
BML can be obtained using the Full Info account data here - billmelater.com, when registering the PP account itself, or when buying Ebay or in a store that accepts BML payment, but you need to be able to merge BML, you also need to look for your private stores, schemes etc. Personally, I don't work with him.
Now it is very difficult to buy something from a loan to an address different from the one to which it was received, and you can get a loan only by specifying the address with Full Info. No credit will be given to the addresses of false people or intermediaries.
The easiest option to pay with a PP is from the balance. You can pay almost anything from the balance on the same Ebay or in other stores. I advise you to pay with the SS through the PP only from the personal account (Personal Account) or from the SS, which has access. The fact is that most of the US cards have already been shone in the PP or are tied to other PP accounts and will not pay for it just like that. If you link the CC to the account, then in most cases it will ask you to confirm it with the transaction code, and we can do this with the LC. There are, of course, BINs that are attached to the PCB without the need for confirmation with a code, but hardly anyone will share them. But if the SS has never shone in the payment system of the PP and it is Valid, then most likely it should be paid, since everything is on our side and the PP has nothing to complain about (but here it depends more on the AntiFraud PP mood at the moment of driving in) ...
There was also a topic with CreditOne and the like. For a long time, the PP allowed attaching cards of this bank with an invented EXP and CVV code, and then everything was paid from them. Now you can use the same scheme to try to link cards of other banks, if there is only a CC number and you can then look at the code in the transaction to confirm it in the PP account.
Payment with BA is carried out in two ways: Instant Transfer and E-Check.
Instant Transfer is when the payment is completed immediately after payment and only after 3-5 days the PP receives money from the bank. That is, the PP itself pays the store and only after a couple of days receives money from the bank.
E-Check is when the payment is completed in 3-5 working days, when this money leaves the BA and arrives at the PP (something similar to a deposit, only the money immediately goes to the seller, and not to the balance of your PP account). Now, if your payment went through E-Check, and you want to make a refund to the balance, then do not write to the store immediately after ordering, otherwise the money will go back to the BA. You need to wait until the E-Check is cleared (or the money will go from the BA, usually the next business day) and only then write to the store about the return. In this case, the money falls on the balance of the PP account, but it happens that the store says that it has already been sent and gives the track number.
Here you can defend your own and say to unfold the parcel and return the money, or wait for the parcel, so it is better to write to the stores / sellers as soon as the E-Check is cleared. You can write the day before the E-Check is due to clear, while the store has not yet received the money.
When paying with CC, the refund goes to CC, it never goes to the balance, so you can return to the balance only when paying with BA. As for payments, the account does not always allow you to pay from the BA, and even with the CC it does not always allow you to pay. In this case, it helps again with a check-in or a call / chat. But I will say right away that calling a PP without a broken BG (Background Report) is a bad idea. Often, when you call, they may ask what car you had in such and such a year, or where you lived then and a bunch of similar questions. Plus, before that, there may be questions about the PP account: Where was the last login to the account, from which OS, cities; where the account was registered and when, and so on. Even more often, calls simply call the PP without straining and merge at the first questions, then your account may become even worse.
And now a tip for those who do not value their PP accounts and do not care about the limits. We take BA with zero or with a minimum balance to make it cheaper. We create a self-register, link our BA, CC with access in order to confirm it (CC can also be linked, since when paying later it can only see it, not BA). Then we take good care of it, or not (depending on how it gives you to pay). After that, we buy from BA through IT (Instant Transfer) as much as it gives, use the account until we get bored, or the limit arrives. Sellers / shops receive money immediately and ship the goods to us. After 3-5 working days, the PP tries to withdraw money from the BA, but they are not there. She writes to the mail so that we replenish the BA account, and she will again try to withdraw money in 3-5 days.
During this time, if there is no limit, we buy more, if it gives. When the PP fails to withdraw money from the BA account for the second time, it either gives the account a limit (ban) or drives it into a minus. The minus itself, if there is no limit, we can cover it from the bank. We connect a new large bank, keep track of the account a little and make a deposit several times. It is even possible to change the amount of the deposit in such cases. If, for example, there is $ 100 on the account, then when the minus is closed, we make a deposit of $ 300, so it can give several times.
Or you can cover the minus even when buying. If you have a minus on your account and there is no limit, then when buying, you will be offered to add the minus amount on your account to the purchase amount. Sometimes the deposit does not cover the minus, but when you buy it does. As a result, with minimal investment, we have a good profit in the form of goods and even a balance on our account, if we are lucky. Previously, it worked very well, but now, in most cases, the first payments from the bank are offered by the PP to do exactly E-Check, and not IT from the bank, or through IT, but for small amounts. But if you find a store where IT flies in for more or less normal amounts, then you can use this theme, even change it a little, immediately attach a BA with a large
balance and squeeze out the store for a long time and a lot from one account.
FAQ:
A: What about AntiFraud when working with PP? Easier in terms of IP purity / System setup or more complex than CC?
B: The PP has its own AI, which often puts a spoke in the wheels, but I do not configure the system at all, but I just work with Firefox Portable Eng Version, and in general this is enough.
A: A question about zero BA. You write that you need to tie the SS and right there in brackets, that you do not need to tie it, because it will become the main one ...
B: This is a PP problem, she asks to tie the SS, but it is better not to do this, or use Roll'ki.
A: What about payment in stores? Or if the payment is through a PP, then the shops do not care at all?
B: If you mean the address, then yes. The store only sees email.
A: And if you pay for everything in stores, then you need to do it all with the same Portable Mozilla, from the same IP that I use with this PP account?
B: Yes.
A: From your own experience, tell me, what should be the terms of staying? And the posture itself, when it goes, is it better not to go to the PP website?
B: Exactly, in terms of three days or more.
A: How much should there be a clean SSH tunnel, DS or SOCKS when working with PP?
B: I don't bother with blacklists, PPs have their own blacklists, some even work from public VPNs, like NordVPN, so the AI of PPs cannot be understood.
A: No, I mean, if we buy and pay through the PP, AntiFraud of the store does not pay attention to our system and the cleanliness of the SSH tunnel, or is it not?
B: Well, in fact, he doesn't pay attention, unless, of course, your DNS or IP is directly lit, that you are from Russia. Or a Russian browser ... Therefore, you need to bother, but without fanaticism.
A: It turns out that you can buy PPs, even on bad SSH tunnels?
B: You can, but I don't recommend it.
A: And what does this come out? PP, is it much easier to SS if you work for quantity?
B: If by quantity, then yes.
A: What about the 22nd ports?
B: Oh, I don’t look at it at all, I work through SOCKS, there are also ports shining and nothing.
A: I did not understand how to make accounts of other countries, Just like the United States, just take Full Info of another country and of course IP for it and that's it?
B: Yes.
A: How do you work through SOCKS with PPs if they can suddenly fall off?
B: I work normally, they live with me for a day.
A: In the store, what did you give, as I understand the BA logs are distributed according to the balance? The range is indicated in parentheses, I do not know what it can be, except for the balance. Only there are almost no positions, do they exist at all?
B: I won't say anything about the logs, because I didn't work with them too much.
A: Stop, is it enough for a day to register a PP, link a BA and have time to buy?
B: Yes, if not, then you take the next SOCKS and that's it.
A: How do you work?
B: RU Windows + Portable Mozilla Eng + SOCKS
A: Regarding shipments, can I self-register here in Russia and bind the left SS and send from the US PP from the SS account?
B: It is better not to do this, if there is a loss for Russia, then they will come for you quickly.
A: Well, now, you connected SOCKS, registered an account using Full Info, linked BA, and then what?
B: Then I try to buy / send / make a deposit.
A: How do you connect BA?
B: IT or through verification payments, depending on which bank.
A: And what is the damage to Russia? I transfer money here from there, and not vice versa.
B: If you want to make an accepting Russian account, then the PP and bank data must match the Russian one. You can do this, but you will very quickly move away from this method, since the limit will arrive and that's it. Again you will have to buy data and a Russian card.
A: Explain, please. So, you gave us a site with logs, in theory we should make a self-registration and use these logs to bind the BA to the PP, but you said that you do not work with logs, and then where do you get the BA?
B: Logs are stolen cookies and browser passwords, which can contain everything from PP to PornHub. BA is a bank account, usually this and that is sold. I mean, I don't work with logs, but I still work with BA.
A: Are you looking for shops or are you going to Ebay? Or differently?
B: Differently.
A: Is it possible to withdraw money from the PP directly into the cryptocurrency from the same BA or CC?
B: Yes, but it's very difficult.
A: I do not understand about delivery, when paying by PP, where is the delivery going to what address?
B: The one that you indicate.
