FULLZ: This is someone’s entire data cluster and it’s what is used to create

bank

drop accounts, and for setting up payment processors on fake online stores.
This

could also be used for many different things such as conducting an ATO
(Account-

Take-Over) on someone’s bank account, opening new lines of credit under

their

name, and much more. Fullz are extremely valuable information to us and in
fact a

NECESSITY to be able to open bank drops. Fullz usually comprise of

Background

Checks, Credit Reports, Credit Scores, Full Names, Addresses, Social Security

Number (SSN), Date of Birth (DOB), Driver’s License Numbers, and more.

CVV: This can either be someone’s full credit card details, or someone’s full
debit

card details. CVV is simply a fraud slang for credit/debit card details, there’s
not

much to it. We can use these details to “card” information on someone

online,

such as background or credit reports that can be used for various purposes
such as

opening bank drops and conducting an ATO (Account-Take-Over) on the

victim’s

bank account, or we can use these CVV details to order physical/digital

products

that will be sent to a drop address.

DWAT/Reaping (Digital Wallet Auth/Acc Takeover . aka

Reaping/Bimming/Dwins): refers to vulnerabilities in decentralized
authentication systems that scammers exploit to gain unauthorized access
to digital wallets. Unlike traditional banking, decentralized wallets rely on
cryptographic keys and authentication tokens rather than centralized
verification, making them attractive targets for sophisticated fraud
techniques.Scammers can exploit DWAT to infiltrate Apple Wallet by
leveraging stolen or synthetic identities to bypass security checks. One
method involves using phishing or social engineering to obtain a victim’s
Apple ID credentials, which allows them to sync fraudulent cards to Apple
Wallet. Additionally, attackers may exploit loopholes in tokenized
transactions, where Apple Wallet uses Device Account Numbers
(DANs) instead of actual card numbers, making it difficult for banks to
detect fraudulent cards until transactions are processed. Some fraudsters
use botnets and automation scripts to rapidly test stolen credit card
details, taking advantage of Apple's seamless onboarding process before
banks flag the transactions. In cases where scammers use decentralized
wallets linked to Apple Pay with spoofed KBAN and AMID information, they
might manipulate smart contracts or exploit weak KYC (Know Your Customer)
verifications to authorize fake cards within digital payment ecosystems. Also
known as “Reaping/Packing”

CVV DUMPS: A credit card dump, is an unauthorized digital copy of all the

information contained in the magnetic strip of an active credit card, created

with

the intention of illegally making a fake credit card that can be used by

cybercriminals to make purchases. Credit card dumps are used by fraudsters

to
capture valuable card data such as the card number and expiration date.
These can

be obtained in a number of ways. The most popular method nowadays is

“skimming”, a process in which an illegal card reader is used to copy the

data from

a credit card. Other methods include hacking into a retailer’s network or

when a

malware-infected point-of-sale device is unwittingly used by a retailer,

sending the

information to the criminals.

KBAN: a KBAN is a configured KBAN in the Reapware software. It is a dataset

used to call info onto a device. A KBAN can also be paired with an AMID to
create an ABAN.

DUMPS SERVICE CODE: Many fraudsters think that there are only 2 types of

dumps, 101 and 201. The truth is there are many other types of dumps.
Carders

usually work with either 101 or 201 but the majority will prefer 101. This is
known

as the SERVICE CODE of a dump. The service code contains 3 characters and
you

can find a dump service code just by looking at a dump, regardless of the
fact if it

has both TRACK1+TRACK2 or just TRACK2. Example, let’s say we’re looking
at the

dump 4256 746500930321=1402101700102054. The service code of this

dump is

101, which is located right after the expiration date of the card, which in this
case

is 1402 (FEB 2014). The value of the service code determines where the
cards are

suitable to be used and in what way. Below is a detailed explanation of each

service code available today.

First digit (usage variables):

- 1xx: Worldwide use, usually doesn’t have a smart chip.

- 2xx: Worldwide use, does have a smart chip and required to use smart chip
if the

card reader reads the chip

- 5xx: National use, a list of regions can be allowed by the bank (often called
region

locks).

- 6xx: National use, a list of regions can be allowed by the bank but required
to use

smart chip if the card reader reads the chip

- 7xx: Only useable according to what has been agreed with the bank

Second digit (authorization)

- x0x: Normal authorization, normal usage.

- x2x: Contact issuing bank.

- x4x: Contact issuing bank, exceptions rules by bank.

Third digit (services that the card can be used for):

- xx0: Can be used for anything, require PIN.

- xx1: Can be used for anything without PIN.

- xx2: Can be used to buy goods or pay a service, cannot retrieve cash, PIN
not

required.

- xx3: ATM only ,PIN required.

- xx4: Cash only, PIN not required.

- xx5: Can be used to buy goods or pay a service, cannot retrieve cash. PIN

required

- xx6: No restrictions to use, will ask for PIN when possible.

- xx7: Can be used to buy goods or pay a service, cannot retrieve cash. PIN

required when possible.

TRACK1+TRACK2 DATA: There are up to three tracks on magnetic cards

known as

tracks 1, 2, and 3. Track 3 is virtually unused by the major worldwide

networks,

and often isn’t even physically present on the card by virtue of a narrower

magnetic stripe. Point-of-sale card readers almost always read track 1, or

track 2,

and sometimes both, in case one track is unreadable. The minimum

cardholder

account information needed to complete a transaction is present on both

tracks.

Track 1 has a higher bit density, is the only track that may contain alphabetic
text,
and hence is the only track that contains the cardholder’s name. The
information

on track 1 on financial cards is contained in several formats that goes from A

to M.

The “A” is only used by the bank itself, so we do not need to pay much
attention to

it. The “B” is where the holder’s financial information is stored, the most

important section of the magnetic stripe. C to M, is used for the ANSI

Subcommittee X3B10, and N to Z is the information that is available for use

of

individual card issuers. This is how the track 1 looks like.

%B5XXXXXXXXXXXXXX2^GEORGENULL/
MAX^110310100000000100000000300000

0?;

• % for Start Sentinel

• B for Bank Type Credit Card

• 5XXXXXXXXXXXXXX2 is the Primary Account Number, which in most cases
is

the number printed on the front of the card, but not always.

• ^ is the separator

• GEORGENULL is the card holder’s last name

• / is the separator

• MAX is the card holder’s first name

• ^ another separator

• 11 expiration year, 03 expiration month

• 101 SERVICE CODE

• 0000000010000000003000000 is the discretionary data

• ? is the end

So now that you’ve seen the information that is stored in track 1 and the
letter

containers, you should have already figured out that credit card dumps are
mainly

the first 2 tracks.

