- Joined
- Feb 14, 2026
- Messages
- 9
- Thread Author
- #1
A technical breakdown of bypassing Amex fraud models, answering out-of-wallet questions, and cashing out Platinum bins for luxury goods.
You buy an Amex Platinum fullz package. You load up a basic proxy. You go to the
Saks Fifth Avenue website and try to buy a 4000 dollar Saint Laurent bag. The
gateway declines the transaction in half a second. Your vendor laughs at you and
denies the refund.
Amex operates entirely differently than standard Visa or Mastercard networks.
They act as both the issuer and the payment network. They own the entire data
pipeline. Their internal fraud engine sees exactly what device you use, how fast
you type, and whether your shipping address matches the property records of the
cardholder's immediate family.
I pull high-ticket luxury goods and first-class airline tickets using Platinum
bins every single week. The process requires flawless background research and
aggressive patience. I compiled this workflow after torching dozens of live
cards on basic mistakes. Copy the logic exactly.
The shadow limit on 3715 bins
Platinum cards have no pre-set spending limit. That marketing term confuses
rookies constantly.
The card absolutely has a limit. Amex uses a dynamic algorithm based on the
cardholder's 6-month rolling payment history. A guy who charges 80,000 dollars a
month to his business and pays it off immediately has a massive shadow limit. A
guy who barely clears his 500 dollar minimum payment will get declined for
a 1200 dollar hotel room.
You need to know the victim's approximate income. I only buy fullz packages that
include the credit report. If the victim has a mortgage on a 2 million dollar
house in Connecticut, the Platinum card will easily clear a 15,000 dollar swipe.
The SafeKey telemetry environment
Amex uses SafeKey instead of standard 3D Secure. It tracks 120 different
behavioral metrics before the transaction even hits the merchant gateway.
Start with Dolphin Anty. You build a profile that matches the victim's exact
demographic. Rich people in their 50s use iPads and MacBooks. They use Safari.
You configure your user-agent to match a high-end Apple device.
You need an ISP-level residential proxy. Datacenter IPs from AWS or DigitalOcean
trigger an instant SafeKey block.
I buy dedicated IP addresses from AT&T or Comcast. The IP location must sit
within 10 miles of the victim's billing zip code. Check the specific IP on
Fraud-Score. If the risk rating sits above 10 percent, you burn it and buy a new
one.
Cookies and the warm-up cycle
SafeKey checks your cookie history. A browser with zero history attempting to
buy a Rolex looks like a burned virtual machine.
You spend three days warming up the profile. You connect to the proxy and browse
the Wall Street Journal. You open tabs for Bloomberg and high-end car
dealerships. You build a cache of luxury-oriented advertising cookies.
On day two, you make a tiny, legitimate purchase. Buy a 12 dollar digital
subscription to a financial magazine. Let the charge post to the account.
Amex sees a normal consumer reading the news and paying for a minor service. The
trust score of your specific browser fingerprint goes up.
Defeating the out-of-wallet questions
Hitting a high-risk merchant almost always triggers a manual security challenge.
Amex throws an out-of-wallet questionnaire directly onto the checkout page.
They ask multiple-choice questions pulled directly from public records.
Which of the following addresses have you associated with in the past 10 years?
Which of these vehicles did you register in 2018?
What is the age of [Relative's Name]?
You buy a full LexisNexis or TruthFinder background report on your victim before
you ever touch the checkout page. Keep the report open on a separate monitor.
You have exactly 60 seconds to answer the questions. The timer counts down
silently in the background script. Taking 3 minutes to answer a question about
your own mother's maiden name results in a permanent account lock.
The travel portal cashout
The absolute easiest way to drain an Amex Platinum is through travel. The
algorithm heavily favors airline and hotel purchases.
You log into the Amex Travel portal. You book a first-class international flight
on Emirates or Delta.
The billing address remains untouched. The passenger name obviously changes to
whoever needs the ticket. Fraud engines routinely ignore passenger name
mismatches for high-tier travel cards. Wealthy cardholders constantly buy
flights for their assistants, spouses, and business partners.
I sell these flights on Telegram for 30 cents on the dollar. A guy pays me 3000
dollars in Monero. I book him a 10,000 dollar flight to Dubai. He gets his
ticket. I wash my hands of the entire operation.
