Nawzir

Basic
Joined
02.04.24
Messages
76
Reaction score
66
Points
18

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
lets see
 

Dracoo888

Carding Novice
Joined
22.10.24
Messages
13
Reaction score
2
Points
3

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
Broooo your actually the guy j been searchjng for to see the real shit of how this all works you really changed the game for me im getting way more knkwledgable now seriously !!
 

Dracoo888

Carding Novice
Joined
22.10.24
Messages
13
Reaction score
2
Points
3

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
 

heydrichß

Active Carder
Joined
04.11.24
Messages
53
Reaction score
14
Points
8

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
befor reading the post i say thanks , by the way 2024 shein got worst i used to card it easy a few years ago but now even with real logs an cc its refusing so i hope i finde somthing new thanks
 

heydrichß

Active Carder
Joined
04.11.24
Messages
53
Reaction score
14
Points
8
Just wanna stress it further: Shein has different fraud system with each location. In US they use Forter, in others Riskified.

« highly trusted email » is outlook still trusted?
I’m trying to statistically compare
Because we recently find a higher success rate by using custom domains
outlook if geting flaged even aged account specialy this year i used the get hundreds every month from shein but this year its almost imposible in spain
 

rapidin1

Active Carder
Joined
30.10.24
Messages
35
Reaction score
1
Points
8

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
good information you are the greatest
 

juangr0001

Carding Novice
Joined
06.11.24
Messages
12
Reaction score
5
Points
3

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
god
 

bossinmycity

Basic
Joined
16.12.21
Messages
35
Reaction score
30
Points
18

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
Ty
 

thejizzler23

Carding Novice
Joined
05.11.24
Messages
10
Reaction score
3
Points
1
seems surefire


🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
Ty
 

Oscarszn

Basic
Joined
08.08.21
Messages
22
Reaction score
3
Points
3

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
You the 🐐
 

trapsisic7c

Carding Novice
Joined
06.11.24
Messages
21
Reaction score
3
Points
3

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
h
 

ngheoquadoioi

Carding Novice
Joined
12.10.24
Messages
9
Reaction score
3
Points
3
ngàyug

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

Điều này tạo ra một điểm ngọt ngào cho chúng ta. Nếu chúng ta chơi thông minh - sử dụng thẻ mới , luân phiên proxy và không quá tham lam - chúng ta có thể đưa các đơn hàng của mình vào giữa các đơn hàng hợp pháp. Các giao dịch gian lận của bạn biến mất trong lũ đó và trở nên gần như vô hình. Hệ thống có thể đánh dấu một số giao dịch chắc chắn. Nhưng với khối lượng giao dịch khổng lồ, một tỷ lệ phần trăm tốt sẽ vượt qua. Đó là một trò chơi về con số và tỷ lệ cược có lợi cho chúng ta.


Tổng quan về trinh sát và an ninh

Hãy cùng tìm hiểu các yêu cầu HTTP của Shein . Khởi động Burp Suite đáng tin cậy của chúng tôi (chúng tôi đã bỏ Caido - phần mềm rác đó trở nên quá chậm) chúng tôi bắt đầu lục lọi. Nhật ký IP cho thấy nhiều trường hợp lấy dấu vân tay , nhưng không có trường hợp nào trong số chúng ping ra bên ngoài. Thoạt nhìn, điều này có thể cho thấy tất cả các biện pháp phòng ngừa gian lận đều được thực hiện nội bộ, điều này có lý khi xét đến khối lượng đơn hàng khổng lồ của Shein .

Nhưng đừng quá phấn khích. Nếu bạn đã chú ý đến các hướng dẫn trước đây của chúng tôi, bạn biết rằng nhật ký HTTP chỉ kể một nửa câu chuyện. Sử dụng Google , chúng tôi đã nghiên cứu một số hệ thống chống gian lận phổ biến và danh sách khách hàng của họ. Lo and behold: Riskified tự hào khoe khoang là nhà cung cấp chống gian lận của Shein .

Điều này thay đổi trò chơi. Riskified không phải là một số phát hiện gian lận ngu ngốc - những kẻ khốn nạn này rất giỏi. Họ sử dụng máy học và dữ liệu từ nhiều thương gia để phát hiện ra các mẫu. Các thủ thuật thông thường của bạn có thể không hiệu quả ở đây.

Nhưng hãy nhớ rằng khối lượng của Shein vẫn là bạn của chúng ta. Riskified có thể thông minh, nhưng cũng giống như cố gắng phát hiện một tờ tiền giả trong một kho tiền khổng lồ. Số lượng lớn các giao dịch có nghĩa là một số sẽ lọt qua.