Track 2 data is used by ATMs, physical payment processors and in any online

website. There are a lot of components in this track, the layout is shown
below.

| START SENTINEL | PRIMARY ACCOUNT NUMBER | FIELD SEPARATOR |

ADDITIONAL DATA | END SENTINEL | LONGITUDE REDUNDANCY CHECK |

With a more in-depth examination of the data, you can see how a credit card

number and holder’s main information is stored into the track 2 data.

5XXXXXXXXXXXXXX2=1103200XXXX00000000?* ^^ ^^ ^ ^ ^^ ||_ CARD

NUMBER

|| | |_ ENCRYPTED||_ LRC |_ START SENTINEL|| | PIN*** |_ END SENTINEL || |_

SERVICE CODE FIELD SEPARATOR _||_ EXPIRATION

Now let’s break it down.

• ; : Start Sentinel

• 5XXXXXXXXXXXXXX2: Primary account number, the PAN. This would be the

credit card number you always see printed on the front of the plastic.

• 1103: Expiry Date. Always year first then month.

• 200: Service code.

• XXXX00000000: Discretionary data, which includes the PIN verification, the

card verification value and the last 3 digits on the back of the card aka the

CSC/CVV2 code.

• ?: The End Sentinel

• With ^^ ^^ ^ ^ ^^ begins the track 3 data, which as said previously is

completely useless.

Most carders and hackers, will only seek out the TR1 and TR2 data. That’s
where

the term CVV dumps comes from.

WEB/ONLINE WALLETS: This is a program or web service that allows users to

store

and control their online shopping information, like logins, passwords,

shipping

address and credit card/bank details, in one central place. It also provides a

convenient and technologically quick method for consumers to purchase

products

from any person or store across the globe. Such examples of web wallets are

PayPal, Google Wallet, and Venmo. We can use such wallets for many
purposes

that will be discussed in further guides.

AMID: An AMID [Apple Merchant Identification](or Amid/UDID) Is a 22 Digit

string that is used to verify a users ability to use the Apple Pay Service and
configure cards.
ABAN: a Configuration of an AMID that is used to spoof apple pay’s Card
processing service to be able to add a fake card that is able to process
information and process transactions in Retail, online, pretty much anywhere
that Apple pay is accepted. ABANs are less risk but more difficult to setup,
due to the requirement of the Chinese Software company Taeshou
Solutions’s Reapware Suite software, that is able to validate and compile an
ABAN. although they dont condone illegal use of their software, and using it
for fraud purposes, its easily done and since they are in china theres really
no regulation for it as well.

SKIMMER: This is a device made to be affixed to the mouth of an ATM and

secretly

swipe credit and debit card information when bank customers slip their cards
into

the machines to pull out money. Skimmers have been around for years, of
course,

but fraudsters are constantly improving them. Card skimming accounts for
more

than 80 percent of ATM fraud. Some sophisticated skimmers are even able to

transmit stolen data via text message.

EMBOSSER: A device that stamps the cards to produce the raised lettering
where

the CVV holder’s name is, card number, etc...

TIPPER: A device that adds the gold/silver accents to the embossed

characters.

MSR (MAGNETIC STRIPE READER/WRITER): Used by fraudsters to write

dumps

into actual physical blank cards or gift cards (and driver’s licenses, student
IDs,

etc..). If you want to use blank white cards, you will need a printer for the
card

template, embosser and tipper, which can be pretty expensive, however it is

worth
it if you know how to correctly use these things.

POS (POINT-OF-SALE) SYSTEM: This is the time and place where a retail

transaction is completed. At the point of sale, the merchant calculates the

amount

owed by the customer, indicates that amount, may prepare an invoice for
the

customer (which may be a cash register printout), and indicates the options
for the

customer to make payment. It is also the point at which a customer makes a

payment to the merchant in exchange for goods or after provision of a

service.

After receiving payment, the merchant may issue a receipt for the
transaction.

ACH: This stands for Automated Clearing House, which is an electronic

network for

financial transactions in the United States. ACH processes large volumes of

credit

and debit transactions in batches. ACH credit transfers include direct deposit,

payroll and vendor payments. Moving money and information from one bank

account to another is done through Direct Deposit or via ACH transactions,

credit

or debit. This is used a lot by fraudsters to siphon money out of the bank
accounts

of unsuspecting victims, which is extremely easy.

PAYMENT PROCESSORS: A payment processor is a company (often a third

party)

appointed by a merchant to handle transactions from various channels such

as

credit cards and debit cards for merchant acquiring banks. They are usually
broken

down into two types: front-end and back-end. Front-end processors have
connections to various card associations and supply authorization and
settlement

services to the merchant banks’ merchants. Back-end processors accept

settlements from front-end processors and, via The Federal Reserve Bank for

example, move the money from the issuing bank to the merchant bank. In an

operation that will usually take a few seconds, the payment processor will
both

check the details received by forwarding them to the respective card’s

issuing bank

or card association for verification, and also carry out a series of anti-fraud

measures against the transaction. Additional paraments, including the card’s

country of issue and its previous payment history, are also used to gauge the

probability of the transaction being approved. Once the payment processor

has

received confirmation that the credit card details have been verified, the

information will be relayed back via the payment gateway to the merchant,
who

will then complete the payment transaction. If verification is denied by the

card

association, the payment processor will relay the information to the

merchant,

who will then decline the transaction. Such examples of payment processors
are

Square, PayPal, Stripe and Flint

PAYMENT GATEWAYS: This is a merchant service provided by an e-commerce

website that authorizes credit card or direct payments processing for e-

businesses,

online retailers, or traditional brick and mortar stores. The payment gateway
may

be provided by a bank to its customers but can be provided by a specialized

financial service provider as a separate service. It facilitates a payment
transaction

by the transfer of information between a payment portal (such as a website,

mobile phone or interactive voice response service) and the front-end

processor or

acquiring bank. Here’s how a typical transaction plays out.

1. A customer places an order on a website by pressing the “Submit Order”

or

equivalent button, or perhaps enters their card details using an automatic

phone answering service.

2. If the order is via a website, the customer’s web browser encrypts the

information to be sent between the browser and the merchant’s webserver.

In between other methods, this may be done via SSL encryption. The

payment gateway may allot transaction data to be sent directly from the

customer’s browser to the gateway, bypassing the merchant’s systems. This

reduces the merchant’s Payment Card Industry Data Security Standard

compliance obligations without redirecting the customer away from the

website.