Extracting Membership Rewards points
Sometimes you buy a dump and discover the victim has 800,000 Membership Rewards
points sitting unused.
You extract the points directly. You create a frequent flyer account with an
Amex transfer partner like Air Canada Aeroplan or British Airways. The airline
account name must match the Amex cardholder exactly.
You link the accounts inside the Amex portal. You transfer the entire point
balance into the airline account. The transfer usually clears instantly.
Once the points hit the airline account, you sell control of the airline login
to a broker. Brokers buy aged airline accounts loaded with miles all day long.
They handle the risk of actually issuing the tickets.
Physical drops and luxury goods
Shipping a 5000 dollar watch to an empty trap house guarantees a decline. The
shipping and billing address mismatch is the oldest red flag in the industry.
You use a customized drop network. I find residential homes for sale on Zillow
in the exact same state as the victim. The home needs to be vacant. You ship the
package to the vacant home using a slight variation of the victim's name.
You sit in a rented car down the street. You watch the UPS driver drop the box
on the porch. You walk up, grab the box, and drive away.
High-end merchants like Saks or Neiman Marcus sometimes use FedEx with direct
signature required. You pay a homeless guy 50 bucks to sit on the porch of the
vacant house with a fake ID. He signs for the box. He hands it to you around the
corner.
Handling the phone call
Amex frequently calls the phone number on file for massive purchases.
You intercept the communication before they can reach the real victim. You use a
VoIP service to spoof the victim's phone number. You call Amex customer service
first.
You navigate the automated menu. You tell the system you plan to travel and make
large purchases over the next 48 hours.
Sometimes you hit a human representative. The reps train specifically to catch
social engineering attempts. They listen for background noise. They listen for
hesitation.
I use a professional voice changer app on my iPad. I pitch my voice down to
sound like a 60-year-old executive. I act slightly annoyed. Rich people hate
talking to customer service. I demand they clear the fraud block immediately so
I can finish my holiday shopping.
They ask for the 4-digit security PIN. You pull it from your fullz data.
They ask for the last 4 digits of the victim's social security number. You read
it from the LexisNexis report.
The rep apologizes for the inconvenience and whitelists your specific merchant.
You hang up. You hit the checkout button. The transaction slides through
instantly.
The cooldown and the burn
You get one massive hit per card.
The guys who try to hit an Amex Platinum 6 times in one afternoon end up with a
dead card and a blown proxy. The algorithm catches velocity spikes immediately.
You buy the 8000 dollar Cartier bracelet. You get the confirmation email. You
log out. You completely delete the Dolphin Anty profile. You wipe the cookies.
You burn the IP address.
You never return to the scene of the crime. You never log back into the account
to check the tracking number. You track the package using the guest portal on
the FedEx website.
The physical hardware eventually gets fenced at a pawn shop or sold on a darknet
marketplace. The cryptocurrency goes straight to a cold wallet.
Stop treating Amex like a standard debit card. Put in the research hours. Build
the proxy environment properly. Read the background reports.
Drop your specific SafeKey error codes below. I check the board on Thursday
nights.
You buy an Amex Platinum fullz package. You load up a basic proxy. You go to the
Saks Fifth Avenue website and try to buy a 4000 dollar Saint Laurent bag. The
gateway declines the transaction in half a second. Your vendor laughs at you and
denies the refund.
Amex operates entirely differently than standard Visa or Mastercard networks.
They act as both the issuer and the payment network. They own the entire data
pipeline. Their internal fraud engine sees exactly what device you use, how fast
you type, and whether your shipping address matches the property records of the
cardholder's immediate family.
I pull high-ticket luxury goods and first-class airline tickets using Platinum
bins every single week. The process requires flawless background research and
aggressive patience. I compiled this workflow after torching dozens of live
cards on basic mistakes. Copy the logic exactly.
The shadow limit on 3715 bins
Platinum cards have no pre-set spending limit. That marketing term confuses
rookies constantly.
The card absolutely has a limit. Amex uses a dynamic algorithm based on the
cardholder's 6-month rolling payment history. A guy who charges 80,000 dollars a
month to his business and pays it off immediately has a massive shadow limit. A
guy who barely clears his 500 dollar minimum payment will get declined for
a 1200 dollar hotel room.
