View attachment 51158
Carding JomaShop (Luxury Watches) (Difficulty: 6/10)
Youre here because you want the
finer things in life but youre not about that "paying" part.
JomaShops got the bling and weve got the know-how to get it. This isnt your corner store hustle
JomaShops a
grey market playground where luxury watches flow. But dont get
cocky – theyve got security just not the kind that can stop a
determined bastard like you.
| NAME: | JomaShop |
| URL: | www.jomashop.com |
| PAYMENT SYSTEM: | Braintree |
| FRAUD SYSTEM: | Forter |
| PRODUCTS: | Luxury Watches |
| DIFFICULTY LEVEL: |  6/10 |
Disclaimer: The information provided in this writeup and all my writeups and guides are intended for educational purposes only. It is a study of how fraud operates and is not intended to promote endorse or facilitate any illegal activities. I cannot be held liable for any actions taken based on this material or any material posted by my account. Please use this information responsibly and do not engage in any criminal activities.
Why JomaShop?
So why are we targeting
JomaShop? These guys are the
black sheep of the luxury watch world selling
legitimate high-end timepieces in a way thats a bit unorthodox. They operate in a
shady gray market not exactly following the manufacturers rulebook. Its like theyre the rebellious cousin of the black market - all the bling but with a questionable approach.
View attachment 51151
And the watches? These bad boys can be
flipped for some serious cash. Were talking about a
potential payday thats no joke.
Now lets talk about their security or the lack thereof.
JomaShop uses
Braintree for payment processing and
Forter for fraud detection. Sounds
intimidating? Not really. Their setup has some vulnerabilities. And the best part?
No 3D Secure to mess things up. Its almost like theyre asking for it.
Recon
Before we go balls to the wall lets do some digging. Fire up your favorite network sniffer (
Burp Suite if youve got half a brain) and poke around
JomaShops site. Youll see theyre in bed with
Braintree for payments and
Forter for fraud prevention.
View attachment 51152
Forter...that name might ring a bell. These guys are usually a
royal pain in the ass. But on
JomaShop their fraud checks are like a
lazy security guard – they only show up
after your payments already cleared. Thats our goddamn
window of opportunity.
Forter
View attachment 51155
Heres how
Forters post-auth assesment works on
JomaShop:
- Astronomical Fraud Score: If Forter thinks youre a fraudster (and theyre right) your transaction will be dead.
- High Fraud Score: JomaShop will demand pics of the card and ID especially if youre ordering over two grand. Time to get creative with Photoshop or find a reliable fake ID guy.
- Medium Fraud Score: Forter flags you and JomaShop wants a little "chat" to verify things. Get ready to bullshit your way through a phone call using the cardholders info.
- Low Fraud Score: Forter gives you the green light your order ships and youre one step closer to that shiny new Patek Philippe.
Carding JomaShop
View attachment 51156
Heres the step-by-step on how to rob
JomaShop blind:
- Get Your Shit Together: Antidetect browser fresh-ass proxies and clean high-balance cards. This aint amateur hour.
- Hunt for Discounts: JomaShops always got some coupon code bullshit going on. Scour their site hit up those shady coupon sites – every dollar saved is a dollar earned. New customer codes are like gold dust to pack more $$$ on each of your order and it makes you a lot more legitimate in the eyes of the antifraud.
- Act Natural: Dont just grab the priciest watch and run. Browse around like you actually give a shit. Read descriptions add some crap to your wishlist – youre a sophisticated criminal act like it.
- Cart and Chill: Add your target to the cart but dont rush it. Let it sit there. Browse some more or go jerk off and come back later. Patience young grasshopper.
- Checkout Smooth Operator: Take your time filling out the forms. No copy-pasting you moron. And dont forget that sweet discount code (I forgot to use it here lol).View attachment 51160
- Payment Roulette: Use your squeaky-clean card. Remember Forters verdict comes after the payment so its a bit of a gamble every time.
View attachment 51161
- Confirmation and Shipping: Pray to whatever dark gods you believe in and watch your email like a hawk. If youre lucky youll get a tracking number.View attachment 51162
Advanced Tactics
Email Trick
*** Hidden text: cannot be quoted. ***
PayPal: Your Sneaky Backdoor
View attachment 51157
JomaShop accepts
PayPal and thats where our little
PayPal method comes into play:
- Load up your cart and head to checkout.
- Use the cardholders real addressas the shipping address.
- This is crucial – PayPal demands a legit address.
- Make sure it matches PayPals records for the card.
- Hit Pay with PayPal.
- PayPal sees a verified shipping address and relaxes.
- Their fraud detections basically taking a siesta.
- Authorization goes through without a hitch.
- After PayPals thumbs-up but BEFORE the final confirmation:
- JomaShop lets you "review" your order.
- Change the shipping address to your drop.
- PayPal wont even notice.
- Smash that Pay Now button.
- Transaction processes using PayPals pre-authorized token.
- JomaShop gets your updated shipping info.
- Package heads to your drop.
This works because
PayPal does its security check during the initial authorization.
JomaShop will happily process the order with the new shipping address and your stolen goods are practically in your hands.
Conclusion
Hitting
JomaShop is a
risky business but the payoff is huge. Their securitys got holes but their fraud detection can still
fuck you over. Play it smart and youll be swimming in luxury watches. Screw it up and youll be left with jack shit.
This aint a game for pussies. You need to be
sharp ruthless and willing to gamble. But if youve got the stones
JomaShop can be your personal ATM.
Now go out there and make some goddamn money. And if you get caught dont come crying to me.
d0ctrine out.
