lindapcherryHall

Carding Novice
Joined
18.09.24
Messages
2
Reaction score
0
Points
1

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
good shit
 

Diegodarh13

Carding Novice
Joined
24.05.24
Messages
17
Reaction score
0
Points
1

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

Para tener éxito en Shein , necesitarás:

  • Tarjetas que no sean VBV y que no estén en la lista negra de Adyen . Teniendo en cuenta que Adyen publica ocasionalmente mensajes emergentes de 3DS , esto es crucial.
  • Proxies residenciales limpios que coincidan con el país de sus tarjetas.
  • Una sólida configuración de navegador antidetección para evitar la toma de huellas digitales de Riskified .
  • Una cuenta Shein antigua (obtenida de registros) o un correo electrónico altamente confiable para registrarse.
  • La dirección de correo electrónico real del titular de la tarjeta (para nuestro truco de omisión).

Proceso:
View attachment 45759
  1. Configure su entorno ( proxy , navegador antidetección ).
  2. Si usa una cuenta antigua, inicie sesión. De lo contrario, cree una cuenta nueva usando un correo electrónico confiable.
  3. Navega por el sitio de forma natural. Agrega y elimina artículos de tu carrito.
  4. Crea un carrito con una combinación de artículos y mantén el total por debajo de $200 en tus primeros intentos.
  5. Proceda a realizar el pago. Utilice la dirección de correo electrónico del titular de la tarjeta . Podemos hacer esto porque Shein no valida el correo electrónico al registrarse, lo que nos da una ventaja importante.
  6. Introduce los datos de envío con cuidado. Tómate tu tiempo, no copies y pegues.
  7. Enviar el pedido.
  8. Inmediatamente después de la confirmación del pedido, cambie la dirección de correo electrónico en la cuenta.
  9. Si tiene éxito, espere al menos 24 horas antes de intentar realizar otro pedido.
Bins que funcionaron (BIN no importa si bajas tu puntaje de fraude, solo los incluyo aquí ya que ustedes siguen pidiendo malditos BIN): *** Texto oculto: no se puede citar. ***



Advertencias
View attachment 45760
Si bien Shein puede ser una gran fuente de ingresos, hay algunos problemas a tener en cuenta:

  • Límites de pedidos : Shein tiene límites de pedidos diarios y semanales. Si los superas, tendrás problemas.
  • Prohibiciones de cuentas : prohíben rápidamente las cuentas sospechosas según lo decida Riskified . No reutilice cuentas o direcciones IP quemadas.
  • Cancelaciones retrasadas : a veces, los pedidos se cancelan días después de realizarse. No cuente sus gastos hasta que se envíe el paquete.
  • Retrasos en los envíos : Shein es conocida por sus envíos lentos. Esto aumenta el margen de tiempo para que se produzcan devoluciones de cargos antes de que puedas devolver los productos.


Conclusión

Shein presenta una oportunidad única en el mundo de las tarjetas. Su enorme volumen y su diversa gama de productos la convierten en un objetivo atractivo, pero no subestime sus medidas de seguridad. El éxito en este ámbito requiere un delicado equilibrio entre paciencia, estrategia y adaptabilidad.

Recuerde que estamos jugando con números. No todos los intentos tendrán éxito, pero con el enfoque adecuado, se filtrarán suficientes para que valga la pena. Mantenga sus operaciones diversas, no sea codicioso y esté siempre listo para adaptar sus tácticas.

El problema es que muchos carders tienen una visión de túnel sobre los BIN cuando apuntan a Shein . Eso es un error de novato . Como he señalado en la mayoría de mis guías, obsesionarse con los BIN es una forma segura de limitar su éxito. El verdadero enfoque es comprender el sistema antifraude y el procesador de pagos detrás de la tienda. Domine eso y descubrirá que cualquier BIN puede hacer su magia, siempre que la tarjeta esté limpia y tenga un saldo decente.

Como siempre, esta guía es solo un punto de partida. El panorama del fraude en el comercio electrónico está en constante evolución, y tus técnicas también deberían evolucionar. Mantente informado, sé cauteloso y tal vez conviertas a Shein en tu gallina de los huevos de oro.

Ahora salgan y hagan que esos magnates chinos de la moda rápida se arrepientan de su falta de seguridad. Pero no vengan a llorar conmigo cuando se estén ahogando en poliéster barato. Feliz cacería, degenerados .
Thanks
 

Diegodarh13

Carding Novice
Joined
24.05.24
Messages
17
Reaction score
0
Points
1

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
Thanks
 

adriansad:(

Basic
Joined
19.09.24
Messages
1
Reaction score
0
Points
1

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
nice
 

wakawakashaka

Carding Novice
Joined
20.08.24
Messages
10
Reaction score
0
Points
1

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
thanks g
 

dudux

Carding Novice
Joined
26.10.23
Messages
5
Reaction score
3
Points
3

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein apresenta uma oportunidade única no mundo do carding. É volume maciço e gama de produtos diversificada torná-lo um alvo atraente, mas não subestime suas medidas de segurança. O sucesso aqui requer um delicado equilíbrio de paciência, estratégia e adaptabilidade.

Lembrem-se, estavam a explorar um jogo de números. Nem todas as tentativas terão sucesso, mas com a abordagem correta, o suficiente passará para valer a pena. Mantenha suas operações diversas, não obtenha gananciosoe esteja sempre pronto para adaptar suas táticas.

O problema é que muitos carders têm visão de túnel BINs quando segmentando Shein. Isso é um erro de novato. Como eu apontei na maioria dos meus guias, fixando-se em BINs é uma maneira infalível de limitar seu sucesso. A verdadeira abordagem é entender o sistema antifraude e processador de pagamento atrás da loja. Domine isso, e você descobrirá que qualquer BIN pode trabalhar a sua magia - desde que o cartão é limpo e tem um equilíbrio decente.

Como sempre, este guia é apenas um ponto de partida. O cenário da fraude de comércio eletrônico está em constante evolução, assim como suas técnicas. Mantenha-se informado, mantenha-se cauteloso e talvez você se vire Shein na sua vaca de dinheiro pessoal.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
Nice
 

saintpyo

Active Carder
Joined
16.09.24
Messages
35
Reaction score
3
Points
8
Thanks

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
 

Worldbosss

Basic
Joined
06.12.20
Messages
57
Reaction score
17
Points
8

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
nice
 

hotmk

Basic
Joined
29.01.22
Messages
97
Reaction score
54
Points
18

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
great
 

SpritezBiC

Active Carder
Joined
31.12.23
Messages
27
Reaction score
2
Points
3

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
Amazing
 
Top Bottom