Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Stealing Credit Card No's from the Yahoo Server

190 views
Skip to first unread message

perlshine

unread,
Aug 29, 2004, 3:34:14 PM8/29/04
to
Hello Friends,
Yesterday I discovered a serious flaw in the working of the yahoo mail
server.
I have decided to make this information public so that you may test it
and make
yahoo realise of the sevirity of the problem.
Using the following method anyone can get the credit card info of any
user who
has given his cc info to yahoo in the past 72 hrs, coz the server
saves it for
72 hrs. Here's how it's done:

Send an Email to confuse a yahoo server mailprog, so that it will
return to
YOUR EMAIL (if it's a yahoo email, and it takes 3 mins to create a
yahoo email account)
with complete information of people's credit card information stored
in the server in
the last 72 hours. This is how you'll get people's VALID credit card
information.
Now you have to do exactly the same as follows:

Send an Email to serverm...@yahoo.com

With the subject: accntopp-cc-E52488 (To confuse the server)

In the email body, write:

boundary="0-86226711-106343" (This is line 1)

Content-Type: text/plain; (This is line 3)
charset=us-ascii (This is line 4, to make the return email readable)

credit card number (This is line 7, has to be LOWER CASE letters)
000000000000000
(This is line 8, put a zero under each character, number, letter,
hyphen, etc)

name on credit card (This is line 11, has to be LOWER CASE letters)
0000000000000000
(This is line 12, put a zero under each character, number, letter,
hyphen, etc)

cid/cvv2 number (This is line 15, has to be LOWER CASE letters)
0000000000000
(This is line 16, put a zero under each character, number, letter,
hyphen, etc)

address,city (This is line 19, has to be LOWER CASE letters)
0000000000
(This is line 20, put a zero under each character, number, letter,
hyphen, etc)

state,country,p.o. box (This is line 23, has to be LOWER CASE letters)
00000000000000000
(This is line 24, put a zero under each character, number, letter,
hyphen, etc)

type of card (This is line 27, has to be LOWER CASE letters)
0000000000
(This is line 28, put a zero under each character, number, letter,
hyphen, etc)

expiration date (This is line 31, has to be LOWER CASE letters)
0000000000000
(This is line 32, put a zero under each character, number, letter,
hyphen, etc)

252ads< m > (This is line 35)
Return-Path: < Your Email Here > (This is line 37, type in your email
between < >) s_

You have to make sure you do EXACTLY as what is said above and the
credit card
info above the 0000's are absolutely CORRECT/VALID. Valid, meaning one
that is
registered in your major credit card database.

For those who like to play it safe, thinking this is too good to be
true.
Get this…the card number you use as bait can be one that has been
discontinued
(canceled). However, it cannot be expired and the card information
must be correct.
If it is expired and the information incorrect, you will simply get
back
" No data retrieved" as a reply. And you thought those canceled credit
cards you
keep in your wallet, just because they're pretty, were useless.


Here's a sample email: (CAUTION! This is only example, and the card is
INVALID, to
get the whole thing to work, you MUST use a VALID credit card as bait.

Send to: serverm...@yahoo.com

Subject: accntopp-cc-E52488

Email body:

boundary="0-86226711-106343"

Content-Type: text/plain; charset=us-ascii

4013993145565451
0000000000000000

jesse d banks
00000000000

523
000

2537 stillwell rd.,des moines
00000000000000000000000

la,usa,50567
0000000000

visa
0000

03/2004
0000000

252ads< m >

Return-Path

Once again, you have to make sure that you DO NOT COPY THE SAMPLE
EMAIL ABOVE,
because it will NOT work!!! Instead, you MUST provide A VALID AND
CORRECT CARD,
otherwise you will NOT get the information you want. Get the bait card
number from
anywhere, AS LONG AS IT'S VALID!!!

This may take a few minutes but it REALLY WORKS!!! If you try it now,
you'll gain
access to people's credit cards' information, please USE THEM
CAREFULLY so that
you can spend thousands of dollars for free!! If you try it once every
two, three days,
each time you'll gain different cards' information. I've got
information about 11 cards
in just 1 day.
Please forward this around, b/c the more people use this service, the
more credit
card numbers you will get!!!

Jason LaRue

unread,
Aug 29, 2004, 8:12:41 PM8/29/04
to
perlsh...@yahoo.com (perlshine) wrote in
news:f82229ae.04082...@posting.google.com:

> I've got
> information about 11 cards
> in just 1 day.
>

Right. I'll be sure to send it along, then.

Sid

unread,
Sep 7, 2004, 8:10:08 AM9/7/04
to
Instead, you MUST provide A VALID AND
> CORRECT CARD,
> otherwise you will NOT get the information you want. Get the bait card
> number from
> anywhere, AS LONG AS IT'S VALID!!!
>

LMFAO! The sad thing is people (quite a few) actually fall for this sort of thing.

Are these groups not moderated for these types of scams?

0 new messages