3. The merchant then forwards the transaction details to their payment

gateway.

4. The payment gateway converts the message from XML to ISO 8583 or a

variant message format and then forwards the transaction information to the

payment processor used by the merchant’s acquiring bank.

5. The payment processor forwards the transaction information to the card

association (e.g. Visa/Mastercard/AMEX). If an American Express or Discover

Card was used, then the card association also acts as the issuing bank and

directly provides a response of approved or declined to the payment

gateway. Otherwise, the card association routes the transaction to the

correct card issuing bank.

6. The credit card issuing bank receives the authorization request, verifies
the

credit or debit available and then sends a response back to the processor

with a response code (approved or denied). In addition to communicating

the fate of the authorization request, the response code is also used to

define the reason why the transaction failed (e.g. insufficient funds, or bank

link not available). Meanwhile, the credit card issuer holds an authorization

associated with that merchant and consumer for the approved amount. This

can impact the consumer’s ability to spend further (because it reduces the

line of credit available or it puts a hold on a portion of the funds in a debit

account).

7. The processor forwards the authorization response to the payment

gateway.

8. The payment gateway receives the response, and forwards it on to the

website (or whatever interface was used to process the payment) where it is

interpreted as a relevant response then relayed back to the merchant and

cardholder. This is known as the Authorization or “Auth”

9. This entire process typically takes 2-3 seconds.

DUNS: Apple D-U-N-S, which stands for data universal numbering system, is
used to maintain up-to-date and timely information on more than hundreds
of millions global businesses. used to identify your organization when
registering for sites such as FedConnect and SAM.gov. If you are unsure of
what your DUNS number is, please ask your senior management for
assistance, or locate the number on your SAM.gov account.

WEB DOMAIN: This is traditionally known as the name or URL of a website

and is
sometimes called the host name. The host name is a more memorable name
to

stand in for the numeric, and hard to remember, IP address of a website. This

allows the website visitors to find and return to a web page more easily. It
also

allows advertisers the ability to give a website a memorable name that

visitors will

remember and come to, hopefully leading to conversions for the web page.
The

flexibility of website domains allows several IP addresses to be linked to the

same

website domain, thus giving a website several different pages while

remaining at

the easily remembered address.

VIRTUAL reaping: This is the process of purchasing physical or digital goods

online using someone else’s credit/debit card details.

PHYSICAL reaping: This is the process of purchasing physical goods by going

to

an actual physical store in-person and using pre-made credit cards with
dumps

punched in them to conduct the fraudulent transactions. Transactions are

also

possible to be conducted with an Android phone using NFC payments with

TR1+TR2 data.

reaping: Term used when referring to using someone else’s CVV details to

conduct a fraudulent purchase on an online website or physically in person in

a

store using DUMPS. Example, we can CARD a cellphone using someone else’s

details through Amazon, or CARD a $400 belt at a Gucci Store using dumps
that
were punched into a blank card using devices specifically made for such
purposes.

CARD HOLDER: The owner of the CVV that we’re using to conduct the
fraudulent

transaction.

BILLING ADDRESS: An address directly attached to a CVV. This is where the

card

holder’s bank sends his bills, hence the name BILLING.

SHIPPING/MAILING ADDRESS: An address used exclusively to receive mail.

Most

websites do not allow transactions to be accepted if the billing address on a

credit

card and the shipping address provided to the website are different.

AVS & NON-AVS: AVS stands for Address Verification System. This is a system
used

to verify the address of a person claiming to own a credit card. The system
will

check the billing address of the credit card provided by the user with the
address

on file at the credit card company. AVS is used by mostly all merchants in the
US,

Canada, and UK. Because AVS only verifies the numeric portion of the
address,

certain anomalies like apartment numbers can cause false declines;

however, it is

reported to be a rare occurrence. AVS verifies the numeric portions of a

cardholder’s billing address. For example, if the address is 101 Main Street,

Highland, CA 92346, United States, AVS will check 101 and 92346.
Cardholders

may receive false negatives, or partial declines for AVS from e-commerce
verification systems, which may require manual overrides, voice
authorization, or

reprogramming of the AVS entries by the card issuing bank. Cardholders with
a

bank that does not support AVS may receive an error from Internet stores
due to

lack of data. All countries besides UK, US & Canada, are NON-AVS.

VBV & NON-VBV: This is an XML-based protocol designed to be an additional

security layer for online credit and debit card transactions. VBV stands for
Verified

by Visa. This is used to validate the card holder’s identity and prevent
fraudulent

transactions. It works by asking for additional information either from the

card

holder directly or by analyzing data behind the scenes to see if the purchase
fits

the usual payment behavior. When a website and a card have Verified by
Visa, a

message box pops up on screen after you have entered the Visa card details.
You

are then asked to identify yourself with your Verified by Visa password or a
code

sent to your phone. What you need to do at this stage varies but your bank
will tell

you about the method they use and what they expect from you

MASTERCARD SECURECODE (MCSC): MasterCard SecureCode is very much

similar
to Visa’s VBV. It is a private code for a MasterCard account that gives the
card

holder an additional layer of online shopping security. Only the card holder
and

the financial institution know what the code is, merchants are not able to see
it.

Fortunately, the majority of MasterCard cards do not have this security in

place.

AMERICAN EXPRESS SAFEKEY: This is one of the least used security measures

around, and it is not even available in the United States. However, it is the
same

thing as MasterCard SecureCode and Visa’s VBV.

NEAR-FIELD COMMUNICATION (NFC): NFC technology lets smartphones and

other

enabled devices communicate with other devices containing an NFC tag. It is

widely used as a payment method, all you have to do is swipe your

smartphone at

the checkout in any store, and most stores support NFC. Apple Pay for
example,

uses NFC.

SSN: Social Security Number. This is a nine-digit number issued to U.S.

citizens,

permanent residents, and temporary (working) residents in the United

States.

Although its primary purpose is to track individuals for Social Security

purposes,

the Social Security number has become the national identification number
for

taxation and other purposes. SSN is frequently used by those involved in

identity

theft, since it is interconnected with many other forms of identification, and

because people asking for it treat as an authenticator. Financial institutions

generally require an SSN to set up bank accounts, credit cards, and loans-
partly

because they assume that no one except the person it was issued to knows
it.

