CARDER.MARKET - CARDING FORUM FOR PROFESSIONAL CARDERS
NEW CARDING CHAT IN TELEGRAM

Carding Guide: Dick's Sporting Goods

Carder

Member
Time to take a stab at America’s largest sporting goods retailer. Dick’s Sporting Goods isn’t just another chain store — it’s a store for high-end athletic gear waiting to be used. But before you get too excited, let’s dive into what we’re dealing with.

Why Dick’s?

Yeah, laugh at the name — we were all kidding. But while you’re giggling like a 12-year-old, let me tell you why this particular retailer deserves your attention.

Dick’s is a haven for premium athletic gear — with products from the likes of Nike, Under Armour, and Adidas dominating the resale market. These aren’t clearance items — these are high-demand items that practically turn over themselves. Their same-day shipping options mean fast order fulfillment, and multiple shipping options keep you unpredictable.

The odds of success here are high, as long as you know what you’re doing. While Dick’s isn’t an amateur security company, they don’t bring the same amount of heat as electronics retailers. That means less competition from other carders who are too busy chasing PS5s and GPUs. The sports gear market is hot year-round — sneakerheads and fitness freaks never take a break.

And while their loss prevention team spends time filtering out childish dick jokes, you can be running complex operations right under their noses.

Intelligence

Launched Burp Suite, and what do we see? Dick’s runs its own e-commerce platform with serious backing. They’ve implemented Riskified to prevent fraud, and these bastards aren’t playing games — they’re collecting signals like they’re trying to contact alien life.

Riskified.png


Also, if Burp is too confusing for you, just use Ghostery for any large site and you can easily see what trackers are on their site. LINK.

Observed Activities.png


Tracker Diagram.png


Every mouse movement, every keystroke, every tab switch – Riskified tracks and logs it all. This is important information because it means we can’t just breeze through the checkout process like we do on other sites. I’ve seen so many sites, and Dick is probably at the top when it comes to the amount of data they collect.

sensor data.png


Here's what drives most laptop carders nuts: Alt-tabbing while entering card details. Think about it - when was the last time you saw an honest customer frantically switching windows while typing their card number? Never, because normal people either have their card physically in front of them or have it memorized.

But laptop carders, working with limited screen space, are constantly alt-tabbing between the card list and the checkout page. Dick's logs EVERY instance of alt-tabbing while entering card details. Want to know why your crap is being rejected? This might be why. Either memorize those numbers or paste them into the address bar ahead of time. Stop making it obvious you're juggling windows like a circus clown.

They use both Braintree and Adyen to process payments depending on your location and cart value. This dual gateway setup means we need to be extra careful with our approach, and your cards can't be burned on PayPal for Braintree and other Adyen stores for Adyen. And before you ask - no specific BIN magically guarantees success. I've seen the same BIN fail and succeed within hours. It's all about how you play the game.

Dick's Security Overview.png


Requirements
  • Fresh cards
  • Pure residential proxies that match your billing region
  • Reliable anti-detection browser settings
  • US Drops (preferably clean resident with zero fraud history with Braintree/Adyen and Riskified)
  • High-trust email accounts
  • iPhone + data connection (if possible)

Here's why the mobile setup works better: Dick's sees less sophisticated fraud attempts from mobile, especially iOS. If you're using an iPhone + data, choose a card with a payment zip code close to your actual location. This creates a more consistent profile for Riskified. Just make sure you clear your cookies (or do a full reset if you're using their app) between sessions. For a more in-depth look, read the iPhone guide.

The process

Here's how to do it right:

Dick's Process.png


1. Organic input:
  • Start by searching Google for your target product (e.g. "Nike Air Force 1 Dick's Sporting Goods")
  • Click on paid search results ads even better
  • This creates a legitimate referrer chain in your cookies.
  • Now your session looks like a real customer who found the product through search
  • Riskified sees this natural entry point and assigns lower risk scores
  • Pro tip: Search options like "best Nike Air Force 1 price" or "Nike AF1 near me" look even more organic

Google.png


Think about it - what looks more suspicious for fraud detection: directly entering dicks.com and going straight to the expensive items, or going through the product search like a regular customer would? This simple step puts you way ahead of lazy carders who don't bother to create proper session legitimacy.

2. Creating a Session:
  • Start with a clean browser profile
  • Give these older cookies at least 30-45 minutes
  • Browse the site like a real buyer does

3. Creating a basket:
  • Mix high and low value items
  • Keep initial orders under $800
  • Add/remove products naturally
  • Check out different categories

4. Placing an order:
  • Use guest checkout if you don't use logs
  • Enter data manually - no copying and pasting
  • Take your time entering your card details.
  • If you're using a PC, DO NOT alt-tab while entering your card details - Riskified logs this and it's a big red flag

Advanced Tactics

Let's address a few of the crazy myths floating around:

"What's the BIN at Dick's?"

If you're asking that question, you're already screwed. There is no magic BIN that guarantees success - anyone who tells you otherwise is either scamming you or doesn't know what they're talking about. Yes, some BINs work better for larger amounts, but success has more to do with your technique than the first six digits on your card. That being said, here's what I've personally used with great success: 519731, 539629, 488893.

While guest checkout works, having a stale account adds another layer of legitimacy to your transactions.

The beauty of stale accounts is that they help you bypass certain risk thresholds in Riskifieds' scoring system. A six-month-old account with previous orders looks a lot less suspicious than a new guest trying to punch in $600 worth of gear.

Also, if you want to test your chances before risking your cards and drops, check out the guide to penetrating and poisoning Antifraud systems using AI. It will show you how to probe and analyze Riskifieds decision-making mechanism without burning through resources. Smart fraudsters test their methods before they engage.

Final Thoughts

Dick's isn't the toughest target, but their implementation of Riskified means you can't just blitz through it. Success here depends on patience and precision. Set up your system correctly, take your time, and don't be greedy.

Remember: clean cards and proper OPSEC are important, but your behavior during the session matters just as much. One sloppy move and you'll screw up the entire operation.

Now get started and turn those sporting goods into cash.

(c) Telegram: d0ctrine
 
Back
Top