Carding is the theft of credit and debit card information for fraudulent purposes. Hackers will typically steal credit card numbers, expiration dates, and card security codes (CSC / CVV numbers) and either sell the information on to other criminals or use it to make fraudulent purchases and chargebacks.
Terms related to Carding: Credit card fraud, debit card fraud, data theft, identity theft, social engineering. phishing
Carding impacts both consumers and merchants. Consumers get unexpected charges against their debit or credit cards and merchants lose inventory to fraudulent sales. Merchants will also have to deal with chargebacks and refunds, which further eats into their revenue.
In most cases, carding doesn’t involve a criminal getting a physical copy of the credit or debit card. Instead, they get the important card numbers — the 16 digit main number, the expiration date, and the three or four digit security code (CSC / CVV number) that’s typically on the signature strip. They can get these details through various means:
Some criminals will also purchase large amounts of cardholder information on the deep web black market.
There are several ways for consumers to protect themselves from carding: