Carding 🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️
- Thread starter d0ctrine
- Start date
-
- Tags
- 3d secure avoidance adyen exploits aged account usage antidetect browser setup cardholder email trick carding guide chinese e-commerce weaknesses credit card fraud cybercrime techniques e-commerce hacking fashion site vulnerabilities fast fashion scams fraud prevention flaws high-volume site exploitation online shopping scams order limit bypassing proxy usage for fraud residential proxy carding riskified bypass shein fraud
Bless up
Carding Guide: Shein (Clothes, Lingerie, Everything)
Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.
View attachment 45755
Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.
Why Shein?
Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.
View attachment 45757
- Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
- The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.
But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.
To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.
This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.
Recon & Security Overview
Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.
But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.
This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.
But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.
Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.
Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.
View attachment 45758
So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.
Secret Method
*** Hidden text: cannot be quoted. ***
Requirements and Process
To hit Shein successfully, youll need:
- Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
- Clean residential proxies matching your cards country.
- A solid antidetect browser setup to bypass Riskified's fingerprinting.
- An aged Shein account (sourced from logs) or a highly trusted email for signup.
- The cardholders actual email address (for our bypass trick).
Process:
View attachment 45759
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***
- Set up your environment (proxy, antidetect browser).
- If using an aged account, log in. Otherwise, create a new account using a trusted email.
- Browse the site naturally. Add and remove items from your cart.
- Build a cart with a mix of items, keeping the total under $200 for your first attempts.
- Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
- Enter shipping details carefully. Take your time, no copy-pasting.
- Submit the order.
- Immediately after order confirmation, change the email address on the account.
- If successful, wait at least 24 hours before attempting another order.
Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:
- Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
- Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
- Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
- Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.
Conclusion
Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.
Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.
The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.
As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.
Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
heygirlhey
Carding Novice
- Joined
- 03.04.24
- Messages
- 3
- Reaction score
- 0
- Points
- 1
Thank youuuuu
fentanylluver
Active Carder
- Joined
- 02.09.24
- Messages
- 30
- Reaction score
- 9
- Points
- 8
Yo
Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.
View attachment 45755
Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.
Why Shein?
Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.
View attachment 45757
- Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
- The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.
But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.
To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.
This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.
Recon & Security Overview
Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.
But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.
This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.
But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.
Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.
Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.
View attachment 45758
So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.
Secret Method
*** Hidden text: cannot be quoted. ***
Requirements and Process
To hit Shein successfully, youll need:
- Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
- Clean residential proxies matching your cards country.
- A solid antidetect browser setup to bypass Riskified's fingerprinting.
- An aged Shein account (sourced from logs) or a highly trusted email for signup.
- The cardholders actual email address (for our bypass trick).
Process:
View attachment 45759
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***
- Set up your environment (proxy, antidetect browser).
- If using an aged account, log in. Otherwise, create a new account using a trusted email.
- Browse the site naturally. Add and remove items from your cart.
- Build a cart with a mix of items, keeping the total under $200 for your first attempts.
- Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
- Enter shipping details carefully. Take your time, no copy-pasting.
- Submit the order.
- Immediately after order confirmation, change the email address on the account.
- If successful, wait at least 24 hours before attempting another order.
Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:
- Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
- Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
- Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
- Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.
Conclusion
Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.
Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.
The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.
As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.
Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.
View attachment 45755
Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.
Why Shein?
Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.
View attachment 45757
- Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
- The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.
But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.
To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.
This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.
Recon & Security Overview
Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.
But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.
This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.
But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.
Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.
Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.
View attachment 45758
So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.
Secret Method
*** Hidden text: cannot be quoted. ***
Requirements and Process
To hit Shein successfully, youll need:
- Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
- Clean residential proxies matching your cards country.
- A solid antidetect browser setup to bypass Riskified's fingerprinting.
- An aged Shein account (sourced from logs) or a highly trusted email for signup.
- The cardholders actual email address (for our bypass trick).
Process:
View attachment 45759
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***
- Set up your environment (proxy, antidetect browser).
- If using an aged account, log in. Otherwise, create a new account using a trusted email.
- Browse the site naturally. Add and remove items from your cart.
- Build a cart with a mix of items, keeping the total under $200 for your first attempts.
- Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
- Enter shipping details carefully. Take your time, no copy-pasting.
- Submit the order.
- Immediately after order confirmation, change the email address on the account.
- If successful, wait at least 24 hours before attempting another order.
Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:
- Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
- Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
- Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
- Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.
Conclusion
Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.
Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.
The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.
As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.
Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.
View attachment 45755
Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.
Why Shein?
Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.
View attachment 45757
- Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
- The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.