MMN: Mother’s Maiden Name. This is the name of someone’s mother BEFORE

they got married, that is, her name with her original family name (or
“surname”),

the name she used when she was a girl and a young woman. “Maiden” here
means

“unmarried woman”. So “maiden name” refers to a woman’s name when she

was

still an unmarried woman. In many cultures, when a woman gets married,

she

takes the family name of her husband’s family, so her name changes.
Example, let

us say your mother’s name was Mary and she was born into the Smith family.
Her

maiden name would be “Mary Smith”. Then, let us say, she married your
father,

whose name was Tom Jones. When she married him, she became Mary Jones.

That is her married name, but her maiden name will always be Mary Smith.
This is

one of the most important aspects to conducting successful transactions

online for

high value products, as most banks ask this as a security question for
making any

changes to the account.

DOB: Date of Birth. This is one of the most important pieces of information
you
can get on your victim. The reason for that because with the date of birth,
full

name and hometown, you can easily find the person’s SSN. And also because
you

need this information if the bank ever asks you for it.

MAIL DROP: A mail drop is a location where you are able to freely receive
illegal

products that were either reaped, or drugs. You never want to use your own
house

for these purposes as it will bring a lot of headache for you in the future.
With a

mail drop, you can use it let’s say a month, and never show your face there
again.

This will make extremely hard for any law enforcement official to track you
down

and arrest you or conduct an investigation into your life.

BIN: Bank Identification Number. This is the first four to six numbers that
appear

on a credit card. The bank identification number uniquely identifies the

institution

issuing the card. The BIN is key in the process of matching transactions to
the

issuer of the charge card. This numbering system also applies to charge
cards, gift

cards, debit cards, prepaid cards and even electronic benefit cards. This
numbering

system helps identify identity theft or potential security breaches by

comparing

data, such as the address of the institution issuing the card and the address
of the

cardholder. The first digit of the BIN specifies the Major Industry Identifier,
such as
airline, banking or travel, and the next five digits specify the issuing
institution or

bank. For example, the MII for a Visa credit card starts with a 4. The BIN
helps

merchants evaluate and assess their payment card transactions. After

submitting

the first four to six digits of the card, the online retailer can detect which

institution issued the customer’s card, the card brand (such as Visa or

MasterCard), the card level (such as corporate or platinum), the card type
(such as

debit card or a credit card), and the issuing bank country. BINs can be check

through the websites below.

https://www.bincodes.com/bin-checker/

http://binchecker.com/

https://bincheck.org/

https://binlists.com/

PROXY SERVER: Every time you reach out to a website or connect with
anyone

online, your online connection gives your computer “address” to the

site/person

you’re connecting with. This is so that the other end knows how to send

information back to your computer. That address is your public IP address. IP

stands for Internet Protocol and you can check yours by going to whoer.net.

Without an IP address, you wouldn’t be able to do any Internet/online activity

and

others online wouldn’t be able to reach you. It is how you connect to the
world.

Your IP address comes from your Internet Service Provider (ISP).

Unfortunately,
there are a lot of privacy concerns when it comes to public IP addresses such
as

• Your IP address identifies where you are in the world, sometimes to the

street level.

• It can be used by websites to block you from accessing their content.

• It ultimately ties your name and home address to your IP address, because

someone is paying for an Internet connection at a specific location.

A proxy lets you go online under a different IP address identity. You don’t
change

your Internet provider; you simply get a proxy server. A proxy server is a
computer

on the web that redirects your web browsing activity. Here’s what that
means.

• Normally, when you type in a website name (Amazon.com or any other),

your Internet Service Provider (ISP) makes the request for you and connects

you with the destination-and reveals your real IP address, as mentioned

before.

• When you use a proxy, your online requests get rerouted.

• While using a proxy, your Internet request goes from your computer to your

ISP as usual, but then gets sent to the proxy server, and then to the

website/destination. Along the way, the proxy uses the IP address you chose

in your setup, masking your real IP address.

Proxy servers are commonly used by identity thieves to fake their location to
the

cardholder’s billing address. The reason for that is because some websites
will not

allow a transaction to be accepted, if the purchase is being made from a

location

much farther away than the cardholder’s billing address.

BANK DROPS: Bank drops are bank accounts that are opened specifically for
the

purpose of storing your dirty funds. Once you open them, you can decide
whether

you wish to withdraw the funds directly from the account as cash by going to
the

bank ATM, or possibly clean them with specific methods, and only after
cleaning

them, cashing them out (my preferred method and much safer). It is
important to

mention also, that all bank drop accounts, are opened ONLY with the
information

of someone else (aka FULLZ), so there is absolutely no possibility of these

dirty

funds ever being traced back to your real identity. To open one of these bank
drop

accounts, you will usually require the person’s DOB + SSN + DL +

BACKGROUND

CHECK + FULL CREDIT REPORT + MVR/DRIVING RECORD for maximum

success.

PROXY SCORE: When it comes to fraud detection, finding proxies is a big

topic.

Fraud detection begins with thinking intelligently about the IP address

associated

with a transaction. Where is that IP address, and how does that location
relate to

other transaction data? Whereas most IP addresses inspire confidence, those

associated with a proxy generate suspicion. As the name suggests, a proxy

acts as

an intermediary, passing requests from one computer to other servers. But

although there are legitimate uses of proxies, fraudsters are well known to
use
proxies. Detecting proxies comes with two challenges. The first is how to
recognize

an IP address as a proxy. The second is how to distinguish a “good” proxy

from a

“bad” one; since by definition, a proxy is merely an intermediary, a proxy is

not

high risk in and of itself. To consider how best to address these challenges,
it’s

helpful to look to the primary goal of ecommerce fraud detection: thinking

intelligently about the IP address associated with a transaction in order to

assess

risk. Fraud detection uses transaction data as the basis for this thinking and
risk

assessment. Using this data and analysis, they’re able to gain insight into the
kind

of traffic on a particular IP address. The Proxy Score, is a summary of risk

associated with an IP address. You want this to be as low as possible (0.80

MAX).

Anything above 0.80, you should move on and look for another proxy as that
will

lead to a declined transaction 70-80% of the time. You can check your proxy
score

on the websites below. Ideally you want the lowest proxy score that you can
find, I

have used RDPs with a proxy score of 0.01 many times.

• https://getipintel.net/

• https://www.maxmind.com/en/request-service-trial?service_minfraud=1

(FREE TRIAL)

• xdedicvhnguh5s6k.onion (private RDP provider website, but the best one to

check this kind of stuff, send me a PM and I will send you an invite)
IBAN: An IBAN, or International Bank Account Number, is a unique code that
identifies a bank account for international payments. IBANs are used to
process financial transactions between institutions in different countries.