Vì họ cũng sử dụng Adyen , 3D Secure thỉnh thoảng bật lên nhưng không nhất quán. Họ sử dụng nó một cách có chọn lọc có lẽ dựa trên một số điểm rủi ro mà chính Adyen chạy.

Ngoài ra, và điều này rất quan trọng: hệ thống gian lận tại SHEIN khác nhau tùy theo quốc gia. Hãy xem cái này, tôi đã thử duyệt qua trang web của họ tại Hoa Kỳ và họ chạy FORTER .

View attachment 45758

Vì vậy, về cơ bản, bạn cần phải tự chọn thuốc độc của mình. Nếu bạn gặp rắc rối với Riskified, hãy thử xoay đến một vị trí khác của Shein và kiểm tra bất kỳ hệ thống gian lận nào mà họ áp dụng. Bạn không bao giờ biết được, có thể bạn sẽ gặp phải một nhánh chưa có hệ thống AI nào được triển khai.



Phương pháp bí mật
*** Văn bản ẩn: không thể trích dẫn. ***



Yêu cầu và Quy trình

Để thực hiện Shein thành công, bạn cần:

  • Các thẻ không phải VBV không bị Adyen đưa vào danh sách đen . Với các cửa sổ bật lên 3DS thỉnh thoảng của Adyen , điều này rất quan trọng.
  • Làm sạch proxy dân cư phù hợp với quốc gia thẻ của bạn.
  • Thiết lập trình duyệt chống phát hiện chắc chắn để vượt qua dấu vân tay của Riskified .
  • Một tài khoản Shein cũ (lấy từ nhật ký) hoặc một email đáng tin cậy để đăng ký.
  • Địa chỉ email thực tế của chủ thẻ ( dùng cho thủ thuật bỏ qua của chúng tôi).

Quá trình:
View attachment 45759
  1. Thiết lập môi trường của bạn ( proxy , trình duyệt chống phát hiện ).
  2. Nếu sử dụng tài khoản cũ, hãy đăng nhập. Nếu không, hãy tạo tài khoản mới bằng email đáng tin cậy.
  3. Duyệt trang web một cách tự nhiên. Thêm và xóa các mục khỏi giỏ hàng của bạn.
  4. Tạo một giỏ hàng với nhiều mặt hàng khác nhau, giữ tổng chi phí dưới 200 đô la cho lần thử đầu tiên.
  5. Tiến hành thanh toán. Sử dụng địa chỉ email của chủ thẻ . Chúng tôi có thể làm điều này vì Shein không xác thực email khi đăng ký, mang lại cho chúng tôi một lợi thế quan trọng.
  6. Nhập thông tin vận chuyển cẩn thận. Hãy dành thời gian, không sao chép-dán.
  7. Gửi đơn hàng.
  8. Ngay sau khi xác nhận đơn hàng, hãy thay đổi địa chỉ email trên tài khoản.
  9. Nếu thành công, hãy đợi ít nhất 24 giờ trước khi thử đặt hàng khác.
Các thùng rác hoạt động (BIN không quan trọng nếu bạn hạ thấp điểm gian lận, tôi chỉ đưa chúng vào đây vì các bạn cứ đòi BIN thôi):*** Văn bản ẩn: không thể trích dẫn. ***



Những lưu ý
View attachment 45760
Mặc dù Shein có thể là một nguồn tiền khổng lồ, nhưng vẫn có một số vấn đề cần lưu ý:

  • Giới hạn đơn hàng : Shein có giới hạn đơn hàng hàng ngày và hàng tuần. Vượt quá giới hạn này, bạn sẽ gặp rắc rối.
  • Cấm tài khoản : Họ nhanh chóng cấm các tài khoản đáng ngờ theo quyết định của Riskified . Không sử dụng lại các tài khoản hoặc IP đã bị đốt.
  • Hủy đơn hàng chậm trễ : Đôi khi đơn hàng bị hủy sau nhiều ngày đặt hàng. Đừng tính toán cho đến khi đơn hàng được chuyển đi.
  • Sự chậm trễ trong vận chuyển : Shein nổi tiếng là chậm giao hàng. Điều này làm tăng thời gian khiếu nại trước khi bạn có thể đổi trả hàng.


