Carding is a term used to describe an unauthorized use of a victim’s credit card , bank account, and other financial information. Other valuable data is considered PayPal , Uber and Netflix related information that can be used to defraud money. Once the hackerObtain the required information, try to use it to make illegal purchases or use carding forums, malicious sites or other distribution points to sell it. To withdraw money without the approval of the victim, these criminals make bank transfers or use other methods capable of helping them obtain property without making any payment. Each of these activities leads the victim to loss of money.


[ hide ]

  • 1 Origin
  • 2 Methods used by carders to steal sensitive information
  • 3 How to protect yourself
  • 4 Source


The term “carding” was introduced in the 1980s when people began to suffer the loss of information related to their credit cards. The first of the frauds is known to have been started with the help of insiders calling people to reveal details about their credit cards. In the 90s, hackers started using AOL Dial-up accounts that became useful tools to steal the necessary information. Once AOL added the notification “no AOL worker is going to ask you for your password or billing information in each of their messaging communications,” hackers stopped using this method. In 2000 , 150 Russian hackers from Odessa introduced CarderPlaner, which would soon become one of the most popular financial data websites. In several years, this site became the largest stolen credit card market, with more than 7000 members and over 1.7 million numbers of stolen cards. This gang managed to cause more than $ 4.3 million in losses and closed the site in 2004, after 28 arrests of its members. Russian-speaking forums still dominate over English-speaking forums. They are mainly used to sell confidential data, such as credit card details, bank details, authentications and similar information. To try to protect themselves, carders use only private messaging systems, encrypted emails and forums, proxy networks, private VPNs, and chat rooms. Today,bitcoins . However, hackers also rely on traditional cable services, such as Western Union and MoneyGram .

Methods used by carders to steal sensitive information

  • Malware: Malware that is mainly used for carding includes these categories: Trojans , rootkits , backdoors . Each of these viruses can be installed on the system without any permission, and then used to gain access to the system. These viruses can hide deep in the system and as long as they need to gather the required information and personal data. They can trick their victims by recording their keystrokes or taking screenshots of their desks while using the Internet. After gathering financial information and other sensitive data, they send it to remote servers. The last threat that appeared was the Backoff virus, which was configured to control PC users and steal credit card data.
  • Phishing: People involved in carding sometimes use phishing websites to trick users into receiving their financial information. These sites look like real authentication pages, as they are designed to take pictures of real pages and use URLs that are very similar to real ones. Victims also receive false emails similar to those of legitimate companies. They seek to have victims reveal their credit card numbers, expiration date and similar sensitive information.
  • Carding forums: If the carder does not want to use malware or simply does not know how to do it, he can use carding forums to receive the necessary information. These forums have already become authentic markets used for illegal activities, such as exchanging information related to stolen credit or debit cards and similar data. Membership on these sites is normally paid, and only nicknames can identify each of the carders.

How to protect yourself

  • If you think that credit card fraudsters have focused on you, you shouldn’t waste time and contact your bank. Please let them know your problems.
  • If your business has been affected, you should also let your customers know about it. Asking them to change their passwords and any other authentication information is also a good idea.
  • To avoid programs used to steal identity, you should install a trusted anti-spyware. Among these are Reimage and SpyHunter 5 .
  • Don’t forget to update your programs (security programs too) to avoid vulnerabilities. These holes can be used to install new malware on your computer, which can also be used to control and steal your personal data.
  • Stay away from illegal websites, suspicious Facebookpages and email messages from unknown senders. Each of them can lead to the loss of sensitive information, including financial data.


Leave a Comment