A: That is, the option to send to the buyer / huckster, is it good?
B: No. Send on yourself through an intermediary, that's best.
Before that, I showed how to register a PP account in one way. I will not show it, but I will tell you how it can be done differently. Maybe you already know, or maybe someone does not know, that you can also register a PP account through a purchase (On Ebay, or in any store where there is a PP payment).
If you have a VCC or CC, then you can register a PP account through purchase. That is, you take a CC or VCC with or without balance and go to a store that accepts PP. Choose a product, click on payment using the PP, since you do not have an account, the PP will offer to register it. Type in the CC data, e-mail that you registered under the PP account, Bill and Ship addresses, first and last name with Full Info or CC (depending on what data you register an account with) and click to pay.
There are two options, if your card is alive, with a balance and did not appear in the PP, then the payment will go through and the account will be registered. Or the payment may not go through, but the account will still be registered, you will be prompted to come up with a password for the account.
For another way to register a PP account, you need to know such a thing as sending to empty mail. Sending to empty mail - sending money from a PP account to a mail that is not yet registered in the PP system. That is, from one self-register or from the Russian PP account, or through the same money changers, you send a couple of dollars to the mail that you just registered and have not yet used it in the PP, when the sending to it goes through, a letter from the PP will fall into the mail, which money has been received and you can take it if you register an account. Click "Get money" in the letter and register an account at Full Info. That's it, the account is ready, the mail and money on the balance have been confirmed, then we withdraw them to the bank or buy something, there the PP account is rocked.
There was an opinion that the PP for accounts registered in this way is more acceptable and gives better payments, deposits in the future, but I register in the old fashioned way, slowly swing, gives without it, I have enough.
FAQ:
A: Still, I don’t understand, if you swing the PP and use SOCKS, then, for example, SOCKS died, you took a new one, and the PP doesn’t care?
B: Yes, you have self-registration, which means you can receive SMS.
A: Do we make new numbers every time we register?
B: Naturally. And yet, TextNow has such a feature, you need to send SMS from it every 5 days, otherwise the number will die.
A: It’s just strange, apparently everything is very simple and smooth, but I feel that this does not happen.
B: Of course not. It will be, but later, if, of course, you stay at the PP.
A: Looking ahead, tell us about the difficulties of working with PP.
B: Limits (bans) and malicious AntiFraud. Work and everything will be. It's easier for me with limits, because I have my own call, and I draw documents for myself.
A: Do you need a separate IP for each self-register, or can you make several from one?
B: Better for each account - a separate IP.
A: Will there be a guide about removing the ban?
B: What guidance can I give you? It depends on which ban. Draw, call and that's it.
A: Do you need to disable / enable WebRTC? Or you do not care?
B: I always disable WebRTC.
A: Is there anything else worth knowing? Is there a separate Portable Mozilla for each self-registration?
B: Each account has its own browser, do not jerk off accounts, always change work algorithms, you will decide the rest along the way.
How to drain money from a PP? Lesson 21.
Consider ways to drain PP. As I said in the last lecture, balance is the easiest to merge. The balance can be drained almost anywhere, if you have an account with history or with tracking. It happens, of course, that there are accounts with a balance, but they do not allow it to be drained. But tracking helps to solve this problem, even if you are faced with this, it is better not to panic and not kill your account completely.
You can also drain gradually, in small amounts, if the entire balance does not allow you to immediately drain. Now for more details about cashing. The first is sending cash out, but it is not easy to find a good cashier, and they cash out everything usually at 50-65%. Now you can find cashiers on the forums, but finding a good, permanent and responsible person is difficult. Also, everyone may have their own conditions for the account from which you are uploading, in addition, some can cash out with a delay of a couple of days. Cashiers are accepted to their upgraded accounts through the donation button, through payments, or simply by sending directly to their account. Some give their BAs to bind to your self-reign and to output to them.
You can also upload to empty mail. That is, to the mail that is not yet in the PP system. At the same time, the PP sends a letter to the specified mail stating that money has been received for him and they can be collected by registering a PP account for this mail (Above was about this). But if you send it as for services, then you can put a retention on such a sending of a PP if these are the first such transactions on the receiving account. It seems like a 21-day retention. If I send it myself, then only as a family / relatives, which I advise you too.
Post balances are also bought by cashiers or cashed for a percentage of the balance, and you can also buy from BA. It's easiest for me to buy on Ebay, sellers easily send to the address of the intermediary, when the addresses of many intermediaries in stores may be blacklisted. Alternatively, you can also send directly to Russia if the seller is sending. Plus there is a huge selection of products from different stores / sellers in one place. After registration, I immediately start up my accounts in stores or in Ebay for purchases. I beat it too much, since not every product allows you to buy, but if it doesn't allow you to buy, even some kind of coupon for one dollar, then I just leave this account for a couple of days, then I try again. On Ebay I buy from a registered account, before from a guest. Gives in different ways, earlier it gave better from a guest, now from a registered Ebay account. But shops can be found where the PP goes much better than on Ebay, you just need to look hard. This must be remembered - if the PP goes well into Ebay, then it enters the stores even better at this moment, except in some cases when AntiFraud can only be launched on Ebay.
Morally it is. Don't just hit Ebay if it doesn't give you, look for a few shops with PPPs. They go well into Chinese shops. Even when driving with PP, there is no such thing as Bill different from Ship. The store sees only the name of the PP account (to whom the account is registered), mail, Ship address. Bill does not see the address, even if you hit from a card tied to a PP, therefore, when paying with a PP, shops are easier to send to intermediaries, whereas when driving from SS, they may not.
You can also merge PP into digital goods, various E-Gift, keys, and so on. It is not very difficult to search for shops with all this, it is more difficult to drive in and get the goods. I used to merge PPs into Gifts SSH tunnels.
Here, the stores:
itunescarddelivery.com
gamecarddelivery.com
thecardcloset.com
Earlier, when they drove in there, then a letter came to the post office with a request to call, send documents or Selfie with the order number. Now they have changed the order confirmation system and ask for a Selfie with an order number, and also a Selfie with a passport. If you want to bypass such confirmations, you can use it. Also, you can search for your stores and try them, but many stores still ask for various confirmations. Then we merge Gifts to buyers or sell ourselves. Buyers can be found on the forums, full of them.
Another way to withdraw PP is to BTC / Cryptocurrency. There are sellers on Ebay who send BTC to the specified address, but now almost everyone is asking for documents or some other tricky verification. There is also virwox.com, but there are many problems with it too. This office loves a clean, previously unused IP and accepts from the balance of the PP only, besides, it can ban the account at any time and not return the money to the PP for a long time (For beginners, it is better to bypass this desk). Stores with BTC can also be searched and tried, but a lot of stores are now asking for verification, so be prepared for that. Without verification, there may be stores that have just opened and have not yet been killed by hackers (Us). So, if you find such a store or office, then milk it as quickly and as much as possible. Of course, you can also drain the PP and cash out on your own.
There are countries with withdrawals to cards:
paypal.com/us/cgi-bin/webscr?cmd=_display-country-functionality-outside&dispatch=5885d80a13c0db1f8e263663d3faee8d0b9dcb01a9b6dc564e45fe
and show this country. True, the information may be a little outdated for some countries, since the PP does not update this page for some reason. You can also do BA self-registers, if you know how to merge there or withdraw to cards, but not all cards can be withdrawn (There seems to be only debit and PrePaid, and then not all banks are suitable, but I could be wrong).
Even according to the conclusion, you can send to empty mails (What was it in the last lesson), and then register an account of the country you need with this mail and withdraw or accept to withdrawal accounts. To do this, you need a swinging receiving account with a history, besides, it is better to mix it with white transactions on the withdrawal. If there is some kind of legal online store with PP payment, then you can upload there from time to time. You can also merge through different offices, which accepts the PP and where there is a withdrawal to other payments, but hardly anyone will share these if they really work without problems.
Of course, a ban can always be expected, the main thing is not to give up and continue to work and there will certainly be success.
FAQ:
A: The most important question is, how do you personally cash out? That is, I understand correctly that when you pay for a PP, the AntiFraud store does not care about dirty IP and Russian Windows? Where to get cards for withdrawal? And what, in fact, do after draining the balance to the card?
B: I cash myself through third-party offices. No, everything should be American, but my Windows is Russian - yes. Search for sellers on the forums, after leaking to the card if, you need a person in the USA who will cash it out (so for now, forget about withdrawing to the CC).
A: "Of course, you can always expect a ban, the main thing is not to give up and continue to work and there will definitely be success" It turns out that all that remains is to register accounts, shake / watch and hope / wait?
B: Yes, that's what I do.
A: What percentage of accounts, if not shooting, then at least turn out to be working with your experience?