Phần kết luận

Shein mang đến một cơ hội độc đáo trong thế giới thẻ. Khối lượng lớnphạm vi sản phẩm đa dạng khiến nó trở thành mục tiêu hấp dẫn, nhưng đừng đánh giá thấp các biện pháp bảo mật của nó. Thành công ở đây đòi hỏi sự cân bằng tinh tế giữa tính kiên nhẫn, chiến lược và khả năng thích ứng.

Hãy nhớ rằng, chúng ta đang khai thác một trò chơi số. Không phải mọi nỗ lực đều thành công, nhưng với cách tiếp cận đúng đắn, sẽ có đủ số lượng để khiến nó trở nên đáng giá. Hãy đa dạng hóa các hoạt động của bạn, đừng tham lam và luôn sẵn sàng điều chỉnh chiến thuật của bạn.

Vấn đề là quá nhiều người chơi thẻ chỉ tập trung vào BIN khi nhắm mục tiêu vào Shein . Đó là một sai lầm của người mới vào nghề . Như tôi đã chỉ ra trong hầu hết các hướng dẫn của mình, việc tập trung vào BIN là một cách chắc chắn để hạn chế thành công của bạn. Cách tiếp cận thực sự là hiểu hệ thống chống gian lậnbộ xử lý thanh toán đằng sau cửa hàng. Nắm vững điều đó và bạn sẽ thấy rằng bất kỳ BIN nào cũng có thể phát huy tác dụng kỳ diệu của nó - miễn là thẻ sạch và có số dư hợp lý.

Như thường lệ, hướng dẫn này chỉ là điểm khởi đầu. Bối cảnh gian lận thương mại điện tử liên tục thay đổi, và các kỹ thuật của bạn cũng vậy. Hãy luôn cập nhật, luôn thận trọng và có thể bạn sẽ biến Shein thành con bò sữa của riêng mình.

Bây giờ hãy ra ngoài và khiến những ông trùm thời trang nhanh Trung Quốc hối hận về sự an toàn lỏng lẻo của họ. Đừng đến khóc với tôi khi bạn đang chìm trong polyester rẻ tiền. Chúc bạn săn bắn vui vẻ, những kẻ thoái hóa .
 

mindya.biz1

Carding Novice
Joined
06.07.24
Messages
9
Reaction score
4
Points
3
T

🛍️ Carding Guide: Shein (Clothes, Lingerie, Everything) 🛍️



Welcome back, you degenerates. Today were setting our scopes on Shein.com, the fast fashion behemoth thats been flooding the market with cheap clothes and even cheaper security. If youve been sleeping on this shit its time to wake the fuck up.
Shein's not just another fashion ecom site. These Chinese legends ship to over 150 countries with a product range wider than your moms ass. Were talking clothes, accessories and home goods - you name it, theyve got it. And guess what? Their security isn't too shabby.

View attachment 45755


Shein might be an easier target, but that doesnt mean you can half-ass this shit. Were gonna dive deep into their security setup, exploit their weaknesses, and walk away with more clothes than we can wear.
So grab your cards, fire up your proxies and lets turn this fast fashion empire into our girlfriends' (if you have one) personal wardrobe.



Why Shein?

Lets talk about why Shein's become a prime target for carders. This Chinese fast fashion giant isnt just pumping out cheap clothes - theyve inadvertently created the perfect site for our kind of work.

  • Look at their price points. Most Shein items cost less than $50. This sweet spot lets you card multiple times without triggering any high value purchase flags. You can rack up significant profit through volume without drawing too much attention.
  • The market for this shit is massive. From Instagram 'boutiques' to flea market vendors, theres no shortage of people willing to buy Shein gear at a markup. Quick flips mean fast profit and lower risk of chargebacks catching up to you.
View attachment 45757

Now lets talk security. Shein's actually invested in some decent fraud prevention. The Chinese arent complete idiots. Theyve got basic device fingerprinting, some IP checks, and theyll occasionally throw 3D Secure at you if something smells fishy.

But heres where it gets good - and where we can make our money. Shein's primary chokepoint is their absolutely massive order volume. Were talking millions of transactions daily across the globe. This tidal wave of orders forces them to make a critical tradeoffs.

To handle this insane volume, Shein has to process orders quickly. They cant afford to scrutinize every single transaction like smaller sites can. So theyve tuned their fraud detection to be more permissive. Theyre playing a numbers game: willing to let some fraudulent orders slip through to keep their overall operation running smoothly.

This creates a sweet spot for us. If we play it smart - using fresh cards, rotating proxies and not getting too greedy - we can slip our orders in among the legit ones. Your fraudulent purchases vanish into that flood and becomes practically invisible. The system might flag some sure. But with the sheer volume of transactions a good percentage will make it through. Its a numbers game and the odds are in our favor.