But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.
To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.
This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.
Recon & Security Overview
Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.
But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.
This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.
But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.
Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.
Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.
View attachment 45758
So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.
Secret Method
*** Hidden text: cannot be quoted. ***
Requirements and Process
To hit Shein successfully, youll need:
- Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
- Clean residential proxies matching your cards country.
- A solid antidetect browser setup to bypass Riskified's fingerprinting.
- An aged Shein account (sourced from logs) or a highly trusted email for signup.
- The cardholders actual email address (for our bypass trick).
Process:
View attachment 45759
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***
- Set up your environment (proxy, antidetect browser).
- If using an aged account, log in. Otherwise, create a new account using a trusted email.
- Browse the site naturally. Add and remove items from your cart.
- Build a cart with a mix of items, keeping the total under $200 for your first attempts.
- Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
- Enter shipping details carefully. Take your time, no copy-pasting.
- Submit the order.
- Immediately after order confirmation, change the email address on the account.
- If successful, wait at least 24 hours before attempting another order.
Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:
- Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
- Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
- Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
- Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.
Conclusion
Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.
Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.
The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.
As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.
Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
![Lincoln](https://pic-cc.com/data/avatars/m/78/78018.jpg?1725326756"){kind=avatar}
heygirlhey
Carding Novice
- Joined
- 03.04.24
- Messages
- 3
- Reaction score
- 0
- Points
- 1
yayyyyyyyyyyyyyyyyyyyyyyyyyy
teflondon24k
Basic
- Joined
- 12.10.20
- Messages
- 32
- Reaction score
- 2
- Points
- 8
good looks gang
unknownsalem1
Active Carder
- Joined
- 20.06.24
- Messages
- 61
- Reaction score
- 2
- Points
- 6
Thanks man
…
Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.
View attachment 45755
Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.
Why Shein?
Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.
View attachment 45757
- Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
- The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.
But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.
To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.
This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.
Recon & Security Overview
Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.
But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.
This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.
But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.
Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.
Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.
View attachment 45758
So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.
Secret Method
*** Hidden text: cannot be quoted. ***
Requirements and Process
To hit Shein successfully, youll need:
- Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
- Clean residential proxies matching your cards country.
- A solid antidetect browser setup to bypass Riskified's fingerprinting.
- An aged Shein account (sourced from logs) or a highly trusted email for signup.
- The cardholders actual email address (for our bypass trick).
Process:
View attachment 45759
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***
- Set up your environment (proxy, antidetect browser).
- If using an aged account, log in. Otherwise, create a new account using a trusted email.
- Browse the site naturally. Add and remove items from your cart.
- Build a cart with a mix of items, keeping the total under $200 for your first attempts.
- Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
- Enter shipping details carefully. Take your time, no copy-pasting.
- Submit the order.
- Immediately after order confirmation, change the email address on the account.
- If successful, wait at least 24 hours before attempting another order.
Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:
- Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
- Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
- Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
- Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.
Conclusion
Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.
Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.
The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.
As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.
Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
s
埃
Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.
View attachment 45755
Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.
Why Shein?
Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.
View attachment 45757
- Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
- The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.
But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.
To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.
This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.
Recon & Security Overview
Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.
But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.
This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.
But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.
Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.
Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.
View attachment 45758
So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.