B: It is always different, sometimes I merged 13 out of 15, sometimes 5 out of 15.
A: If there is an opportunity to take a BA with a large balance, for example, a few thousand dollars, then you probably should not take, the chances of draining such large amounts are very low?
B: You are unlikely to be able to withdraw everything from BA, take BA on average for $ 2000-5000. And so, the more money for BA, the better.
A: “No, everything should be American-style” Sorry, I didn't understand here. You yourself said that you don't care about quality at all, or do you mean geolocation for an American?
B: Yes, I do not look at the purity of the IP (Again, this is me personally)
A: It turns out that after registration and binding, you try to make a deposit for half of your accounts, and do you buy half of it?
B: Just from the bulldozer, I can make a deposit on two, make a departure on one, buy from five. Always different.
A: And if the action did not work out - to bed?
B: Yes.
A: Does it make sense to buy self-regulators already with bedding?
B: It is better to do self-registrations yourself.
A: How much stay? 2-3 days or are there nuances?
B: That's right, 2-3 days, don't go there and that's it.
A: Does it happen that even after being laid up, nothing can be done? What then? Still staying?
B: It happens that from other self-registrations you throw 5-10 dollars there, withdraw 5 $ on the BA, buy some socks or panties, then you should give a little rest.
A: Cashiers often die?
B: Payments are often delayed and disappear.
A: How to get access to private sellers, offices and so on? How does this generally happen in this area? How did you get there?
B: I myself am looking for, either buy, or people I know well share.
A: In Mozilla, you only disable WebRTC and that's it?
B: Yes, only it (I gave the link to Mozilla) and use the latest version better.
A: Can I send to empty mail in Russia?
B: It's harder to work with Russia and it's easy to catch 180 days. Start in the USA.
Terms:
BA (BA) - bank account. Attention! This is not an online banking account in the LC! This is exactly a bank account, that is, an account (or accounts) with a bank.
ANRN (Accounting Number, Routing Number) - accounting number and Routing number. Important BA details (will be discussed in more detail below).
Alerts (alerts) - alerts, notifications.
Branch (branch) - a bank branch where you, for example, come to make a card. If the bank has no branches, then this is only a plus for us.
BA. Bank accounts. Start. Lesson 22.
This lesson will focus on the basics of working with BA. Let's talk about working with US bank accounts. We do not work in Russia, please bear this in mind. However, I can give advice on how and for what to accept money from the USA, so that all sorts of people don't take you by the ass, because just show our authorities a rag - everyone wants to chop off a piece. This is mainly tax.
First topic. What is a BA, what is the difference between a BA and an account, what details does a BA have and how to view them? BA is a bank account - one or several accounts that have common details. In short, there are several accounts that are issued to one owner. And each account has its own purpose. Therefore, accounts are divided into profile and non-core. It is divided like this - either the account is suitable for our work with it, or not (that is, it is merged or not).
The main profile accounts for each BA:
• Checking
• Savings
Let's take a look at what Checking and Saving are.
Checking - if compared with Russia (we are so used to it) - this is a current account. For example, he receives the salary of the KH, from which he makes payments, well, a communal apartment, gasoline, food, telephone. Therefore, the movement on this type of account is frequent, but the volume of transactions is usually very small.
The second type of account is Savings. That is, savings. There KH keeps money that he does not often spend, such as a stash. Well, you know, they used to keep money in Sberbank. On the passbook. This is something like that.
On Checking - small amounts in the expense column, KX checks more often, but for a bank, transactions on such an account are a common thing. Saving - the amounts are larger (from my practice - much) - KX rarely checks, but the bank is much more suspicious of transactions from such an account. Therefore, we need to decide for ourselves which account to work with and which not. Our choice is influenced by many factors, such as the type of KX activity, the type of bank, and more. Saving also needs to be monitored more closely. The fact is that in the United States there is a federal law according to which there can be no more than 6 transactions per month for Saving accounts (Including incoming and outgoing). And verification payments (Minikis) are also considered (2 positive and one negative = already 3 transactions. I told about verification payments (They are MiniDeposit) in the lessons about PP, but we will come to this later.
The law itself: https://en.wikipedia.org/wiki/Regulation_D_(FRB)
You can read it at your leisure.
I'll tell you right away what will happen if 7 transactions happen on the Saving account. Depends on the bank. Someone will take a large commission, or the bank will close the account. Therefore, the first rule of BA work
is always to read FAQ and / or documents from banks. Terms and conditions, the so-called. There are more than 6,000 banks in the US, all of them have different rules. There is no limit on the number of transactions by Checking.
FAQ:
A: Is the transfer between their accounts also limited?
B: Yes, if we merge from Saving to Checking inside the bank, there is still a transaction for debiting. And it counts. If we transfer from card to account, there are limits.
A: Is there a limit on the amount on Checking? Up to which amount can arouse less suspicion, or do you need to analyze the behavior of KX?
B: It is necessary to analyze the behavior of KX and read the documents of a particular bank. There are banks with a ceiling of funds in segregated accounts.
A: That is, if the transactions are within 100 $, the transaction of 1000 $ will be blocked?
B: Will not block. It can raise suspicion in the bank. The bank has its own AntiFraud. This is how it is in stores where SS is driven into, so is it at the bank. For example, if KX spends $ 100, and then there is a transaction for $ 1000. They can call him and ask for confirmation. In addition, it depends on the method of draining funds. There are more visible methods that are quickly suppressed, and there are less. Let's talk about them too.
Okay. Now let's move on to non-core accounts. Non-core accounts. In most cases, there are 4 of them (which are worth highlighting): Mortgage, Deposit, Loan, Invest (Brokerage).
Mortgage is a mortgage. The normal amount is shown there, with a plus, but you cannot withdraw money, since the amount shows the repaid debt.
Looks like that:
Deposit - if there is a deposit, then it is logical that there is money. But for their translation or filming - you need an X event. Type - death, default, birth. Or it lies in time (deposit until 2022, for example). You need to find out the conditions for withdrawing a deposit. It's still a problematic account, although there is usually a large amount there.
Example:
Loan is a credit account, like a student. Usually - target account - car, house. It is possible to drain from it, but it is problematic.
Well, Invest remained. This is a brokerage account, from which KX can buy shares, stock brokers are more common in the United States than in ours. It can be classified as specialized, but there are many nuances in it.
It's funny, but in the last screenshot, I finally merged the most recent (Saving) account (not completely, of course). Before Invest, he did not have time to reach, KX fired up after a certain amount left. Some investment offices allow you to link non-core accounts to yourself, so you transfer money from the bank (for example, you cannot drain such an account, you link to an office where there is a possibility of transferring funds to other, external (External) accounts).
FAQ:
A : Do we not touch non-core accounts at all?
B: Not really. These accounts can also be drained. I will give a standard example from my practice. There is such a thing called logs - the KX stillac is loaded into the PC and from there all the logins, passwords, cookies get to you. And there are people who work out these logs.
Let's say they know how to merge PP (what can be done there - clicked on Cookie, clicked Send and got a benefit). It means that such a "drainer" enters the PP and sees $ 100-200 there. And drains. Thus, killing the log (KX notices and changes passwords). And there was also a BA in the log, for 100 thousand dollars.
What I mean by this. If you do not touch and avoid difficulties, less profit is obtained. So it is worth considering EVERYTHING directly, this is 100%, especially the first 4-5 months. Let's talk about methods again. To start, of course, the simplest accounts are Checking and Saving.
KH may have many accounts. From one to 100, for example. For each account, KX can assign a pseudonym or give it a name. In addition to accounts from another bank, card accounts are usually attached to the BA - there it is written about them.
For example, QIWI will do. QIWI has an account, and you can attach a card to it, QIWI is a BA with attached cards. And there is also the opposite situation, when there is Internet access to the card, where you can watch transactions, but nothing can be done with it. This is not a BA, this is a card account that no one needs. It does not reach Enroll, since there is no complete data about it (details), CVV and Exp. Date is not, it is important to understand this difference. Enroll you discussed above, I think you understand what the speech is about.
Okay, let's digress a little and see together what we have on this BA.
Money Market is a cash register account, i.e. a corporate account, it belongs to a company. If you noticed, then there is a credit card - business. Says that the account is corporate. These are accounts within one BA. Different people. Company employees, yes. Money Market, logically, is an account with a constant flow of funds.
Accordingly, it will not be something shameful to drain from it either, it is regularly done by the KH themselves, sometimes they will not even notice. I am a business owner. I can transfer money to James, Mercy, Louise and a bunch of KX, but I can transfer to "AeroSleep", we buy some products from this account (this is an example, in fact I am not the owner of the account). Well, it can be classified as a specialized Money Market, but it also has its own specifics when working. Don't be afraid to touch your Money Market account, my advice to you.
