Apr 21, 2019
Crossroads of Social, Digital & Physical Crime: Russian “Real” Carding
Background & Summary
“Real Carding” (“offline“) (Реал Кардинг) is a Russian-language term used to define payment card fraud in which cybercriminals make purchases on stolen cards using physical Points-of-Sale (PoS) devices or cash out cards directly via ATMs. This type of fraud is different from “online” or “stuff” carding in which purchases are made through e-commerce merchants. Because carders need to physically access the stores or approach ATMs, the method is associated with high risks and high revenues, which can not be matched by online carding schemes.
Where Online Crime Meets Reality
Physical threats are not the only risk they are facing, engaging in real-carding requires significant initial investments.
1. Purchasing Stolen “Dumps”: The dump is a piece of information stolen from a card magnetic stripe. This information is sold on underground shops or can be obtained through skimming devices.
Purchasing dumps is usually a risk itself. According to the majority of underground discussions observed in real-carding threads on various Russian-language carding forums, numerous dump sellers are scammers. They often sell cards which were already compromised and blocked, or which do not have any balance on them. Unlike online carding, where stolen card information is provided with data which can be used to check balances or card validity online, dumps can be only verified during the transaction itself usually via online checker services or during real-life transactions. Finding a good dump seller often is a result of a long-term trial and error process, which may involve significant financial losses.
2. Importance of Specific Dumps: Besides finding the “right” seller, it is crucial to find the right cards. All cards have a 3-digit code, marking their type, such as 101 and 201, for example. Knowing how to interpret these numbers and choose the right cards for the right purchases is very important.
First Digit:
- “1” International transactions permitted
- “2” International transactions permitted (card chip required)
- “5” Only domestic transactions
- “6” Only domestic transactions (card chip required)
- “7” Transactions permitted only with specific banks
Second Digit:
- “0” Standard Transaction Processing
- “2” Online verification from a PoS to the issues bank required
- “4” Online verification from a PoS to the issues bank required with the exception to specific banks
Third Digit:
- “0” No transaction limitations. PIN required
- “1” No transaction limitations
- “3” Only for ATMs, PIN required
- “4” Only for cashout
- “5” Only for non-cash purchases. PIN required
- “6” No limitations, but PIN may be required
Dumps of more popular series (i.e., no limitations) are, therefore, more expensive. For instance, 101 series will be more costly than a more common 201. This increases the price and the chance to run into scammers who claim that they have access to very demanded cards or even those with PINs.
3. Necessary Equipment for Real Carding: After purchasing dumps, cybercriminals put this stolen information on their own cards. This process requires purchased equipment.
4. Logistics of Real Carding: Risks related to physical exposure during a fraudulent purchase turned offline carding into a well-designed logistical network. These networks are almost always international.
- First, Russian-speaking cybercriminals follow an ethical code which prohibits to target cardholders in the Commonwealth of Independent States (CIS).
- Second, making purchases in a foreign country decreases risks of detection.
- Third, many cards have a so-called regional lock, when the card would not work in the region foreign to the cardholder.
Conclusion
Russian offline or real carding remains one of the crucial nodes of modern cybercrime connecting different criminal realms, dimensions, and geographies. High risks, high investments, and high rewards create a solid organizational culture resulting in sophisticated structures, international criminal networks, and high levels of professionalism and labor division.
