Know Carding or Carder what it is, Here's an accurate explanation -Carding is a common misuse of credit card data by Internet users who are not responsible for online shopping by illegally using someone else's credit card. How to do carding is quite easy to make this technique rife in 1999. A carding perpetrator (carder)does not need to steal another person's credit card to make transactions on the internet. For information, credit card transactions on the internet simply done by entering a credit card number and secret number which usually consists of 3 digits behind the card and the card expiration number. Some communities do carding on average by exploiting bug loop (error) on website onlineshop. Because inside the online shop there is information about credit card payments that can be taken and utilized. Example using Sql-Injection technique. Carders search the website with dork help and the website is analyzed. If there is a bug then there is a gap to get information from the web is related to the existence of credit card data payment results. To get there are some code that can automatically download information from the website. Usually the carders look in the "Order" directory. In the order directory there is usually an ID, credit card number, CVV, Address, Postcode, Identity. But it is not easy to find all this.
There is software that has been designed to search and break the website data. Of course the carder knows the application tersebut.aplikasi can be able to automatically search the data without us typing the manual code on the website. For that it will find easily the information.
How Hackers steal credit card data (carding)
Tips There are several ways used by hackers to steal credit cards, among others:
1. Package sniffer, this way is the fastest way to get any data. The concept works they simply use a program that can view or create logging files from data sent by e-commerce website (online sales) that they seek. Generally they target websites that are not equipped with security encryption or sites that do not have good security.
2. Create spyware, trojan, worm and similar programs that work like keylogger (keyboard logger, program record keyboard activity) and this program is spread by E-mail Spamming (put file in attachment), mirc (chat), messenger (yahoo , MSN), or certain sites with icons or lure that attract netter to download and open the file. This program will record all your computer activity into a file, and will send it to hacker email. Sometimes this program can be run directly if you go to the site created by hackers or porn sites.
3. Create a phishing site, a similar site or look the same as the original site. example in Indonesia when the site click bca (www.klikbca.com), have experienced the same thing. the site looks the same as klikbca but the address is made some different like www.clikbca.com, www.kikbca.com, etc., so if netter the wrong type, will stray to the site. Fortunately the person who created the site said he did not mean evil. Well if the hacker carding that made tuh site, get ready deh your credit card will be broken.
4. Break through the e-commerce site instantly and steal all the data of its customers. This way is rather difficult and it needs expert hackers or hackers who have experience to do so. In general they use the injection method (including scripts that can be run by the site / server) for sites that have a firewall. There are several ways of injection, among others, commonly used html injection and SQL injection. For sites that do not have security or firewall, get ready to be abused. There are several more ways that hackers do, but the above ways are the most common way hackers do for carding. Uncommon ways will be explained later on later .. all the actions you take are at risk, so Take your own risk
number Credit Card Number is very confidential and almost the same as our ATM PIN number. To prevent Carding we have to keep our credit card numbers secret. This is exacerbated by the fact that most credit card expiry dates in Indonesia are the end of the year, and this makes the carder enough to act by entering the card number and secret number only.
Avoid online transactions using wireless internet
Does not rule out the possibility that behind the internet connection via wireless there are other users who intend to maliciously spoofing the packet data scattered with the intention of obtaining various kinds of confidential data useful for him including your credit card data. With this reason should be online transactions on the internet do not use wireless, especially hot spots that are free.
After the transaction always delete your cookies
Make sure Computer is safe from the keylogger program
Keylogger is a program that records whatever we type in the computer. Usually keylogger used by a hacker (I prefer to call it a thief) to get a userid and password when someone is logged in the computer. In practice because everything typed by the user is recorded in the keylogger, this application can be used to record credit card numbers and other confidential data needed for carding. Because of this make sure there is no active keylogger program / similar program if we want to transact online.
Check for Data Periodically
Always make sure that your bank data is secure periodically. What I mean here is make sure there are no unreasonable transactions. Even if there is a shortage of 1 rupiah, do not be underestimated if there is no explanation from the bank. Imagine the income of a carder if managed to steal 1 rupiah of a billion people. Did not he get 1 Billion each month?
Slip Transaction Slip ATM transactions should always be destroyed when finished doing transactions at the ATM. It does not rule out that there is a certain pattern that a bank uses that opens the door for carders to find the data they need to make online transactions on your bank account.
Be Careful of Counterfeit Sites
Imagine the possibility of a fake site on the Internet? Imagine if there is another site similar to KlikBCA and many BCA customers are deceived into the site and make online transactions? Certainly the fake site admin will harvest the userid and password of BCA customers who can be used for the benefit of online transactions. Source: Masukangin.net