Okay, let's move on to the props.
Details - this is information on which you can transfer money to the account, i.e. account data for replenishment, in short, or for withdrawal, you can also issue an invoice for payment, in general, this is information about the account that allows you to make transactions with it. The most important requisite for a BA is its owner. Therefore, we need to know the name and surname of the owner. And if we talk about Russia - yes, the corr. account, bic, etc.
And in the USA the main requisites are 7.
1. The name of KH.
2. Address from real mail (not email).
3. Phone.
4. Email.
5. Card number (if any).
6. Routing Number.
7. Accounting number.
From p. 1 - p. 5 is clear, I think. 6 and 7 consider. Routing - a unique number of a bank branch, issued to a bank branch. Well, you know, Sberbank offices are everywhere, for example, each of them has its own unique code. So it is in the United States. But there is a difference from Russia - in the United States, each branch receives its own license for each type of operation. For direct deposits there may be one Routing number, for electronic ones - another. What does this mean - you may have heard about checks in the USA, and checks are sent to the same address, to one Routing Number, and when you want to tie your BA to something or something, Routing is already different.
Accounting is the account number, as you might guess. A separate account number is issued for each account. Consists, as a rule, of 9-12 digits. The accounting number is assigned by the bank when opening an account. How it happens in the bank, let's see it clearly, otherwise dry narration without images does not promise the assimilation of knowledge.
We are entering BA:
We look and notice this:
See two Routing numbers? One for direct and one for electronic. Each license (each Routing) in the USA costs 120k - 170k. And it makes no sense to open a license for Wire transfers in a distant city with a population of 1000 people. And to assign a separate Routing for this, spend money. They simply use the license of a neighboring large settlement. And the commission for this service will go to the profit of the neighboring city.
Ok, let's move on. Well, you know, there is in short now a whole profession of cyber-guards, they are called like carders. I heard something about them, they say they are quite morose. And banks are fighting with them like. And banks think that by changing the appearance and code of the BA authorization page, they will secure their customers and make the bank cooler. In fact, they seem to be right, because there are Brutes, and Brute is written largely based on the page code. Well, we can’t see the BA details if we don’t go there. I speak for Brute, not for logs. We will not always be able to enter the BA. For this we need an extract. It is called Statement. It is sent by KX monthly to the mail, and is also available from your personal account online at any time. Where to look for and watch it - in almost all BAs you can find a special tab, for example:
Open this tab and download Statement. I usually download. I also advise you to do this, it comes in handy in the work (further), for example - you will be required to draw, you can do it yourself in a couple of clicks. I will write about rendering separately. You yourself will be able to do it without resorting to drawing help.
KX usually do not receive Statement in the mail, and monthly a reminder comes from the bank with a link to these statements. And some KX put a bolt, imagine, you constantly receive spam from the bank, this is not cool, and you become indifferent after a while. My advice is to look at the date of the last Statement, and build your work based on it. It is much better to wait for the day when KX has a statement in the mail that does not contain your fraudulent transactions. This increases the chances of success. KX also receive statements in paper form by mail (USPS). There, the discharge takes several days and there is room for maneuver. Can I turn off statements? Not. You can choose between online statements or paper statements.
FAQ:
A: How long does it usually take to work with BA?
B: There are methods that allow you to get funds on hand in 30 minutes. There are methods that take 7-10 business days. Profit levels and required skills vary.
In addition to statements in the BA, there are also so-called alerts (Alerts). A terrible thing, in fact. These are notifications that are sent by mail or SMS to KX in case of certain events. Example - writing off more than 1k $. Money transfer. Login to your account. Now think for yourself, are people who are involved in PP - smart people? Those who buy Brute accounts, attach them to the BA, and press the deposit. Especially public banks, such as Chase, where several alerts are already connected to almost every account. This is for you to ask why the PP is dying. No, not because it doesn't.
Well, in our work, Alerts are also not a very pleasant phenomenon, but we can influence them at least. There is a special tab in the bank with these warnings, and opposite each line there are 3 CheckBox'a with a choice where to send the warning. SMS, mail or nowhere.
Okay, look. If we choose nowhere, a notification may come about the disabling of warnings. In addition, the bank is beginning to suspect something. Some guy flew in from a
new IP address, from a new machine and turned off the warnings. KH doesn't behave like that.
You can put it in the mail so as not to provoke AntiFraud too much and start spamming it. Ideally, you change mail and spam old mail. But changing mail is still a Fraud for a bank. The most subtle action is to send SMS warnings. When you change the phone number, the notification does not go anywhere, if everything is done correctly. Advice. Don't delete KX's phone number, guys. This is also very noticeable for AntiFraud. Many banks can add a second (Secondary) number. That is, YOUR. And redirect notifications there. You can use Google Voice, TextNow. Not all banks eat VOIP. And they have been twisting them quite strongly lately, they do not eat cans. Therefore, there are services for receiving SMS from the bank and for $ 2 they will lick you.
After you put the second number, keep track of your account for a day. Don't make it the main one right away. We stayed for a day - we put our number as the main one (Primary). The KX number can be deleted now. If you have access to mail, we run to the mail, look there, what is how. Maybe the bank will send a letter to the post office. That the number has been changed. Or, some banks have an internal messaging system that says about changing the number. All these points need to be taken into account, read and deleted. Otherwise, KX will notice. Not even that. The chances of failure are increased.
After changing the number, I recommend to wait some more time. 1-2 business days. Why wait? The fact is that you have it displayed that the number has been changed. But in fact, this is not the case on the bank's server. It takes time to consolidate the information. Departing a little from the topic - the address of the KX changes 5-7 working days by the bank. And you see the new address after changing it IMMEDIATELY. And you do not suspect that it has not been changed yet. When I say address in this context, I mean the address of residence. Weekends and holidays in the United States do not count as banking days. Therefore, we bypass them when working. These days you can do whatever you want - look for offices, register accounts for yourself, deal with hangs. But do not work with KX accounts.
Now about the withdrawal method, we will consider the main methods further. But now it is worth mentioning this - based on the history of transactions, we need to look at the amounts that KX operates, where he spends this money, how, we need to adapt as much as possible to KX's behavior in order to increase the chances of success. Think for yourself how the bank reacts if a person flies in from a new system, with a new IP, removes all notifications, fixes his account and drains the entire balance. The golden rule of working with BA: The first transaction can never exceed 30% of the account balance. It is also worth remembering that after entering the BA, in any case, when a new working day arrives, a notification will pop up that you were logged in from such an IP and such a computer yesterday. It is necessary to catch this notification. Sometimes it comes to the post office, sometimes it doesn't. Depends on the bank.
Banks work according to UTC -5 (in winter -6). Enrollment of transactions: 4-30 am, update - 12-00 pm, additional crediting - 16-00. New working day - 00-00. It also depends on the bank, but I gave you approximate data, which are the same for most. There is a bank that likes to charge at 8 am. So here you can and should watch individually too. And yes, nevertheless, closing the topic of alerts. You understand that we need to catch at least Fraud-points. Therefore, any change of number / mail / addresses is undesirable. Ideally, when KX has notifications turned off by default.
A: What about the BA IP address? What criteria are required when choosing from experience?
(Open ports, blacklists, FraudScore). What about setting up the system, can I use Linken Sphere?
B: IP - I work with vip72.org or 911.gg. The 911 is cleaner, but it used to be better. vip72.org = poorest quality on the market. However, I have enough. Criteria - check for blacklists. FraudScore is not checked. Ports are not either. 100% Whoer and no blacklisting - and more. By setting up the system - I use Portable FF copies for each bank. I have a separate working American machine with English Windows and DoubleOpenVPN forwarding. By LS (Linken Sphere) - I use free LS to work with logs. I don’t take a paid one. If you want better cross-country ability - take DS from Google and there SOCKS cling to the state from 911. And replace Portable FF with Portable Chrome. I usually select SOCKS in vip72.org for the city.
Yes, on vip72.org my SOCKS live surprisingly long, everyone complains, but I'm comfortable. There is a SOCKS who has been living for 8 months already. I created BA self-register for myself in August. And since then I go there from one SOCKS'a with vip72.org. Yes, it crashes sometimes. There is no SOCKS in the network, then I take another. Thus, I have a list of SOCKS from which I enter the BA. It's about self-registration.