•Country code: Two letters that represent the country where the bank is
located

•Checksum digits: Two digits calculated with an algorithm to validate the

IBAN

•Bank code: Four digits that identify the bank

Comparison with the usual spending pattern of the cardholder

Location of the charge

Amount

Risk factor associated with the merchant

FRAUD SCORE: Every online transaction is given what is called a “Fraud

Score”.

This is a number ranging between 0 and 999. It gives the merchant a

number from

which he can determine if a given transaction is fraudulent or not.

Transactions

that are given high fraud scores (over 300), are placed under manual
verification

by an agent, who will decide if they contact the cardholder or let it through.
Scores

over 500 with auto-decline, will block the card and an agent will immediately

contact the cardholder. Some banks have different criterias but certain
things that

can affect the fraud score are:

For example, a $15.56 charge in the cardholder’s local Walmart will not
trigger

anything, while a purchase of $2000 on Newegg will have an extremely high

fraud
score and probably auto-decline if the cardholder rarely makes purchases
online.

RISK SCORE: This is a percentage given to each transaction that ranges from
0.00%

to 100.00%. The factors that determine this score are whether an IP address,

email, device and proxy used are high risk or low risk. This is determined by
fraud

systems that websites have in place such as MaxMind, which establishes the

reputations of IP addresses, emails, geolocation and other parameters. This

should

always be checked before purchasing an RDP. Anything above 1.00% will

lead to

declined transactions most of the time.

RDP: Remote Desktop Protocol. This is a protocol developed my Microsoft,

which

provides a user with a graphical interface to connect to another computer

over a

network connection. You can for example, be using a Linux machine, and
connect

to a Windows 7 RDP. RDPs are absolutely essential to conducting a successful

fraudulent transaction, especially HACKED RESIDENTIAL RDPs. The reason for

that

is because these RDPs are from a REAL PERSON, with a REAL LOCATION/IP,
and

REAL COMPUTER and BROWSER FINGERPRINT. They will exponentially

increase

your success rate. They will also be discussed in more detail further in this
guide.

SOCKS5: This is a proxy server that allows us to fake our real location. This is
very
good if let’s say, we have a credit card with a billing address in Miami, we
can use a

SOCKS5 near the billing address in Miami so that the website we are
conducting

the fraudulent transaction in doesn’t raise our fraud score because the
transaction

is being conducted in another state/far away from the credit card’s billing
address

as this will lead to a declined transaction most of the time.

VIRTUAL MACHINE: This is an emulation of a computer system. Virtual

machines

are based on computer architectures and provide functionality of a physical

computer. They allow you to run an operating system using an app window
on

your desktop that behaves like a full, separate computer. The most used
software

for virtual machines are respectively, Virtual Box and VMWare. Unfortunately,

they are not as reliable as using an RDP, but they are very good to CONNECT
to an

RDP, so as to leave no traces on your original computer. Windows and OS X

are

still not reliable enough in the aspect of leaving no traces, as the virtual
machine in

these operating systems, will leak information to the host OS, and
consequently

leave a lot of illegal evidence/traces on your computer that could later be

used as

potential evidence in an investigation. However, you should never let it get

to that

point the first place.

This is the most important aspect of being a successful fraudster. The reason
for

this is because there’s no point in doing all of this, if we’re going to

eventually be

caught, and have all of your assets seized by the government. Unfortunately,
the

United States doesn’t take these things lightly, and they will do everything
they

can to persecute cybercriminals and put them in jail, which most of the time
are

given sentences of over 10 years in jail for minor offenses. They are the
biggest

and most powerful nation in the entire world, and their resources are
absolutely

endless. We MUST take every precaution possible to mitigate any of these

risks

and to make sure our hard work will never be taken from us by such
governments.

Even if you do not live in the United States, you should still very much worry
about

them as they are involved in pretty much every single international issue
that

occurs, especially in cybercrime cases.

I have written an extensive guide over 100 pages long on just the topic of
OPSEC

and creating your perfect fraud expert setup for maximum success, and
security

against such adversaries, Remember, if you want to be a

criminal, then do your homework, or don’t be a criminal. With that said, in

this chapter I won’t go into as much detail as my OPSEC guide

goes, as there are many things to keep in mind and I wouldn’t be able to fit
everything into only one chapter, that’s the reason I made a guide
specifically for

the purpose of explaining privacy and security. However, I will give you a
perfect

setup in this tutorial.

First of all, I want to introduce you to the absolute best operating system
available

today when it comes to security and privacy. It is called Qubes OS. This
operating

system allows us to run isolated environments. It is basically a giant virtual

box.

You can run different OSs in Qubes as different virtual machines. For
example, we

have a virtual machine for the Whonix OS, another for Fedora, Debian, and
those

are only the VMs that come pre-installed with the OS. You can install Kali
Linux in

Qubes, Windows, and all kinds of different OSs. If one of these VMs ever get

compromised, we are fine. We simply delete the VM and create a new one. If
you

want to learn more about the Qubes OS, then navigate to the link below, it is
full

of tutorials and even videos about the OS so you can get a good look at what
we’ll

be working with.

https://www.qubes-os.org/doc/

Qubes has a very small compatibility range and so will not work with most

computers unfortunately. However, if you want to become truly a

professional

cyber-criminal, then I highly recommend you invest in a new computer. Don’t

be
lazy or close-fisted with security, as that will lead to problems and much
headache

for you in the future, trust me on that. Below are the laptops I recommend,
from

best (most expensive) to worst (cheapest). All of them work perfectly with
the

current Qubes 4.0. All of the prices were taken from Amazon at the time of
this

writing, so keep in mind, you may get cheaper, or more expensive.

LENOVO THINKPAD X1 CARBON 5TH GEN ($1845): This laptop is absolutely

amazing, and if you have money to buy it, then do it. It’s totally worth it, as it
will

last you for many years to come. This was voted the best business laptop at
CES

2018. The performance of this laptop is absolutely incredible and will make
your

work incredibly smooth and easy. This is the laptop that I currently use and
the

one I recommend to all my clients on top of every other one.

LENOVO THINKPAD T460P ($1350): Also works perfectly with Qubes 4.0 and
the

performance is amazing. The one above is much better, but if you want to
get this

one instead and save some money, I’d say go ahead.

