Professional Documents
Culture Documents
BUCK
BALLAD
FREDO
AKA
SAVAGAE
‘BUCK420’
TOPIC 8 – SQUARE
Square is another merchant, I like them mostly for their 2day pay-outs on the
first charge and instant pay-outs on a daily basis. Best Merchant to defraud if
you want to cashout fast.
Just like Stripe you will learn how to defraud them and setup instant transfers
and how to make your setups last at least 4 weeks.
So to login is one thing but cashing out is another, mainly with Logs
whose holders have put in security measures to prevent actors like us a
payday. Such measures like OTP for USA, Canada mostly TD Bank and
Questions with Answers for Canada Logs Primarily.
Are hard to beat, this method mainly relies on Swapping Sim Cards of the
log holders and Intercepting OTP’s. Swapping a Sim aint that easy if you
don’t have the Account Number and Pin. If you have those then this topic
is for you.
This Guide, is meant to teach you the basics of how to login to a bank account.
I’ve used it to log into Chase, Wells Fargo and some other Banks in the States
and some from Canada such as RBC, TD, CIBC and some other banks.
The Concept is one and if followed well you will gain access to a bank account
without triggering any fraud alerts. What this Guide won’t help you with is how
to avoid 2FA or OTP used by some banks and Log Holders to keep their funds
safe.
That Guide is for my Recruits.
If you want to bypass 2FA on banks you will either have to swap the Sim card
to one in your possession or listen in on the bank holder’s voice mails in order
to sniff the Codes.
With Sim Swapping the bank holder’s line, you will need for USA the Account
number and Pin of their Carrier such as Verizon, ATT or Sprint. There are some
other info you still need for a successful swap.
But that’s for another guide, and for fraudsters who want to clear out logs
without issues. Hit me up if you need info on this
Back to the Basics, I guess you read my previous guide about Card Not Present
Fraud, (CNP).
You have to get a Valid and Clean IP address for your operation to succeed.
IP, Basic logic here.
What Makes a High Quality IP?
The Proxy Score should be 0.
The Risk Score should be less than 5.
The ISP (Internet Service Provider) should be residential.
The IP’s location must be as close as possible to the home of the actual Bank
account holder
Distance of the IP selected can be checked by distancebetweencities.com.
This is what primarily matters with logs, so try get this part right.
I’m not that a huge fan of using Software’s to log in to bank accounts such as
Antidetect or Genesis etc.
Even though they work, ill focus primarily on using RDPS or your Carding
Station to login to accounts.
Most logs I’ve purchased come with Email Access and other information which
helps my login easier.
So if you follow on my path and use RDP or your Normal PC or Laptop
(Carding Station).
First Thing you have to do is clean your system of past operations using
CCleaner and Bleach bit they usually help get rid of items which would link you
to the past operation.
Run your VPN if you aint already. I suggest Mullvad VPN.
Since we aint using Software’s, install a fresh set of Mozilla Firefox browser.
We will have to install some add-ons to help us out on the job, if you using 911
or some other sockkv55 provider with their own tools to connect to sockv5 skip
this step.
Install foxy proxy add-on or any other add-on which will help you use sockv5
on the browser or you can still enter it manually if you want.
Next Step is to install a canvas randomizer extension on the browser, that’s why
software’s like Antidetect fraud fox or linken have an advantage over using this
method. It’s all automated
Last two extension you might want to install are webrtc spoofer or changer and
an extension capable of hiding your plugins even though not necessary. Plugin
Detector
I mostly install these as an OPSEC for my part but from past experiences with
the logs I haven’t been able to run into issues because of using them or not
using them.
So it’s up to you install them or leave em.
Next part is easy just insert the sockv5 after running CCleaner again then
choose your user agent windows 7 is my preference.
Go to whoer and confirm if your details much the log holders location. Items
like time zone and keyboard language also do matter. Confirm your details and
head over to the email you want to login or if you didn’t receive email access
just jump onto the bank account website and try login.
If things go well you should be on the dashboard, if you fucked up then they
probably asking for 2FA or OTP.
With Canada logs even after following this method some banks usually hit me
with Verification questions which aint hard if you got them in the first place.
But usually its always smooth sailing, if you got all necessary information from
your log provider.
CASHING OUT
This is usually another issue people face, most banks either send OTP some
even call or ask you to call them to approve the charge. It all depends with the
log and verification measures put by the holder to secure their funds.
With Sim Swapping their Line, you have a huge advantage and won’t be going
in blind, but guns blazing. You can call the bank transfer funds from saving to
checking approve declined wire transfers.
Receive 2FA Codes if there is no need to call the bank, so as I said huge
advantage.
