CARDER.MARKET - CARDING FORUM FOR PROFESSIONAL CARDERS
NEW CARDING CHAT IN TELEGRAM

Carding Guide: JomaShop (Luxury Watches)

Carder

Member
JomaShop Carding Method (Difficulty: 6/10)

You're here because you want the finer things in life, but you don't want to "pay". JomaShop has the chic, and we have the know-how to get it. Not your corner store's hustle, JomaShop is a drab playground where luxury watches flow. But don't be overconfident - they do have security, just not the kind that can stop a determined carder like you.

A8OGWKr.png

NAME:JomaShop
URL:www.jomashop.com
PAYMENT SYSTEM:Braintree
ANTI-FRAUD SYSTEM:Forter
[TD]GOODS:Luxury watches
DIFFICULTY LEVEL:6/10

Why JomaShop?

So why did we choose JomaShop? These guys are the black sheep of the luxury watch world, selling legitimate, high-quality watches in a slightly unconventional way. They operate in the shady grey market, not quite following the manufacturer’s rules. They’re like the rebellious cousins of the black market – all the bling, but with a shady approach.

JomaShop.png


And the watch? These bad boys can be exchanged for serious cash. We’re talking potential paydays, no joke.

Now let’s talk about their security, or lack thereof. JomaShop uses Braintree for payment processing and Forter for fraud detection. Sound scary? Not really. There are some vulnerabilities in their setup. And the best part? No 3D Secure to screw things up. It’s almost like they asked for it.

Intelligence

Before we start kicking you in the nuts, let’s do a little digging. Fire up your favorite network sniffer (Burp Suite, if you have any brains) and poke around the JomaShops website. You’ll see that they’re in bed with Braintree for payments and Forter for fraud prevention.

Recon.png


Forter... that name might sound familiar. Normally these guys are a royal pain in the ass. But on JomaShop their fraud checks are like a lazy security guard - they only show up after your payments have already gone through. That's our damn window of opportunity.

Forter

Forter Risk Levels.png


Here's how Forters' post-authentication evaluation works on JomaShop:
  • Astronomical Fraud Score: If Forter thinks you are a fraudster (and they are right), your transaction will be cancelled.
  • High Fraud Score: JomaShop will ask for a photo of your card and ID, especially if you order over two grand. Time to get creative with Photoshop or find a reputable rendering service that makes fake IDs.
  • Medium Fraud Score: Forter flags you and JomaShop wants to "chat" a bit to verify your information. Be prepared to lie during the phone call using your cardholder information.
  • Low Fraud Score: Forter gives you the green light to ship your order and you're one step closer to a brand new Patek Philippe.

JomaShop carding process

JomaShop Process Flow.png


Step-by-step instructions on how to rob JomaShop:
  1. Prepare a set for the carding: Antidetect browser, fresh proxies and clean cards with a high balance.
  2. Bargain Hunting: JomaShops is always up to some coupon bullshit. Scour their site, check out those shady coupon sites - every dollar saved is a dollar earned. New customer codes are like gold dust that bring in more $$$ on every order you make, and it makes you look that much more legit in the eyes of antifraud.
  3. Act Naturally: Don't grab the most expensive watch and run. Look around like you really care. Read the descriptions, add a few items to your wishlist - you're a sophisticated carder, and so is the cardholder.
  4. Basket and Rest: Add your target to the basket, but don't rush it. Let it sit there. Browse some more, or rest and come back later. Patience, young grasshopper.
  5. Checkout: Take your time filling out the forms. No copying and pasting. And don't forget this sweet discount code.
    Checkout Smooth Operator.png
  6. Payment Roulette: Use a crystal clear card. Remember that the Forter verdict comes after payment, so it's a bit of a gamble every time.
    Payment Roulette.png
  7. Confirmation and shipping: Pray to whatever dark gods you believe in and watch your email like a hawk. If you're lucky, you'll get a tracking number.
    Confirmation and Shipping.png

Advanced Tactics

Email Trick:
JomaShops is so dumb that it lets you create an account with the cardholder's email address without verifying it. And Forter? It loves the cardholder's email.
  1. Create a JomaShop account using the cardholder's email address.
  2. Place your order with a new card and a clean proxy server.
  3. Spam the cardholder's inbox to bury the order confirmation email.

JomaShop also offers a guest order tracking link, so you don't even need an account. This can lower your fraud score, especially if the emails have some history with Forter-powered sites. But this is a one-time deal. If you get flagged as medium risk of revocation, you're screwed without email access. Unless you're brave enough to call them and pretend you mistyped your email address.

PayPal: Your Sneaky Backdoor

PayPal Checkout Bypass.png


JomaShop accepts payment via PayPal, and this is where our little PayPal method comes into play:
  1. Load your cart and proceed to checkout.
  2. Please use the cardholder's actual address as the shipping address.
    • This is very important - PayPal requires a valid address.
    • Please make sure the details match PayPal's records for this card.
  3. Click "Pay with PayPal".
    • PayPal sees a verified shipping address and calms down.
    • Their fraud detection departments are essentially on vacation.
    • Authorization goes without a hitch.
  4. After PayPal approval but BEFORE final confirmation:
    • JomaShop allows you to "preview" your order.
    • Change the shipping address to your shipping address.
    • PayPal won't even notice.
  5. Click the "Pay Now" button.
    • Transaction processes are performed using a pre-authorized PayPal token.
    • JomaShop receives updated shipping information.
    • The parcel is on its way to you.

This works because PayPal performs a security check during the initial authorization. JomaShop will happily process the order with the new shipping address, and your stolen goods are practically in your hands.

Conclusion

Attacking JomaShop is a risky business, but the payoff is huge. There are holes in their security systems, but their fraud detection system can still fool you. Play smart and you’ll be swimming in luxury watches. Screw up, and you’ll be left with nothing.

This is not a game for the faint of heart. You’ll need to be sharp, ruthless, and willing to take risks. But if you have patience, JomaShop can be your personal ATM.

Now go make some money. And if you get caught, don’t come crying to me.

Disclaimer: The information provided in this article, as well as all of my articles and guides, is for educational purposes only. It is an exploration of how scams work and is not intended to encourage or promote any illegal activity. I cannot be held responsible for any actions taken based on this material or any material posted by my account. Please use this information responsibly and do not engage in any criminal activity.

(c) Telegram: d0ctrine
 
Back
Top