If we are talking about logging into Brute-accounts or logs - here under ZIP. All inclusive, WebRTC clings from Proxy. If anything, then I do not prescribe using WebRTC, I just have a parameter in FF: about: config. In the search for the FF config, we drive in Proxy and look at all the parameters. For example ice.proxy_only. In general, any work begins with customization. I would recommend starting by looking for the description of the variables in the setting of this config. You will not need any Linken Sphere if you configure everything correctly. Yes, it is difficult, long, tedious. Therefore, no one tunes, and if they do, they do not speak. This parameter is enough for me. Turn off WebRTC too, like a red rag sometimes works.
Depends on the bank yet. But if we are talking about registering an account in banks, then it is better not to provoke once again and not to play luck, and so much time is spent on breaking through.
It is best to find out what changes, how each parameter affects, and then choose the best one for yourself. The system is best configured by those who drive the CC. But this is enough for us. I'll tell you right away. The mechanics of working with card inserts and with BA are different. System settings too. There is no more profitable BA theme in C. But many surrender on it, as it is difficult.
It's easier for many to poke one button and everything will always be fine. And here you need to think, look.
I also want to say that it is worth working more on logs, but if there is no money, then take Brute and work with him. Brute's start-up capital will help fill, as will the big shots. Logs start at $ 10 / piece. Or you negotiate for% with people, but this is not enough now.
A: You said that taking a PP, linking BA and making a deposit is not a very smart idea, but then what to do?
B: Specifically, with the PP, I do not consider the work to be highly intellectual. It is built on the usual, repeating simple patterns. Well, think for yourself, if there is a BA with alerts, a person buys a pack of BAs, and he cannot influence these alerts.
Binds BA, makes a deposit. Out of 10 PP accounts, one survives. It is best to work with BA. Search for new methods, offices. PP is usually suitable for those who start the path in C. But in BA, you can potentially do many times more. PP is ONE of hundreds of offices in the USA. Offices that allow you to work with BA.
A: The fact that it is potentially possible to do much more in BA is also understandable, but there is another question, how then to whitewash these funds in Russia so as not to sit down.
B: I am actively studying it. Usually cards for other people's scans help. Find Talkbank, it's good that there is no Branch and cards are sent by mail to Russia. There you can drive funds to scans. You can drive money into BTC - QIWI and Yandex are not controlled by the Federal Tax Service. There are also offshore companies that allow you to keep money without special attention. You can withdraw up to 600 thousand rubles to the card, but you can forget about Sberbank. Talkbank to a dummy, or Tinkoff Bank to yourself.
A: Where to get material - logs, VNC, Brute accounts, and so on?
B: For work, the main ones are refaund.biz and wwh. Almost all sellers of any goods and services can be found on them.
Ways of bays in BA. Lesson 23.
An important topic - the ways of bays - this is what the work in the BA direction is based on. In total, there are 6 standard methods:
1) Bill Pay
2) ACH
3) Wire Transfer
4) International Wire
5) Internal payment system of the bank
6) External payment systems Bill Pay (1).
Bill - translated from English - account. Pay - pay. Pay the bill. Bill Pay is a system of electronic invoices (checks). Not all BAs have such a function. It all looks something like this:
In the screenshot, we can see how I tried to research this direction by opening Bill Pay with manual input of all data. BillPay is usually needed to pay bills of any kind for various service providers. For electricity, water, internet and so on. For our activities, you can use this chip in the following way - add your service provider (This can be either a company or an individual). For example, I want to please a certain Mr. James, and put him on the list of suppliers. And I pay. In terms of time, he will receive money from one hour to three working days. In principle, this method is quite convenient, but there are nuances, I am talking about them.
The fact is that when forming a payout check, the bank also sends a paper check to the address of the KH (where he lives). Usually such letters take 2-3 days. And KH can notice that something is wrong. From my experience, I will say that Bill Pay is a very promising direction. There is no need to wait for verification payments (MiniDeposit), AntiFraud is completely loyal to it, but remember the 30% rule. And not all organizations can be paid through Bill Pay.
Something like this looks like a search for a service provider to whom Bill Pay goes electronically. This is when we do not enter it manually. As a rule, when entering data manually, there is a paper check. And if the supplier is on a special list with the bank, then there is an opportunity to receive money on the same day. The service provider can also be a bank in theory. Just don't mess with the data if you do this, since the cancellation of the check takes another 3 days. Burnt myself once already. Better to call your service provider and find out.
Okay, and now I will tell you quite private information for some. Maybe they saw ads on the forums, allegedly pouring credit cards across the United States. At the same time, the person does not fill in the debit. The bottom line is that many credit cards in the US are paid like a bill. And this payment takes place exactly as a service provider. To put it very roughly, these people work like this - they take a log, post an announcement about the gulf on the forum, fill in credit cards, then KH wakes up (in any case, always), the maximum amount of time for the cancellation process is four working days. As if you already understand the essence of such an announcement, be smart about such proposals.
The next way is ACH (2).
ACH is the US Reserve Bank's Automatic Credit System designed to speed up and simplify automatic payments based on prior agreement or appointment. ACH time runs from 1 to 4 business days. As you remember from the PP lessons, an account is tied to it and a deposit / purchase is made. So, it is
done with the help of ACH. Any office where there is a BA link can act in the place of the PC. Be it Venmo, any investment office. You can also link the account of one bank to another, send funds using ACH.
How it looks in practice:
An account is added, usually by account and Routing numbers (AN / RN). There are some nuances here. For example, you won't write your account and Routing numbers out of thin air, and your account will not be immediately linked to the BA. For this, an account check has been invented. 2 mini-deposits (MiniDeposit) are sent to be credited to the linked account. They go 1-3 business days. You "catch" them (See) on the linked account, enter them into special windows for entering mini-deposits on the main account, and you have a linked account. So, in the screenshot, the "Verify" button.
In this way, you can knit cans on different KHs. Let's say you have an account with Vasya Pupkin, you link another person's account for verification payments and you can make transactions between them, while the bank will not swear. In fact, this is prohibited. That is, all accounts must belong to you as KX. Tying an account to another person is prohibited.
The second point - according to ACH there is a garter instantly. Instantly - this is when you enter your username-password and answer a secret question. And the account is attached instantly. This option is good, but it requires matching the name of the KX. Since there is an integration through third-party services (via API). That is, Vasya will no longer attach Petya's account. When we have attached an account by any of the methods (verification payments or instantly), you can make transactions with it. You can send money TO him, you can send money From him. And when you send money from it, it is called reverse ACH. When you send to it, it is a direct ACH.
Tricky question. You have attached the Brute BA to the PP and clicked Add Money. Will it be a forward ACH or a reverse ACH?
That's right, it's the opposite. Reverse ACH is when we are not in the BA, but request the funds that are on it. Accordingly, now the question. And why do you, dear ones, suffer with the PP and its problems, when you can simply create a BA, attach any BA in the same way and make a deposit? Not otherwise than masochism. Well, okay, it's not for me to judge. Now just think about the variety of offices only for the method of draining by ASN, and in a conventional BA there are at least 3 of these methods.
Okay, let's define the timing. Verification payments take 1-3 days, in practice 1-2 days. Funds are spent in the standard 3 days. It happens that the delay is extended by a day. Total: 4-5 banking days to transfer funds. Do not forget about the golden rules - no more than 30% on the first transaction (Ideally, 10-25%). And do not drain everything from the account. Otherwise, the transaction may be blocked and KX may be invited to the bank. There are banks that don't care. Trial and
error helps to identify them.
Okay, third way. Wire Transfer (3).
Wire is a regular money transfer. Now there are many problems with him, he is not in all banks. If you want to merge Brute / logs - be sure to see if there have been transactions of this type before. Now standard Wire cannot do without a call. In the worst case, they will be asked to come to the bank. I would not recommend working with him, because experience is needed. You need to do everything perfectly (And change the number, and guess the time, and the amount). Also, the transaction must be in an account with the same last name as KX. That is, you need to open an account for it in another bank. However, this type of transfer is very fast. They arrive there in 10 minutes. For reference, many US crypto exchanges only use Wire.
Do you want to pour a couple of tens of thousands on your Sberbank card? This is possible thanks to another type of transfer - International Wire Transfer(four). The same Wire, only international, with some differences. The last name of KX should not coincide with the last name of the recipient, and Wire takes a very long time. It takes a long time due to the fact that a bunch of corr. Accounts. Those who have Tinkoff Bank saw that they can accept money in USD and a correspondent bank - Tinkoff Bank - Chase.
So, International Wire goes from the USA to Tinkoff Bank 10 working days. This, on average, depends on the bank yet. On the pluses of this method and about the bottle. A long transaction - that is, more than one correspondent account always - KX can not always recall it, can you imagine if the cancellation process begins, how long it takes to pay, how many correspondent accounts it overcomes, until it comes - you will hang out with your friends somewhere. Therefore, under International Wire, material is often taken on behalf of dummies. Quickly poured, cashed and thrown away. Well, as fast as the correspondent banks allow.