Secret Method
*** Hidden text: cannot be quoted. ***
Requirements and Process
为了成功实现Shein,你需要:
- 非 VBV 卡未被Adyen列入黑名单。考虑到Adyen偶尔会弹出3DS窗口,这一点至关重要。
- 清理与您的卡国家相匹配的住宅代理。
- 一个可靠的反检测浏览器设置可以绕过Riskified 的指纹识别。
- 一个旧的 Shein 帐户(来源于日志)或一个用于注册的高度可信的电子邮件。
- 持卡人的实际电子邮件地址(用于我们的绕过技巧)。
过程:
View attachment 45759
有效的 Bins(如果您降低欺诈分数,BIN 并不重要,我只是将它们包括在这里,因为你们一直要求该死的 BIN):*** 隐藏文本:无法引用。***
- 设置您的环境(代理、反检测浏览器)。
- 如果使用老帐户,请登录。否则,请使用受信任的电子邮件创建新帐户。
- 自然地浏览网站。从购物车中添加和删除商品。
- 建立一个装有各种物品的购物车,首次尝试时将总金额保持在 200 美元以下。
- 继续结帐。使用持卡人的电子邮件地址。我们可以这样做,因为Shein在注册时不验证电子邮件,这给了我们一个重要的优势。
- 仔细输入送货详情。慢慢来,不要复制粘贴。
- 提交订单。
- 订单确认后立即更改账户上的电子邮件地址。
- 如果成功,请等待至少 24 小时再尝试下一个订单。
注意事项
View attachment 45760
虽然Shein可以成为一个巨大的摇钱树,但仍有一些问题需要注意:
- 订单限制:Shein有每日和每周订单限制。超过这些限制,你就自找麻烦了。
- 账户禁令: Riskified会迅速禁止可疑账户。不要重复使用已烧毁的账户或 IP。
- 延迟取消:有时订单在下单后几天就被取消。不要心存侥幸,直到包裹发货。
- 发货延迟:Shein以发货速度慢而闻名。这增加了在您转售商品之前发生退款的可能性。
结论
Shein为信用卡行业带来了独一无二的机会。其庞大的规模和多样化的产品范围使其成为一个有吸引力的目标,但不要低估其安全措施。要想在这里取得成功,需要在耐心、策略和适应性之间取得微妙的平衡。
请记住,我们在玩数字游戏。并非每次尝试都会成功,但只要方法正确,就会有足够多的漏洞让尝试变得值得。保持运营多样化,不要贪婪,并随时准备调整策略。
问题是,太多信用卡持有者在瞄准Shein时只关注BIN。这是新手常犯的错误。正如我在大多数指南中指出的那样,专注于BIN是限制你成功的一种万无一失的方法。真正的方法是了解商店背后的反欺诈系统和支付处理器。掌握这一点,你会发现任何BIN都可以发挥其魔力——只要卡是干净的并且余额充足。
与往常一样,本指南只是一个起点。电子商务欺诈的形势在不断发展,您的技术也应如此。保持知情,保持谨慎,也许您会将Shein变成您的个人摇钱树。
现在就行动起来,让那些中国快时尚巨头们为他们松懈的安全措施感到后悔吧。只是当你被廉价的涤纶淹没时,别来向我哭诉。祝你狩猎愉快,你这个堕落者。
Yungwhiteprick
Carding Novice
- Joined
- 25.09.24
- Messages
- 14
- Reaction score
- 3
- Points
- 3
solid info thanks
Nice
Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.
View attachment 45755
Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.
Why Shein?
Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.
View attachment 45757
- Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
- The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.
But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.
To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.
This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.
Recon & Security Overview
Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.
But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.
This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.
But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.
Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.
Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.
View attachment 45758
So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.
Secret Method
*** Hidden text: cannot be quoted. ***
Requirements and Process
To hit Shein successfully, youll need:
- Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
- Clean residential proxies matching your cards country.
- A solid antidetect browser setup to bypass Riskified's fingerprinting.
- An aged Shein account (sourced from logs) or a highly trusted email for signup.
- The cardholders actual email address (for our bypass trick).
Process:
View attachment 45759
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***
- Set up your environment (proxy, antidetect browser).
- If using an aged account, log in. Otherwise, create a new account using a trusted email.
- Browse the site naturally. Add and remove items from your cart.
- Build a cart with a mix of items, keeping the total under $200 for your first attempts.
- Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
- Enter shipping details carefully. Take your time, no copy-pasting.
- Submit the order.
- Immediately after order confirmation, change the email address on the account.
- If successful, wait at least 24 hours before attempting another order.
Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:
- Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
- Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
- Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
- Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.
Conclusion
Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.
Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.
The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.
As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.
Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
seems surefire
Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.
View attachment 45755
Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.
Why Shein?
Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.
View attachment 45757
- Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
- The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.
But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.
To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.
This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.
Recon & Security Overview
Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.
But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.
This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.
But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.
Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.
Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.
View attachment 45758
So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.
Secret Method
*** Hidden text: cannot be quoted. ***
Requirements and Process
To hit Shein successfully, youll need:
- Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
- Clean residential proxies matching your cards country.
- A solid antidetect browser setup to bypass Riskified's fingerprinting.
- An aged Shein account (sourced from logs) or a highly trusted email for signup.
- The cardholders actual email address (for our bypass trick).
Process:
View attachment 45759
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***
- Set up your environment (proxy, antidetect browser).
- If using an aged account, log in. Otherwise, create a new account using a trusted email.
- Browse the site naturally. Add and remove items from your cart.
- Build a cart with a mix of items, keeping the total under $200 for your first attempts.
- Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
- Enter shipping details carefully. Take your time, no copy-pasting.
- Submit the order.
- Immediately after order confirmation, change the email address on the account.
- If successful, wait at least 24 hours before attempting another order.
Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:
- Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
- Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
- Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
- Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.
Conclusion
Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.
Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.
The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.
As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.
Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.