So, guys, today I learnt about BIN (Bank Identification Number) hacks on services like Spotify, Netflix, etc.
The info is easily available out there (especially on YT).
For example, this video shows how to have a 1-month subscription on Netflix by using Paypal along with a BIN hack.
cBGncN70ZYk
What it makes you do is this:
>Download BIN info. You'll have a file like this (https://pastebin.com/raw/9vzTj4S6) for Netflix or like this (https://pastebin.com/raw/R2KFfz9Z) for Spotify.
>Create a VPN connection tied to a specific country
>Go to https://cc.namsopro.com/ and generate CC details by using the BIN info contained in the downloaded file
>Create a Paypal account using the info contained in the BIN file (Address, City, State, Postal Code, Telephone, location-based IP address to use) and the generated credit card info from that website.
>Now that you have a Paypal account, proceed to create a Netflix account.
>Choose your Netflix plan and pay with Paypal.
>Done. You now have your Netflix Premium account with the plan you chose.
Now, I'd like to understand how it works under the hood. :)
What I can't understand is:
>What's the purpose of this site https://cc.namsopro.com/? If you put, for example, the details of a specific credit card you can see (http://imgur.com/a/OwzWP) it gives you a lot of CCVs. Which one is correct? If more than one are correct, how does this relate with a real credit card usage scenario?
>Where do they get the name and full address? Do they matter?
>When you use that a generated card details, is the money actually withdrawn from that card or not? (also, see the first point: from which card?
>Isn't the BIN supposed to be six digits long?
>>60087626
What is labeled a "checksum" is probably a self-check number. Self-check numbers are less computationally heavy and can be done mentally.
>>60088052
So it's all based on checksum?
Where do Spotify and Netflix get the money from, then? Don't they withdraw the money first and then validate the sub?
>>60087626
>let's commit CC fraud, a serious crime punishable with jail time, to get something you could easily get with bit torrents while only committing a misdemeanor at most and probably only a non-punishable offense.
>>60088202
Do you know what it means curiosity?
Do you think if I'd actually used this method, I'd be here describing it in detail and admitting it? LOL
Yhey can afford to provide you with digital goods as soon as you enter the details, since it costs them nothing and it provides great user experience for legit users.
Try to buy any physical item with fake cc info, see how well that turns out.
Let's go boys.