Let's touch on Canada too. So, in it in banks this type of transfer is more common. The guys take the logs and stupidly pour themselves a Sberbank card. The plus is that it goes from Canada faster than from the USA. If we are talking about the CIS bays, then we need to ask the bank if we can accept payments from abroad.
So, let's move on. Internal payment systems of banks (5).
There are many banks in the USA, some of them have them.
Everywhere is called differently: SurePay, P2P, PopMoney, Zelle, Send Money (Movo). In Canada, it's Interac. Whatever you call these payment systems, they all have the same essence - to transfer money. How everything happens - start the money transfer, indicate the recipient's data (Nothing complicated - in some cases, an e-mail or phone number is enough). In the case of Movo, money is sent by e-mail and instantly goes to the account, which is tied to the mail to which it was transferred. In other payment systems, the mechanism is similar, they are created for quick and hassle-free sending of funds, the maximum that I have seen is a call request. Therefore, many are so
desperately looking for Zelle-acceptors. Headaches are minimal and profits are quick. So, for internal payment systems, that's all.
And finallyexternal payment systems (6).
About them was already a little higher (in the story about ACH). Working with them is quite simple. We take Full Info, register an account on it (in an external payment system), link the KX account (by verification payments or by login-password / instantly).
We linked the account, added the payment system. And they sent it. There are two options for these external payment systems. The first is when several BAs can be linked to one account of the payment system. For example - the account of KX (which you pour in) and your account (or the account of a figurehead) - to which you pour. Nothing complicated. We funded the account of the payment system with Brute and filled it up for ourselves (a dummy).
The second option is when several BAs cannot be linked to one payment system. Then they usually create a second account in the payment system and send to it, then merge from the second account to our BA. Done.
Examples of external payment systems: PayPal, Venmo, Western Union, TransferWise, TransFast. There are really a lot of them. Each of them has its own nuances. But remember - they are all made for people. It makes no sense for them to overwhelm customers. PP is a rather "good" payment system, where you can insert the left Full Info (From one KX), BA - from another. In most payment systems, this is not the case, there you have to strictly break through Full Info under the KX BA. Payment system account on KX Brute BA. And the drain account (Where will we fill in the funds later) is also on the KX Brute BA.
FAQ:
A: Which is the easiest way?
B: ACH.
A: Drain account on KX, does it mean an account in this payment system? Can there be two accounts in the system for one KX? And the second thing. How can you justify the choice of PP, and not BA for the ACH garter? Do we just make a self-registration of BA and make a deposit there from another BA?
B: No, not in the system. For one person, you can open accounts in different banks, that's what I'm talking about. Let's say in one investment office you can attach only one account to one account. We deposit funds from the KX account, then open an account in another bank, write to the technical support of the investment office and ask us to change our account for withdrawal. They change, withdraw money, and you're done.
The choice is due to the fact that she is actively promoting. Like the Iphone. This summer, people ran into the BCP, and she had already died a couple of times.
A: First, why on the very first screenshot, when we talked about BillPay, there is a lock on the Wire Transfer tab. Second, why could the delays be extended by a day in the case of ACH? Third, on International Wire, what is the order of the numbers? Also not more than 30%?
B: The first is a feature of the bank, this type of transfers is not open on this particular account. Second, there are some delays, for example. The third is true.
A: Does the investment office have unnecessary questions for such actions?
B: Appears. Therefore, by trial and error, you have to find them, test them, select your own, find patterns.
A: And what are the rules of behavior with BA self-registers? Or are they the same? We make a deposit, did not give, we monitor it for three days, we will awaken to make a deposit.
B: BA self-regulation cannot but give, there is no such thing. He always gives. But they can be blocked if you chose a bad bank or took a large amount.
A: That is, there is no particular point in working with PP, if you can do the same only with BA?
B: It makes sense if you want to make money quickly and without the headache of finding banks.
A: BAs themselves do not have such a concept of instant payment as in payment systems, right? That is, you can only make a deposit from account to account.
B: Right, the payment from BA does not happen instantly. It is possible to instantly transfer from BA to BA only via the internal payment system. Or via Zelle, an interbank transfer in 30 minutes is possible in some cases. It depends on what to take. In your case, it makes sense to study diversity, identify patterns, explore. And from these patterns, select the banks that are suitable for work.
A: At the expense of searching for banks. That is, bank X allows you to make a deposit to bank Y without problems and bans. But does bank B give a deposit to bank C with a ban and a harsh punishment from the support service and headaches? That is, these are pairs of banks that are working.
B: If you want to create accounts and are looking for a bank, this is one thing. If for Brute it is different. All cans X, Y, B, C in this example give without a headache, but AntiFraud is configured differently for everyone. Each of them will give, and upon the arrival of funds, there may be a block / draw / call, it also depends on the volume and different parameters.
And yes, frankly, it makes sense to consider any bank. There are no banks that do not give. These are banks.
A: Well, then what else can the AntiFraud bank do?
B: Everything comes in. Mass of parameters. From IP, Full Info, answers to secret questions during registration, choosing account settings. And before your actions in the personal account of the bank.
A: Is there a blocking that cannot be removed by a call, drawing or complaints to technical support? That it remains only to go to them personally.
B: Yes, it happens. And there are still some banks that always send to their branches. An example is PNC.
Okay, next. What is a check for an American? Not a check from a store, but in the understanding of banks. See, a check cannot be directly "exchanged for money." First, the money goes to the BA account. That is, it is paper backed up by numbers. Not just lettering paper. Remember the movie where DiCaprio played? He forged checks there. The film is called “Catch Me If You Can”. So, in that film, the check (Paper) was exchanged for money. In Russia, salaries come at stake, right? A paper check with the amount of the salary comes to the USA, then KX stomps into the bank and cashes the check. KX puts his signature on the check in the bank, then the bank employee verifies the authenticity and verifies the data. To prevent the bank from being cheated, as in the film. The check is first credited to the bank account, then the bank issues the money. The person who wrote the check does not give you money directly. Do you understand? I.e, money passes through computers, through accounts, through banks. Not paper money.
What is the point for us? There is such a thing called eCheck. This is an electronic check. A very cool thing that allows you to get money on your BA in a day, or even less.
Echeck is not available in all banks. Sending eCheck is easy. Write the account and Routing numbers (ANRN) where you want to transfer funds. A day passes, the money is already on the
balance. Done. It is difficult to find a good full-fledged bank with eCheck and it will be expensive. It is in terms of searches. Movo has eCheck, but it is not a bank, but an application. That is, Movo is not a full-fledged bank. It does not have many of the functions of an ordinary bank that we need and are important. For example, you cannot attach a BA to ACH there for a deposit. Or, for example, you cannot accept money on Movo if the name of the KX is different.
Ok, now you have a question. Where to withdraw and how to get money in Russia? There are two ways. First, you can transfer funds from the USA to Russia or from the USA to BTC. Everything is very clear here, I think. For USA-Russia transfers, there are different offices, for example, Western Union. BTC allows you to transfer crypto exchanges.
Second, you find a person like me who provides you with dummies for a certain percentage, or his accounts where you can deposit money and get an equivalent in BTC / QIWI / RUB. For a start, I recommend the second method. As you roll into the topic, you will come to the first one. The percentage is different for different cashiers, see wwh. And the conditions are different. So, for example, cash out of PPs from logs can be found for 50%. And now some comrades take clean money on Movo for 75%. If you know how to make accounts in the USA, it will not be a problem for you to pour on Movo yourself and get the most delicious interest. Yes, a little longer, but less losses.
Advice. Do not make my mistake and do not go straight to the search for ways to transfer money to Russia on your own. In the first stages, always choose someone else's cashing.
The rest will come with experience.
A: Is Movo an internal payment system?
B: Yes, but not entirely true. With Movo, you can make a payment using the Send Money button. From Movo to Movo. And on Movo itself, you can fill in by account and Routing numbers. From outside. From any BA. Or with PP. With Venmo. Anything that allows you to knit it. But you cannot attach a BA. That is, bays will be with verification payments (MiniDeposit).
A: Are we interested in AntiFraud of both sides? And the donor bank and the receiving bank? That is, the services of the sending BA may be to blame for blocking money on our self-register of another bank?
B: Of course. On the other hand, if we work with Brute, then we can hardly influence AntiFraud. Everything is correct.
And why? Is it dangerous to log in without logs?
B: The secret question comes out usually. It's pretty dangerous without cookies.
A: I saw BA data sold in the store and there is still a secret question for them, can they be taken? B: You can take everything. There is no superfluous material. Another question is that there is no access to mail there, this is a problem.