Recon & Security Overview

Lets dive into Shein's HTTP requests. Firing up our trusty Burp Suite (we ditched Caido - that piece of shit became too slow) we start poking around. The IP logs show multiple instances of fingerprinting, but none of them ping externally. At first glance this might suggest all fraud prevention is done inhouse which would make sense given Shein's massive order volume.

But dont get too excited. If youve been paying attention to our previous guides, you know that HTTP logs only tell half the story. Using Google, we did some research on popular antifraud systems and their client lists. Lo and behold: Riskified proudly boasts about being Shein's antifraud provider.

This changes the game. Riskified isnt some stupid fraud detection - these fuckers are good. They use machine learning and data from multiple merchants to spot patterns. Your typical tricks might not cut it here.

But remember that Shein's volume is still our friend. Riskified might be smart, but its like trying to spot a single counterfeit bill in a giant money warehouse. The sheer number of transactions means some will slip through.

Since they also use Adyen, 3D Secure pops up occasionally but its not consistent. Theyre using it selectively probably based on some risk scoring Adyen itself runs.

Also, and this is important: the fraud systems in place differ from country to country for SHEIN. Look at this one, I've tried browsing through their US site and they run FORTER.

View attachment 45758

So you need to essentially pick your own poison. If you're having troubles with Riskified whooping your ass, try rotating to a different location of Shein and check whichever fraud system they have in place. You never know, maybe you hit a branch that has no AI system implemented yet.



Secret Method
*** Hidden text: cannot be quoted. ***



Requirements and Process

To hit Shein successfully, youll need:

  • Non-VBV cards not blacklisted by Adyen. Given Adyen's occasional 3DS pop-ups, this is crucial.
  • Clean residential proxies matching your cards country.
  • A solid antidetect browser setup to bypass Riskified's fingerprinting.
  • An aged Shein account (sourced from logs) or a highly trusted email for signup.
  • The cardholders actual email address (for our bypass trick).

Process:
View attachment 45759
  1. Set up your environment (proxy, antidetect browser).
  2. If using an aged account, log in. Otherwise, create a new account using a trusted email.
  3. Browse the site naturally. Add and remove items from your cart.
  4. Build a cart with a mix of items, keeping the total under $200 for your first attempts.
  5. Proceed to checkout. Use the cardholders email address. We can do this because Shein doesnt validate email on signup, giving us an important advantage.
  6. Enter shipping details carefully. Take your time, no copy-pasting.
  7. Submit the order.
  8. Immediately after order confirmation, change the email address on the account.
  9. If successful, wait at least 24 hours before attempting another order.
Bins that workeds (BIN doesn't matter if you lower your fraud score, I just include them here since you guys keep asking for fucking BINs):*** Hidden text: cannot be quoted. ***



Caveats
View attachment 45760
While Shein can be a huge cash cow, there are some problems to watch out for:

  • Order Limits: Shein has daily and weekly order limits. Exceed these, and youre asking for trouble.
  • Account Bans: Theyre quick to ban suspicious accounts as decided by Riskified. Dont reuse burned accounts or IPs.
  • Delayed Cancellations: Sometimes orders get cancelled days after placement. Dont count your chickens until the package ships.
  • Shipping Delays: Shein's known for slow shipping. This increases the window for chargebacks to hit before you can flip the goods.


Conclusion

Shein presents a unique opportunity in the carding world. Its massive volume and diverse product range make it an attractive target, but dont underestimate its security measures. Success here requires a delicate balance of patience, strategy, and adaptability.

Remember, were exploiting a numbers game. Not every attempt will succeed, but with the right approach, enough will slip through to make it worthwhile. Keep your operations diverse, dont get greedy, and always be ready to adapt your tactics.

The problem is that too many carders get tunnel vision on BINs when targeting Shein. Thats a rookie mistake. As Ive pointed out in most of my guides, fixating on BINs is a surefire way to limit your success. The real approach is to understand the antifraud system and payment processor behind the store. Master that, and youll find that any BIN can work its magic - provided the card is clean and has a decent balance.

As always, this guide is just a starting point. The landscape of e-commerce fraud is constantly evolving, and so should your techniques. Stay informed, stay cautious, and maybe youll turn Shein into your personal cash cow.

Now get out there and make those Chinese fast fashion moguls regret their lax security. Just dont come crying to me when youre drowning in cheap polyester. Happy hunting, you degenerates.
Thanks Can’t wait to try
 
Top Bottom