Pablo
Member
Skrill & Neteller: Why Carders moved away from e-wallets? We analyze how AML laws, 3D Secure, and strict KYC killed e-wallet fraud and stopped carding.
Author: Anonymous
Category: cybersecurity
A decade ago, Skrill (formerly Moneybookers) and Neteller were the preferred tools for Carders (See: What is Carding?).
Why they were popular:
Specifically, the tightening of Anti-Money Laundering (AML) directives in Europe (where both companies are based) forced a radical change in their backend security.
Banks view these as extremely high risk.
Now, Skrill and Neteller utilize Predictive Fraud Scoring.
If a fraudster logs into Account A and Account B from the same laptop (or even the same browser configuration), both accounts are linked and banned for "Multi-Accounting."
A: No. You must verify your identity. This is a requirement by regulators like Europol to prevent money laundering.
Q: Why was my Skrill account restricted after one transaction?
A: You likely triggered a velocity filter. If you deposit funds and immediately try to withdraw them, it looks like "Layering" (a phase of money laundering).
Q: Are there "Non-VBV" cards that work on Skrill?
A: This is a myth. Even if a card doesn't have 3D Secure, Skrill's internal risk engine (similar to Stripe Radar) will reject it if the behavioral data doesn't match a human user.
References & Authorities:
Community Discussion:
Have you noticed the shift away from Skrill in recent years? What payment methods do you think legitimate freelancers prefer now that e-wallets have become so strict? Share your thoughts below.
Author: Anonymous
Category: cybersecurity
[ANALYSIS] Skrill & Neteller: Why Carders moved away from e-wallets
For a foundational understanding of the terminology used here, please consult our Carding Glossary & Slang Guide. For a broader overview of defense strategies, read our Carding Forum Defense & Ethical Research Guide.HISTORICAL RESEARCH
Skrill and Neteller were once the "Gold Standard" for underground money movement. In 2025, they are considered "High Risk" and "Low Reward" by fraudsters. This thread analyzes the specific security updates, legal frameworks, and technical barriers that forced the carding community to abandon these platforms. At Carding forum, we study these shifts to understand how financial systems successfully harden themselves against crime.
The Golden Era of E-Wallets (2010–2018)
To understand why they left, we must understand why they came.A decade ago, Skrill (formerly Moneybookers) and Neteller were the preferred tools for Carders (See: What is Carding?).
Why they were popular:
- Gambling Integration: These wallets were the primary payment method for offshore gambling sites. Fraudsters could load a stolen credit card, transfer the funds to a casino, "wash" the money by playing a few hands, and cash out.
- Lax Verification: In the early days, you could open an account with just an email address and move significant sums before triggering an ID check.
- Speed: Transfers were instant and irreversible.
The "Source of Funds" Update (The Death Blow)
The decline of e-wallet carding wasn't caused by a single bug fix; it was caused by global regulation.Specifically, the tightening of Anti-Money Laundering (AML) directives in Europe (where both companies are based) forced a radical change in their backend security.
1. The 3D Secure Wall
Loading funds into Skrill/Neteller is now coded as a "Cash Advance" or "Quasi-Cash" transaction (MCC 6012/6051).Banks view these as extremely high risk.
- The Barrier: 99% of banks now require 3D Secure (OTP) for these transactions.
- The Fail: As analyzed in our Stripe Radar Defense thread, automated carding tools cannot bypass the OTP sent to the victim's phone. If the fraudster cannot load the wallet, the method is dead.
- 2. Aggressive KYC Triggers
In the past, ID verification (Know Your Customer) happened after you reached a high limit (e.g., $2,500).Now, Skrill and Neteller utilize Predictive Fraud Scoring.
- The Trigger: If a user creates an account from a VPN IP (See: How Carding Works) and immediately tries to load a card from a different country, the account is frozen instantly.
- The Trap: The funds are locked inside the account. The only way to release them is to upload a Selfie holding a Government ID. Since the fraudster is using a fake identity, they cannot pass this check. The money is lost.
- 3. Device Fingerprinting
Just like Twitter/X Botnets are tracked by their scripts, Skrill tracks device hardware.If a fraudster logs into Account A and Account B from the same laptop (or even the same browser configuration), both accounts are linked and banned for "Multi-Accounting."
Table: Old School Carding vs. Modern Security
| Feature | The "Golden Era" (2015) | The Modern Era (2025) |
| Card Loading | Success rate ~60% (Non-VBV cards). | Success rate < 2% (3DS Mandatory). |
| Account Creation | Email only. Fake names allowed. | Phone verification + Device Fingerprinting. |
| VPN Use | Allowed and common. | Detected as "Anonymizer" -> Instant Ban. |
| Cashout | Easy transfer to Crypto/Bank. | "Source of Funds" audit required for withdrawal. |
| Risk | Low (Account burn only). | High (Real identity often exposed via metadata). |
Where Did the Fraud Go?
When Skrill and Neteller became too secure, cybercriminals did not retire; they shifted vectors.- P2P Apps:
They moved to platforms designed for casual use, like Venmo and Cash App. These apps prioritize "frictionless" payments over security, creating the vulnerabilities we exposed in PayPal Friends & Family Scams. - Crypto Bridges:
Instead of using e-wallets as a middleman, modern fraudsters prefer direct-to-crypto purchasing, although this has its own risks as detailed in Why Carding is Illegal & Risky. - Account Takeover (ATO):
Rather than creating new Skrill accounts (which is hard), they hack existing verified accounts. This aligns with the trend of credential stuffing attacks seen globally.
- P2P Apps:
Key Takeaways for Security
- Regulation Works: The implementation of strict AML laws effectively killed a massive sector of online fraud.
- Friction is Security: The annoyance of typing in an SMS code (3DS) is exactly what keeps your bank account safe from remote attackers.
- No "Anonymous" Wallet: If a service promises you a wallet without ID verification in 2025, it is likely a honey-pot or a scam itself.
- Legacy Methods Fail: Anyone selling a "Skrill Method" in 2025 is scamming you. They are selling a tutorial that hasn't worked in 5 years.
- FAQ: E-Wallet Security
Q: Can I still use Skrill/Neteller for gambling anonymously?A: No. You must verify your identity. This is a requirement by regulators like Europol to prevent money laundering.
Q: Why was my Skrill account restricted after one transaction?
A: You likely triggered a velocity filter. If you deposit funds and immediately try to withdraw them, it looks like "Layering" (a phase of money laundering).
Q: Are there "Non-VBV" cards that work on Skrill?
A: This is a myth. Even if a card doesn't have 3D Secure, Skrill's internal risk engine (similar to Stripe Radar) will reject it if the behavioral data doesn't match a human user.
References & Authorities:
- Europol - Money Laundering Trends
- PCI Security Standards - 3-D Secure
- Krebs on Security - The Scrap Value of a Hacked Account
- Infosecurity Magazine - KYC and AML Compliance
- FTC - Payment Apps and Scams
Community Discussion:Have you noticed the shift away from Skrill in recent years? What payment methods do you think legitimate freelancers prefer now that e-wallets have become so strict? Share your thoughts below.