A: Why take Brute and not logs? Cheaper is clear, but you can play around with the logs with alerts, and the requirements for cleanliness are the same, that is, logs will give stupidly better on average than Brute.
B: Take logs if there is money, since they are more expensive. But the benefit is greater. Brute, in my opinion, is suitable for beginners, or for those who do not work with BA directly - those who work on PP. For BA workers, logs are more comfortable.
Here is a little about checks, this is how a typical check in the USA looks like:
My personal check for $ 2000 was recently credited to BA. About cashing out and your job. I will also say a few words. And so, maybe in the course of mental activity, some of you have come to this. And why not open an account with the United States Farm, send a card to Russia and then withdraw money from an ATM? Usually, to withdraw money in Russia from American cards, you need a so-called Travel Notice. This is when you tell the bank that you will be in another place, in another country for a while. In this way, some cash out their funds. The disadvantage of this method is that the card usually has a withdrawal limit. For example, $ 400-500 per day. Can be expanded, each bank and card is different. But there are some special cards in offshore zones. They allow you to accept money for yourself and withdraw it to your personal accounts in the CIS or to QIWI / YuMoney.
The advantage of this card specifically for you is that it has direct accounts in different banks around the world. That is, money is credited to you by account and Routing numbers (ANRN), and you withdraw them in rubles on the same day. Not otherwise than fiction. No Wire, no waiting time, none of that. Stupidly filled in and removed. But there is a catch, where without it. Not suitable for large operations. They can freeze funds. You need to look for the limit on the site, from $ 1,500, $ 700 keeps at a time calmly. Therefore, I strongly recommend that you, as novice C-workers, get this card for a scan (or for a dummy).
A: Do we use Full Info for BA self-registers, or may we need scans there? In order not to draw later
B: Depends on the bank. There are banks where photos / scans are not needed.
Your task is to register payoneer.com for a passport scan (not yours). The card is sent by Russian post, if you live in the Russian Federation, you can specify a neighbor's mailbox and pick it up from there.
The second task is to take Full Info, register for Walmart Money Card in the USA. Walmart Money Card is a prepaid rechargeable card in the USA. It is great for bays. Lives for two weeks. When registering, keep all details, especially card number, Exp. Date and CVV. Basically, you are creating your first US map. Yes,
old-timers will now say that this is quite public information, so nonsense. Well, Walmart, while public, is still good for the bays. Payonner - misses small amounts perfectly. You can do your best. Payoneer USA will cost you a pretty penny, since the reception by a figurehead is $ 50 somewhere and the postage is the same. Payonner Russian - only scanned passport. The attitude towards Payoneer from the USA is more loyal.
Payoneer will come in handy for you to get out of a difficult financial situation if you have brains. And Walmart is a practice, besides, you can fill Walmart yourself. And then hand over to cashiers. Same as experience. And get the benefit. Some give up to 70% for it. Payoneer cannot be poured from banks, this is its disadvantage, only from offices. Russian Payoneer has not been attached to the PP before. How things are now - not in the know.
Walmart fights hard enough from banks, but everyone is busting its Routing number. Payoneer, on the other hand, you can shed from any investment office that supports linking by account and Routing numbers. In fact, having Payoneer, a found investment office and a Brute BA bag in stock, you will not remain beggars. Or it should be bad luck.
An example of an investment office: robinhood.com This is your third task - to consider this office. Read its rules, docs, FAQ, all the pitfalls.
The fourth task is to look at the Zelle website, the partner banks of this internal payment system.
And so, let's summarize. You need Payoneer to cash out investment offices like robinhood.com. WalmartMoneyCard is poured from banks, including from Zelle partner banks. Payoneer also has a lot of different chips. You can use it in any way, let's say attach to Amazon, accept payments on it. BA work is about research. If you work on BA, you really work, then it will 100% bear fruit, I guarantee you.
And yes, it is advisable not to move on to the next lesson until you have completed all the assignments, otherwise you will get lost further and not understand most of the material.
BA self-registers. Lesson 24.
For everyone I will once again designate abbreviations:
RN = Routing-number
AN = Account number
Well, earlier we have already touched on the topic of how to withdraw money a little with you. You created Movo and Walmart yourself. These are simple maps for the bays, not bank accounts. They have limited or missing functionality. At Walmart, you cannot do anything with funds until you receive and activate a physical card. In Movo you can send by ANRN or to another Movo by intrabank payment. But this is still not quite full functionality. That is, Movo is not even a bank. If anyone was looking for RN Movo, then it belongs to the Metropolitan Bank. Same as Walmart. Therefore, we will consider
full-fledged BA self-registers, their creation and nuances. Self-registration BA is a bank account created in the bank on Full Info.
How to do it? First, we find the bank in which we want to do our further actions. It can be found on Google or through various bank blogs. Also, there are lists and ratings of banks. Example: hustlermoneyblog.com
Let's say we have found the bank in which we want to create an account. We are looking for the opportunity to open an account online (Apply now). If the bank's website does not have such a button or section, then you can open an account only at a branch (not suitable for us). Don't confuse opening a bank account with Enroll, two different things. Enroll - you open (Open) the card on the bank's website, already issued by the CC. And Apply Now - opening an account. We need to prepare Full Info to open an account (It must include DOB + SSN + Master data). When you click on Apply Now in the bank, we get a form with filling in the data. We enter data from Full Info, everything seems to be fine. Moving on, some kind of game is demanded from us.
We go to punch BG.
BG = BG = Background report.
BG includes complete information about KH, history of addresses, jobs, names of neighbors, lovers, zodiac signs and more. Information on cars is also there. We return back to the bank, enter the information. Let's move on. We are asked - what was the name of your first wife? We make eyes for 5 rubles, because in BG this is not. We drink coffee and run to KH's Facebook. We find a wife, enter, everything worked out. The next question is what kind of car did you have in 2005 - color and brand? We run to punch the car. They struck. And during the time while we were punching the wheelbarrow, the time to answer the question expired. Therefore, we fill out all the forms anew.
Well, they answered all the questions about BG like. Let's move on. On the next page, we see such a question - did you take out a loan from PNC bank in 2008, what was the monthly payment? You are furious. They killed so many forces to break through cars and search for a wife. And here is such an ambush, bitch, but what kind of cans are so fucking. So, questions of a financial nature belong to the category of CI and are in the Kyrgyz Republic.
CI = Credit history. КР = Credit Report (CR).
That is, all the information about KH in financial terms, all banks in which there are or were accounts, all cards, Loans. For the umpteenth time we throw all our forms in the bank and run to punch CR. We go to fill out the application again. Ok, we filled it in. The next page opens. And it says there. Dear sir, did you know that you have already opened an account with our bank? Well, coffee won't help here already, you know. Let's roll the vodka. We study carefully CR. All open accounts in all US banks with this particular KX. Choose another bank that is not in KR. We fill in, we answer, now we are already congratulated on opening an account.
The next page opens. We are asked to make a small deposit to open an account. Where to get it from? With Brute or what? Well, the account will be blocked right there. To do this, you need a micro-deposit from someone so that you link a PrePaid card and from there pour money into your first account. Or buy a PrePaid card in CC stores, bind by AN / RN and pour from there. The amount of the first deposit is different for all banks. Sometimes $ 1, sometimes 10, there are 100 and 1000, it also depends on the type of account. There are all sorts of Premier checking in which the
start amounts are higher, but the limits are also higher. There is a bank where the starting deposit is $ 50k.
Okay, back to the topic. We chose a PrePaid card for the first bay, entered its account and Routing numbers. Click to top up. And then there is a sign on the whole screen - "We do not accept payments from PrePaid cards". That's all. Let's go to the factory, guys.
Okay, let's go to the factory. On the way to the factory, we think, what if I need to buy a BA and replenish this self-registration via ASN by AN / RN? What if it works out? Bought, replenished. A joyful "Money will come in 3 days" creeps out. Is the plant canceled?
We arrive the next day, since the ASN does not go right away and all that. But write-off on ASN usually occurs the next day. So that's it. We see this picture - the funds were debited from the BA that you attached, but a person called us here and complained, so here's a blockage and don't come back. It is possible to go to the factory, but we spit on the monitor and buy a new BA, already more expensive and of better quality, if earlier we took some Chase with a balance of $ 1000, now we take SunTrust with a balance of $ 5000.
Making a new BA self-register. We fill in, again we break through BG (new KX), CR, we are looking for a car with my wife. We answer all questions. Choosing, replenishing. We are waiting for 2 days, on the third day the money comes with a letter in the mail. We open the letter. The following is written there - "Dear sir. We called, but you did not pick up the phone, so the account is temporarily blocked, call in the next 3 days yourself."