LENOVO THINKPAD T450S ($530): This laptop is also very good, although the

performance of the above one is much better, this one does boast some

impressive features. You can get it on Amazon for very cheap. It comes with
i7

processor, 8GB RAM, 256GB SSD (you may want to upgrade the SSD). I have
tested

this computer with Qubes 4.0 and it also works perfectly and smooth.
LENOVO THINKPAD X230 ($235): This is a last resort type of laptop, and you

should only get it if you’re really low on money. The performance will be
terrible,

but definitely usable. Qubes 4.0 runs perfectly with it, and everything works

exactly as it should, just really slow due to the old processor and low
memory. If

you’re thinking of buying this laptop, keep in mind you will most likely need
to

upgrade some of the components to make it run smoothly.

BEST QUBES SETUP FOR FRAUDULENT ACTIVITIES

Having a perfect setup for your fraudulent activities, is one of the most
important

aspects of being successful in this business. If you have a bad setup, you will
most

likely run into problems, and declined transactions on a daily basis. As I have

explained previously in this guide, Qubes OS is the absolute best operating

system

for our purposes, and is the OS I use for my fraudulent activities, in fact it is
THE

ONLY ONE I use. Not only will Qubes protect you to the maximum extent
possible,

to ensure that LE can’t successfully uncover your real identity, but to

websites, you

will look like just another shopper looking for something expensive to buy,
which

in turn will make us extremely successful. Below I will outline the perfect
setup for

Qubes OS. All of the setup outlined below is explained in much more detail
on my

OPSEC guide, so I would highly recommend you get that one as well.

• First, we will anonymize our MAC address by following this tutorial

(https://www.qubes-os.org/doc/anonymizing-your-mac-address/) for our

NetVM.

• Once we have fully anonymized our MAC address, we will route our NetVM

to the FirewallVM. From there, we will route the traffic to the VPN VM.

• Now we need to setup our VPN VM to route all traffic to the VPN tunnel and

restrict all non-VPN connections with iptables rules. If you are running Qubes

4.0, please follow this tutorial (https://github.com/tasket/Qubes-vpnsupport).

If you are on Qubes 3.2, follow this tutorial

(https://www.reddit.com/r/Qubes/comments/6h4ue2/guide_setting_up_a_

vpn_with_mullvad_on_qubes/). Feel free to send me a message if you run

into any problems. Check everything is good and that there are no leaks in

your connection by navigating to whoer.net and dnsleaktest.com and

conducting tests. Even with webRTC enabled, you should have 0 leaks

because of the iptables rules.

• Once we have setup our VPN VM, we will create another VPN VM and route

our traffic to the 2nd VPN tunnel. This is extremely important, as it will add
an

amazing extra layer of security to your setup. You should use 2 different VPN

providers. The ones I recommend are respectively from best to worst,

NordVPN, TorGuard, and Mullvad. You should follow the same steps as the

1st VPN VM to create the 2nd. Check everything is good and that there are
no

leaks in your connection by navigating to whoer.net and dnsleaktest.com and

conducting tests. Even with webRTC enabled, you should have 0 leaks

because of the iptables rules.

From the 2nd VPN VM, we will send our traffic to our Tor network VM (usually

called sys-whonix).

In sys-whonix, we will edit the torrc configuration file and make sure we are
using obfs4 bridges to connect to it. This will make much harder for anyone

snooping on our traffic to see we are using Tor (although I seriously doubt

anyone would be able to do so if you followed the steps above correctly).

You can do that by following this tutorial

(https://www.whonix.org/wiki/Bridges).

Now that we have our network completely set up, we will move on to

actually connecting to our RDP to conduct our work. To do that, simply

create a new AppVM, name it whatever you so wish, use the Template

WHONIX-WS for it, give it network access through sys-whonix, and open a

new Terminal on it. Once you have done that, run the following command on

that Terminal: sudo apt-get install remmina

That command will install a program called “remmina” which will enable us

to connect to our RDPs anonymously with the Tor network.

For the RDP, I recommend you purchase a Windows 7 one from xDedic (if

you don’t have an account there, send me a message and I will sell you an

RDP from there, or you can also purchase an invite to the website from me if

you so prefer, that way you won’t rely on me or anyone else to purchase

your RDPs, you can simply login the website and purchase them yourself).

xDedic is the best website for RDPs, and the reason for that is because they

sell clean hacked RDPs, that belong to an actual real person, with a real

digital fingerprint, and with a real IP/real location. The reason we want this is

so that the website we are conducting our work in, doesn’t realize we are a

fraudster and declines our transaction. I prefer not to use Socks5 as they are

far from being reliable as RDPs are, and PLEASE, do not use a Socks5 in

conjunction with one of these RDPs, as that would be dumb, and will mess up

your entire setup.

Once you have all of this setup, all you need to do is pick a website that you
want to card, get a CVV close to the zip code of your RDP (some websites will

decline your transaction if you are placing an order too far away from the

CVVs billing/shipping address) and work your magic! This “magic” will vary

from website to website, and one thing you need to keep in mind is that

most websites will require you to call the card holder’s bank using a burner

spoofed to the card holder’s number to change his billing address. The

reason for that is because as mentioned previously, websites in Canada,

United States and United Kingdom, all have AVS systems in place that will

check your billing address with the card holder’s bank. If you use a shipping

address that differs from the billing address, especially a shipping address

too far from the card holder’s address, you will get a declined transaction.

You could still get approved if the shipping address you are using is not too

far from the card holder’s billing address (anything 30-50 miles away is

already too much), but it’s always better to call the bank and do a change of

billing.

• If you are purchasing anything above $600 dollars, chances are you will
need

to conduct a what is known as an ATO on the card holder’s account. ATO

stands for Account-Take-Over. This is a process in which you will call the

bank, change the card holder’s phone number, then wait 5-7 days and call

again to change his billing address, you can also add a temporary address if

you prefer, which is much better in my opinion (Bank of America doesn’t

allow temporary addresses unfortunately, Chase is the best one for this). The

reason for this is because most websites will require you to put the card

holder’s billing phone number on check out and for orders above $600, they

will call the card holder to confirm the transaction. Not to mention that the

bank may find all of this very suspicious, especially if the card holder hasn’t
done a purchase as big as that in months and will ring them to confirm. And,

there is also the possibility of the card holder having what is known as “text

updates/alerts” for charges that big on his account. All of those things may

lead to declined transaction, and a burnt card.

• I also recommend you use a .edu, .org or .gov email with the card holder’s

name, to conduct such high value fraudulent transactions. This will

significantly lower your fraud score and will help you a lot in getting

approved.