It’s all about social engineering, the skills and effort you put in to cashout. I
never send funds to the same bank when cashing out just makes it easier for
them to reverse the transfer.
It’s all about your log provider and the details you have about the Bank
Account.
If you interested in Sim Swapping hit my line up you have to be in the USA
though, I can still hook you up with logs with Verification Questions and
answers if you from Canada though. That EMT Sauce hitting
There are other methods of how to gain access to a log, don’t forget about
mobile banking linken sphere, Antidetect and some other software’s.
Even using basic rdp and laptop guarantees some to gain access to bank
accounts.
- Self-explanatory shit here you will learn how to card and I also give small
insight how it works and Anti-Fraud systems meant to verify your
identity.
I will start from the basic level and take you to the next level. Which will give
you a basic understanding how this type of fraud works.
This Guide isn’t meant to spoon feed you, think and act from your own
understanding how to apply this on your day to day carding adventures.
If you got any questions feel free to drop a comment.
These two are most important the other steps depends on your OPSEC and what
you’re using to card.
Either Antidetect, Genesis, RDP or even your basic PC or Laptop.
With all these you will have to enter the Socksv5 details on your Machine
everybody knows the drill with the system you are using.
User agent I usually use Windows 7 for my setups and carding websites since
it’s the most widespread, I wouldn’t suggest iPhone user agents they’ve led to
most declines on my setups.
But you can fuck around with other agents such as windows 10 android user
agents such as Google pixel etc.
Also depends on the system you using so you know the drill either if you using
Genesis, Antidetect or RDP.
As I said any system works, I’ve used software’s such as Antidetect, genesis or
RDP even my own laptop and charges have been successfully passed either on
my setups and websites such as amazon apple and any other website out there.
Run your evaluation on a website and see how they work, especially read their
fraud rules etc. It will give you small insight on how sites work.
If you trying to card gift cards in this age, some website have limits on how
many you can buy and verification systems such as providing a valid phone
number so they can call you, provide documents such as cc scan, some even ask
for photos with you holding a specific note.
So do your evaluation on a site before hitting it.
TO ACTUALLY CARD.
Run your system either Antidetect, Genesis RDP or laptop.
Insert the Socks you bought
Change the user agent,
With software’s such as Antidetect you can change most of the items websites
see on you such as time zone, language used on keyboard, and some whole lot
of other shit.
Make sure you actually do match the credit card holder’s details, such as time
zone, language etc.
It all matters so as to make you look legit in the eyes of the merchant’s antifraud
software.
You can use whoer or any other site to confirm the details you have actually
match the credit card holder.
After that, if you did your evaluation on the site and everything matches out
perfect to the credit card holder.
Go to the website you are going to card.
Navigate like a normal person, sites have scripts to measure how long and how
you browse their website.
Read and compare items you want to purchase, like you would something you
do when it’s your actual money on the line.
Add some items to the cart and remove some till you reach your specified target
range on how much you willing to actually card.
Go through the site once again and finally checkout.
You will be brought to the checkout page, take your time but don’t take too
long.
Type each detail of the credit card holder’s information, from name, credit card
number to all the details you got.
Don’t Copy and paste just lead to an automatic decline, read and confirm every
detail you typed then hit that confirm button.
If you purchased a non vbv bin, no pop ups expected so no more work.
If everything goes as planned the order should go through.
CONCLUSION
This is what I use when purchasing stuff on my setups, if the card is dead and
you followed the instructions well, no blacklisted ips, good user agent, details
on credit card match.
The Charge goes through no problem, this is how I keep my rate of declines low
and my setups ranging to the 4th 5th week. Chargebacks always kill my setups.
This also applies to the websites you hit, I’ve done bigger jobs with some
serious merchants with this method.
If the Card is live why should it fail?
If you get hit with a decline, most probably you didn’t follow the instructions
well or you might have problems with bins with the specific site you using, but
as I said if it’s a non vbv card and its live charge will pass through.
Bins don’t matter I’ve learnt that from carding multiple merchants and websites.
If the actual card holder went to the site you trying to hit and places some order,
chances are it won’t get declined because of the bin they using.
RIP
This Guide is a Gold Mine for those who know how to use it, hence my
recruits having this knowledge at their first stage will help them catch up.
Fraud is wide, for those who have been in the game for a while, and there
are still lots of financial organisations to defraud. This is Just the tip of
the Joint, I still got some other Intel on other projects other from the ones
mentioned with bigger pay-outs.
If you aren’t from the 4 Countries Mentioned we can still work something
out, cause you can still work and cash out if you anywhere in the world.
There will be a $100 price, before you receive the Guide to keep Noobs
and lechers away.
My Contacts
Fredosavage – wickr
@buckballad – Telegram
Buck420@protonmail.com