Okay, looking for a call. He calls, it seems to be relieved, we have defrosted the BA. A few days later, we are credited with our initial BA deposit (it is also small, the smallest, from a dollar to a hundred). We enter the LC of our BA. Just think - we created BA. He is OUR. You walked around inside your account, clicked different chips, looked at the functionality. We need loot, for sure! We remember how much time and effort was spent on this whole thing. Well, what is there to be trifle with? Let's fill in 2k at once!
Hurray, the money was debited from Brute, they will come in 3 days. After 3 days we are trying to enter the LC. Oh, something's not included. Damn, the call must be given. We gave the call, we smoke nervously. Call verdict - blocking due to fraud. Since the amount is too large, a new account, and you are making a deposit of $ 2000. Therefore, we closed the BA for you, returned the money back, good luck. We start over again, taking the third Full Info. BG, CR, wife, car, questions, banks. We call, replenish. Now we are smarter. We make a deposit not for $ 2000, but for $ 600-800. We're tired of eating instant noodles. Let's fill in less, but at least earn something.
Okay, it's been 3 days. We enter the BA. We see $ 600 on the balance sheet. Super. You can be proud of yourself. This is a very short story about how the work with BA self-righteous happens.
FAQ:
A: Why do we need to fill in correct information when registering a BA? How is this generally justified?
B: By checking the data bank about KH. The bank will not open an account if the information does not match what they have.
A: N26, MisterTango are suitable for self-registers, or are they not considered full-fledged banks?
B: Not considered full-fledged banks.
A: Why didn't Chase suit us, but SunTrust gave everything? Was the difference in the example only in the balance sheet, or does SunTrust somehow compare favorably?
B: Chase used to be good, but they started buffing AntiFraud when they started killing him really hard.
A: What is AN / RN binding? And where does CR make its way?
B: Linking by AN / RN = Account and Routing numbers, accounts are linked either instantly or by entering these 2 variables, they were already mentioned above.
A: So not all banks accept PrePaid cards? That is, you need to look for the same one, or what?
B: Not all banks accept PrePaid cards, right. You can and should look for different banks, there are even banks without an initial deposit.
A: And how does the work with the same Walmart, Movo and BA self-register, Brute work?
B: From Walmart to Movo, you cannot upload. Rather, Movo and then Walmart. But Movo is taken at a higher%, so it is more profitable to pour on it. On the other hand, Movo has its own nuances, you won't replenish your bank account with it, but with Walmart it's easy. You can use Walmart for a deposit, but not all banks eat this RN.
You cannot pour on Movo with Brute. We attach Brute to the BA self-register, from the self-register to Movo - we cash out.
A: What is the 12 hours rule?
B: Departures that are sent by ASN before 12 noon (-5, in winter -6) - go on the same day. Departures sent by ASN after 12 noon start their journey only the next.
I advise you to make banks that allow you to make the first deposit when you open an account. A deposit can be made not only with BA (By AN and RN), but also with CC in some cases. With CC, I think it's clear here, but the first replenishment of the bank with BA goes in the overwhelming majority of cases with the help of ASN. As we remember from the last lecture, we need to catch verification payments (1-2 days) and crediting takes another 3-4 days. Total - a week. The question is what day of the week is it best for us to work? That's right, Monday. On Friday, you will definitely get an answer, either the bank overturns you, or yes. And on Monday, if you're lucky, even on Thursday, and you manage to drain your money somewhere else (Friday).
We have considered linking verification payments. Now many banks use offices via API, these offices allow you to bypass verification with verification payments, since it takes a long time, these offices knit BA for a deposit by login and password.
Sample API - Plaid, Yodlee. In fact, the same technology as when you bind the BA to the PP instantly. However, PP is PP, and here we have BA. And there are moments. By law in the United States, you can replenish your BA only from your already opened account, which is registered to you, where are your full names. What does this mean - register a BA self-registration for the Brute-BA data punched by Full Info, bind the Brute-BA login and password, they immediately ask you for the amount of the deposit, wait 3 days and the money comes, it is faster. The full name must necessarily match when linking instantly. Otherwise, catch the lock. Remember. This is your case with Payoneer yesterday.
There are no drawbacks when pegging, breaking only (the cost itself), SSN + DOB for punchers is $ 4-6. Advice - the full name should be the same, but the person may be different. In some banks there is a reconciliation at the address, you need to feel it individually.
A: How to drain large amounts if we drain $ 600 each, and then a cancellation arrives and the account is blocked?
B: By swinging the BA, or opening the BA with increased limits (I mentioned this above). Or a special bank to look for under large bays.
A: That is, Full Info can be for a person with the same name as Brute-BA, but not necessarily his?
B: Right, but this does not work with all banks. I have listed APIs in the USA (Plaid, Yodlee and others), for each of them you need to read the documentation, what they compare and how.
For example, I found one API (Quovo) that verifies the name and address when binding by AN / RN, although this is complete nonsense.
Another trick - when the bank, even when linked by ANRN, sends you a payment to your self-registration, it also sends the full name of the recipient of the payment. In some banks - payees, if the full name of the KX and the name of the payee does not match, the payment is rejected. Consider this point too. Movo is at the moment also the same financial institution that declines a payment that is not in the name of KX.
Working with the bay of your self-registers is described as follows, if someone has not moved in:
Take your Full Info, punch BG and CR on it, take the left Brute-BA with the punched AN / RN, register the BA self-registration, answer the questions, enter, on the last page they ask you to enter the ANRN numbers of the external Brute-BA and the amount, enter, wait 3 days, we enter the BA self-register, enter 2 verification payments, go to the offices to break through the verification payments (PersonalCapital, Wave and others), see the verification payments, enter in the BA self-register. That's it, Brute-BA is verified, the money is on the account after a while.
BA log is processed differently than Brute-BA, do not confuse these things.
Well, we have money on our BA self-registration. Then you pour this money, let's say, on Movo or anywhere. It also fits according to ANRN, either at Walmart, or in investment offices, from investment offices in Movo or anywhere. The main thing is to have time to remove them from your BA self-register. If you have done BA self-registration at a bank that supports Zelle, then you are looking for someone who accepts Zelle. And he will pay you in BTC on the same day for the gulf.
A: Why can a cancellation arrive at self-registration, but not at Movo / Walmart?
B: On Movo it can too, but Movo in this chain is 3rd person. In the USA, there is a rule of 3 person without cancellations. The so-called "Rule of Three Hands".
Brute-BA (KX Means) - Self-Reg (Cancellation Means) - Anything (No cancellation).
And all this is legislative. It is logical that the money is debited from the person who receives it. But if at the same time he pays me for something, then why should I suffer because of him? In the United States, cancellation means sending funds back to the source of enrollment.
Brute-BA - Samoreg BA (1) - Samoreg BA (2). On the third bank (Samoreg BA (2)) there is already money in the chain without cancellation. It turns out that the BA self-register (1) is a gasket. I hope it is now clear why you need Movo and Walmart. Substitute them in place of the BA self-registration (2). And fill it in. And funds without cancellation already.
These VCC (Virtual Credit Card) are essentially your cards, you can use them to pay in your store, order food from the USA, pay for another bottle of beer in Russia using Apple or Google Play. If you know what to do without canceling VCC, then you can easily overtake money for yourself. We'll come back to VCC, they will be part of your assignment.
Can an account be blocked without cancellation? Can. For example, block on the issue of origin of funds or verification, or Full Info curve. They do not have the right to write off your money from an account where there is no cancellation, but blocking with questions is easy.
Next, let's summarize.
Replenishment of BA self-registration:
1) Replenishment with BA
a) By API, Full Info, Brute-BA = Full Info self-register BA.
b) Through verification payments.
2) Replenish the first deposit with CC.
3) Take loans for self-registration BA
Let's consider the second option - "Replenish the first deposit with CC". How it happens.
We select this item, enter the data, money comes instantly, sometimes there are delays of 2-3 days. Some banks still have the option to top up without matching Billing. And even with KH with a different name. There is a bank that allows you to top up from the CC of another country. Depends on the bank. But usually with CC it is replenished with data verification, that is, you have to punch Full Info under CC + SSN + DOB. And we do self-registration of BA on Full Info from CC. And we replenish it. But we don’t know the balance on the SS what to do? I'll tell you now.
In CR we have written data about open accounts and cards on KX. We figure out the balance and hit. CR is updated more than once in a lifetime, the actual amounts are written there (update once a month). For example, the use of credit and so on. And on the map, you can also find out information in CR. CR can also find out if Valid CC has been sold to you or not. It will say Closed if it is not Valid.
By sites. Breaking
through BG:
truthfinder.com