• Make sure you act like a real shopper. Wait 2-3 days before purchasing and

during that meantime, put products in your cart, look around the website,

make it look LEGIT. Make it look like you care about how much you’re

spending, because people do care about that. If you register an account, and

then right off the bat purchase a laptop worth $1500, you can’t expect to be

approved. I will further explain in detail all of this in this guide.

WINDOWS & MAC OS X VIRTUALBOX SETUP

I realize most people will not go as far as the setup above requires them. And

although that is very unfortunate, it is a fact that I can’t neglect. Below I will

outline a good, but much more unsuccessful and unsafe setup.

Unfortunately, OS X

and Windows, are both closed-source operating systems, and particularly

Windows, is full of zero-day exploits and vulnerabilities that are easily

exploitable

by law enforcement officials. Not to mention these OSs are full of

NSA/FBI/CIA

backdoors and are just not safe from a privacy standpoint, proceed with
caution

and most importantly, ATTENTION to detail. Do not skip any steps.

Now, when it comes to the Virtual Box setup, what you need to do is first of
all,

download Virtual Box obviously (https://www.virtualbox.org/wiki/Downloads),

then download VeraCrypt (https://www.veracrypt.fr/en/Downloads.html) and

create a hidden encrypted volume with at least 30GB of space, then mount
that

hidden encrypted volume. Then, download WinISO

(http://www.winiso.com/download.html), and google “WinISO serial number”

so

that you are able to complete the next step. Next, download MagicISO

(http://www.magiciso.com/download.htm), get a .iso of Windows 7 and burn it

into a bootable media on a blank CD using WinISO. Then mount the .iso into
the

virtual drive using MagicISO.

Then, create a new virtual machine on Virtual Box and name it whatever you
so

wish. Go to settings and on “System” use at least 2GB RAM for the base
memory.

On boot order use HDD and CD/DVD. Then, go to storage and add your
virtual

drive letter where you mounted the .iso on Controller:IDE. On “Network”,

choose

NAT and refresh the MAC address (refresh every single time you boot the

Machine). Then, install Windows 7 on the virtual machine.

Once you have done all that, move the .vdi files into the hidden encrypted

VeraCrypt volume. Then, on the Windows 7 virtual machine install TMAC to

change the MAC address every time you connect to the internet

(https://technitium.com/tmac/), CCleaner, and Bleachbit to clean your

cookies and

temporary data.
Then every time you start the machine, go to the Windows 7 CMD, and type
these

commands:

ipconfig /release

ipconfig /renew

ipconfig /flushdns

Once you have completed all these steps, download the VPN of your choice
and

install it on your newly created virtual machine. You can also get another VPN
and

install it on your main OS, that way you have 2 VPNs for added security. I

recommend 2 different providers, and make sure you use an anonymous

email

that can’t be traced back to you, and only pay with clean BTCs.

From that virtual machine, connect to an RDP by going to the Start menu and

typing “Remote Desktop” in the search box. When “Remote Desktop

Connection”

appears in the search results, click on it. Next, enter the IP address of the
target

computer and press connect. Enter the login credentials, click OK and you
should

be inside the RDP.

Now that you have your OPSEC set up, I will teach you about how to card

successfully.

As I have mentioned previously in the fraud dictionary section of this guide,

virtual

reaping is the process of purchasing physical or digital goods online using

someone

else’s credit/debit card details. However, there is A LOT more to it. You can’t
simply get someone’s CVV details and go on a shopping spree, that will not
work

and will only lead to burnt cards & declined transactions. There are many
things

you need to keep in mind and in this chapter I will go into detail on how
exactly all

of it works.

The main goal of a carder, is to cheat websites into thinking he’s the legit
owner of

a CVV. This is the most important aspect of reaping, because if you can’t do
that,

nothing else will work. To be able to cheat the website, there are a couple of

things we need to keep in mind.

• We need to use an extra clean hacked residential Windows 7 RDP (available

on xDedic, again, if you don’t have an account there just send me a message

and we can work something out). Windows 7 is the 2nd most used operating

system in existence today, right behind Windows 10 so that is why we are

using it. We want to appear as generic as possible to the website, and never

appear to be a “unique” user as that will raise our fraud score. A

RESIDENTIAL RDP is essential, because it already has a digital fingerprint

from

a legit user, which will tell the website that we are a real person, from a real

location, with a real computer, and not a fraudster using a proxy server in a

virtual machine.

• We should either use Firefox or Chrome for fraudulent transactions inside of

our hacked RDP. The reason for that is because again, we want to appear as

generic as possible to the website, and those browsers are currently the

most used browsers in existence. It is important to note that no changes

should be done to those browsers, and no addons should be installed, you

should use them AS THEY ARE BY DEFAULT.

• With Firefox or Chrome inside of your RDP, navigate to dnsleaktest.com and

ipleak.net, then conduct tests to see if your real location is leaking. Then

navigate to whoer.net and check your anonymity score, it should be 100%.

Sometimes it won’t be because of the time-zone difference between your IP

location and the system time, if that happens then simply change the system

time to match your IP location, and do a re-test, it should then say 100% in

your score. You should do this every time you wish to conduct a fraudulent

transaction.

• Now we get a CVV that is close to the CITY and STATE that our RDP is
located

in. Example, if we have an RDP located in MIAMI FL, we want a CVV from

MIAMI FL. The level of the CVV you need to get will depend much on the

value of the transaction that you want to conduct. A card that would be used

to purchase movie tickets/food delivery online, is not the same card you

would use to purchase a $1000 laptop. However, a card that can be used to

purchase a $1000 laptop, would easily approve a small movie ticket/food

delivery purchase transaction, but you would never use a card like that for

such purposes unless you don’t know what you’re doing.

• If you are reaping something worth $500 or more, you will need to get a
free

.edu email registered in the name of the CVV holder by navigating to the

website http://home.cccapply.org and selecting Cuesta College from the

drop-down menu (this changes from time to time so Cuesta may not work for

you, if it doesn’t just try other colleges and one of them should eventually

work). From there you apply to the college, and for the Social Security

Number (SSN) you navigate to http://fakenamegenerator.com/, select

MALE/FEMALE and then hit GENERATE. This will generate a new identity,

from that you just need the SSN which will look something like this 427-
70XXXX. Just substitute the XXXX for any numbers and that should do fine.
Fill

out all the rest with the fake info (phone, address, etc…), just provide the

correct sex. If you have his SSN, then you can use that as well and it will be a

HUGE plus. For the email, you can use disroot.org, navigate to their website,

create a new account with the CVV holder’s name and use it for registering

for the college. You will soon receive on that email your newly created

@.my.smccd.edu email address details.

