Knowledge Center

Get smart about your money and finances with our banking tools and resources.

Get smart about your money and finances with our banking tools and resources.

What Is Carding?

What Is Carding?

While online shopping offers convenience, it also exposes you to the risk of carding fraud.

Carding involves the fraudulent use of stolen credit cards to purchase gift cards. Carders fraudulently use stolen credit card information to buy gift cards, which they redeem for cash and other items.

Methods and Techniques

Scammers employ various techniques to obtain your credit card information. Here are some methods scammers use in carding attacks:

Buying credit card details on carding forums. Carding forums, accessed through the dark web, serve as illegal platforms where scammers actively trade stolen sensitive and financial information. These forums facilitate the buying and selling of credit card numbers and passwords for accounts on platforms like PayPal and Stripe.

Phishing by impersonating bank officials or relatives. Phishers attempt to obtain your credit card details by impersonating a bank official or relative in what is known as a phishing attack. They attempt to communicate with you through various means, such as:

  • Scam emails
  • Phone calls
  • SMS or smishing
  • Direct messages through social media
  • Direct mail
  • Fake websites

Scammers commonly pose as authoritative figures such as bankers, lawyers, or even relatives, coercing individuals into divulging their credit card details or clicking suspicious links. Once they obtain this financial information, they exploit it for various fraudulent activities, such as carding and other schemes.

Tricking you into installing malware to steal your information. Fraudsters initiate malware attacks by deceiving individuals into installing malicious software on their computers, phones, or tablets. Once installed, the malware operates discreetly in the background, secretly extracting financial details without the user's awareness.

Keyword-stroke programs, which are malicious software, actively record every keystroke on your device.

Shimming and skimming of your credit card. Scammers perpetrate financial crimes by attaching small devices to credit card readers, a technique known as credit card shimming and skimming. These devices actively steal your credit card numbers during card swiping or insertion.

Hacking a website's payment system. Scammers launch cyber attacks by hacking into a website's payment system to steal credit card details from purchasers.

Risks and Consequences

Scammers who obtain access to your credit card details utilize a technique known as carding to buy prepaid gift cards. These gift and prepaid cards offer untraceable transactions. Consequently, once the scammer finalizes the purchase, they can use the gift cards to procure goods or trade them for cash.

Prevention and Mitigation

To effectively defend against financial crimes such as carding, prioritizing prevention is crucial. Follow these practices to safeguard your credit card account:

  • Save your bank's contact information. Save your bank's email address and contact details, and add them to your safe list with your email provider. This proactive step will enable you to swiftly verify the contact details whenever you receive official communication from the bank.
  • Regularly check bank statements and credit card details. Check your bank statements and credit reports from the bank to stay informed about your finances. Look for warning signs of identity theft, like suspicious bank charges and account details you don't recognize.
  • Use antivirus and phishing protection software. Carders may deceive you into downloading malicious software to gain access to your financial information. Protect your financial information by installing high-quality antivirus software.
  • Keep your device software updated. To prevent malware installation, ensure you regularly update your device software.
  • Sign up for identity theft protection. A reputable company's identity theft protection software actively monitors your sensitive financial and personal information, detecting potential signs of identity fraud.

E-commerce Sites' Measures

E-commerce websites actively enhance cybersecurity measures to prevent scammers from exploiting sensitive financial information. They are implementing practices such as:

  • Authorization: A practice where merchants temporarily hold off on using your card while they verify your card details.
  • CAPTCHA: A security test designed to distinguish between humans and bots;
  • Address Verification System (AVS): A fraud protection mechanism that verifies whether your billing address matches the one stored in the card issuer's system;
  • Card Verification Value (CVV): A three or four-digit number located on the signature strip on the back of your credit card, used to confirm physical possession of the card;
  • Multi-Factor Authentication (MFA): An extra layer of security, often involving merchants sending a unique code via text message that you must enter before using the card;
  • Velocity Checks: Merchants frequently conduct velocity checks to identify the number of transactions executed on a card within a specific timeframe. If unusual purchasing patterns are detected, merchants may decline the transactions;
  • Payer Authentication System: An online retailer or card provider may contact you to verify a transaction.


As online shopping gains popularity, scammers are more active, using tactics like carding to deceive people. Protecting your credit card details is crucial to avoid falling victim to these schemes in the future.

American National Bank of Texas does not provide, and is not responsible for, the product, service, or overall website content available on this website. American National Bank of Texas’s privacy policies do not apply to this website and a viewer should consult the Terms of Use on this website for further information.