• If the .edu email method doesn’t seem to be working for you, then you can

simply card a domain with ipage.com and use a .org email that the domain

provider will let you generate. You can also generate as many .org emails as

you wish with your domain, just make the domain name something legit such

as https://nmnenterprises.org or https://pierceandassociates.com/. To card

the domain, follow the same steps outlined above and register with the

domain provider with a yahoo email in the name of the CVV holder.

• Once you got the email ready, then you are finally ready to conduct the

fraudulent transaction. Navigate to the website you want to card. If you are

reaping something worth $200 or more, then you should first create an

account on the website using the .edu/.org email, browse the website to look

like a real buyer, wait 2 days and browse the website during those 2 days for

at least 30-40 min looking at products, putting stuff in your cart, etc… After

you have done that, you can go ahead and proceed with the transaction.

• Keep in mind that as I mentioned previously, some websites will not accept

transactions in which the billing and shipping addresses are too far away

from each other (30 miles is already too much). If you get a card with a
billing
address less than 30 miles from your drop address, then you are very very

lucky and you can proceed. If not, you will need to call the bank using a

spoofed burner number (spoof to the CVV holder’s number) and ask them to

add a temporary shipping address/add an additional billing address to the

account. They should be able to do that for you, unless it’s Bank of America,

I’ve run into problems before doing that with BoA. They will require you to

change the billing address entirely.

• For the burner phone, it is entirely up to you to either purchase a phone for

$40 dollars at somewhere like Wal-Mart or go to Amazon and purchase a

phone like this

(https://www.amazon.com/Phone-4-5mm-Ultra-PocketBlack/dp/B00JN82EFO)
which you can use for a month, and destroy it

completely when done with reaping for a few websites/CVVs. For the SIM

card, you can go to T-Mobile and ask them for the $30 monthly plan (make

sure you show them your phone so that they give you the right SIM card and

ALWAYS pay with cash, you can even go a step further and use a hoodie

when going to the store to mitigate the threat of cameras).

• To spoof your phone number, you can use the service

https://www.spoofmyphone.com/ they allow you to pay with BTC and are

very reliable.

• Before buying your RDP, ALWAYS check its PROXY, RISK, and FRAUD score.

You can check all of that through the xDedic website (if you don’t have an

account there contact me and we can work something out).

CVV

There are a lot of websites nowadays on the web that will sell you stolen
CVV.

However, the problem with these websites is that they will most of the time,
sell
you CVVs that are either dead, or that are complete shit. I know this from my
own

personal experience with these websites, so I have completely given up on

them.

The only one I can currently recommend under good conscience is Yale
Lodge

(https://yalelodge.cm/), however, the registration to it is closed at the

moment,

and I have spoken to the owner, he is not currently selling registrations, but
will

very soon for 300-400 dollars (that money will be added to your balance on
the

website). So, if you want to purchase the registration, keep checking the
website.

I am an experienced hacker, and I have taken advantage of flaws in website

security systems many times to hack their databases. With that said, I
currently

have in my possession over 70k CVV and over 50k dumps for sale from
different

online databases. I check my CVVs for validity every single time before
sending

them out to my buyers, so you can be safe you will get valid cards from me.

To check out the balance of a card and check its validity, you can simply call
the

bank to which the card belongs to using your burner phone. Let’s say it’s
Chase,

you call Chase bank and use the automated prompt by typing your CVV
number

and its zip code. From there the automated prompt will tell you the balance
of the

card, its credit access line, amount in pending transaction authorizations,

and
recent transactions. You should take note of the 8 most recent transactions in
case

you need it. It is also good to know the CVV holder’s spending patterns so we
can

mimic it. This will make things look much less suspicious to the bank.

reaping LEVELS

When it comes to reaping, there are 3 different levels to it. They are each
outlined

and explained below.

LEVEL 1 reaping: This is the entry point for most carders, it includes such
things

as ordering pizza, movie tickets, and small purchases below $50. This is
considered

very easy reaping and you will usually just require the CVV details, along
with the

full billing address of the CVV.

LEVEL 2 reaping: This would be intermediate reaping, and includes such

things as

reaping background reports, credit reports, or physical products with a value

below $200. For this you will require the same details as LEVEL 1 reaping.

However, it will vary depending on the website you are reaping. Different
websites

have different security measures in place to curb fraudulent transactions and

will

require specific strategies.

LEVEL 3 reaping: This is advanced reaping, and not recommended for

beginners.

Things that fall under this category are for example, high value physical
products

above $400 in value, and everything on high security websites such as

Amazon,
Newegg, TigerDirect, etc... All of these websites will require you to perform
an

ATO (Account-Take-Over) on the CVV holder’s account. This will require you to

have the CVV details, full billing address, along with the victim’s DOB, MMN,
SSN,

and background report. For this it is always good to get as much information
as

you can on the victim, as we will have to call the bank and perform changes
in the

holder’s account to take over. This will be explained in much detail further in
this

guide.

CVV LEVELS

As mentioned previously in this guide, different cards are used for different

purposes. You would never use a Signature Visa, with a credit access line of

$30,000 to card movie tickets or pizza. Below I will outline all the card levels
in

existence today. It is important to mention, that for high value purchases you

should ALWAYS look for CREDIT CARDS. Debit Cards are not good for making
these

high value purchases online. However, they could still have many uses such
as

purchasing background reports, credit reports, and all purchases below $200.

CLASSIC – Classic cards are recognized and accepted by a large number of

merchants all over the world, including the Internet. This card is usually used
by

students, young couples, or people trying to establish credit. The limits of

these

cards are usually around $1000.

GOLD – A premium card used by people around the world. With higher
spending

limits and greater purchasing power, the Visa Gold card is the choice of
consumers

who want more from their cards. Average limit of this type of card is $3000.

PLATINUM – Platinum is one of the best cards around. Average limit could be

around $8000.

BUSINESS – Very high limits, often around $15,000

CORPORATE – This is used by large corporations. The limits are usually

around

$15,000 as well.

SIGNATURE – The 2nd best card around. I’ve gotten many signature cards
with a

limit of $30,000.

PREMIER – Same as Signature. Limits are usually $30,000.

INFINITE – This is the absolutely best card around. However, it is incredibly

hard to

find. If you do manage to get your hands on one of these, you are very lucky.
There

are usually no limits to such cards.

It is important to note that all these numbers are subject to change

depending on

the subject’s credit score, history, and spending pattern.