You need to know the victim's approximate income. I only buy fullz packages that
include the credit report. If the victim has a mortgage on a 2 million dollar
house in Connecticut, the Platinum card will easily clear a 15,000 dollar swipe.
The SafeKey telemetry environment
Amex uses SafeKey instead of standard 3D Secure. It tracks 120 different
behavioral metrics before the transaction even hits the merchant gateway.
Start with Dolphin Anty. You build a profile that matches the victim's exact
demographic. Rich people in their 50s use iPads and MacBooks. They use Safari.
You configure your user-agent to match a high-end Apple device.
You need an ISP-level residential proxy. Datacenter IPs from AWS or DigitalOcean
trigger an instant SafeKey block.
I buy dedicated IP addresses from AT&T or Comcast. The IP location must sit
within 10 miles of the victim's billing zip code. Check the specific IP on
Fraud-Score. If the risk rating sits above 10 percent, you burn it and buy a new
one.
Cookies and the warm-up cycle
SafeKey checks your cookie history. A browser with zero history attempting to
buy a Rolex looks like a burned virtual machine.
You spend three days warming up the profile. You connect to the proxy and browse
the Wall Street Journal. You open tabs for Bloomberg and high-end car
dealerships. You build a cache of luxury-oriented advertising cookies.
On day two, you make a tiny, legitimate purchase. Buy a 12 dollar digital
subscription to a financial magazine. Let the charge post to the account.
Amex sees a normal consumer reading the news and paying for a minor service. The
trust score of your specific browser fingerprint goes up.
Defeating the out-of-wallet questions
Hitting a high-risk merchant almost always triggers a manual security challenge.
Amex throws an out-of-wallet questionnaire directly onto the checkout page.
They ask multiple-choice questions pulled directly from public records.
Which of the following addresses have you associated with in the past 10 years?
Which of these vehicles did you register in 2018?
What is the age of [Relative's Name]?
You buy a full LexisNexis or TruthFinder background report on your victim before
you ever touch the checkout page. Keep the report open on a separate monitor.
You have exactly 60 seconds to answer the questions. The timer counts down
silently in the background script. Taking 3 minutes to answer a question about
your own mother's maiden name results in a permanent account lock.
The travel portal cashout
The absolute easiest way to drain an Amex Platinum is through travel. The
algorithm heavily favors airline and hotel purchases.
You log into the Amex Travel portal. You book a first-class international flight
on Emirates or Delta.
The billing address remains untouched. The passenger name obviously changes to
whoever needs the ticket. Fraud engines routinely ignore passenger name
mismatches for high-tier travel cards. Wealthy cardholders constantly buy
flights for their assistants, spouses, and business partners.
I sell these flights on Telegram for 30 cents on the dollar. A guy pays me 3000
dollars in Monero. I book him a 10,000 dollar flight to Dubai. He gets his
ticket. I wash my hands of the entire operation.
Extracting Membership Rewards points
Sometimes you buy a dump and discover the victim has 800,000 Membership Rewards
points sitting unused.
You extract the points directly. You create a frequent flyer account with an
Amex transfer partner like Air Canada Aeroplan or British Airways. The airline
account name must match the Amex cardholder exactly.
You link the accounts inside the Amex portal. You transfer the entire point
balance into the airline account. The transfer usually clears instantly.
Once the points hit the airline account, you sell control of the airline login
to a broker. Brokers buy aged airline accounts loaded with miles all day long.
They handle the risk of actually issuing the tickets.
Physical drops and luxury goods
Shipping a 5000 dollar watch to an empty trap house guarantees a decline. The
shipping and billing address mismatch is the oldest red flag in the industry.
You use a customized drop network. I find residential homes for sale on Zillow
in the exact same state as the victim. The home needs to be vacant. You ship the
package to the vacant home using a slight variation of the victim's name.
You sit in a rented car down the street. You watch the UPS driver drop the box
on the porch. You walk up, grab the box, and drive away.
High-end merchants like Saks or Neiman Marcus sometimes use FedEx with direct
signature required. You pay a homeless guy 50 bucks to sit on the porch of the
vacant house with a fake ID. He signs for the box. He hands it to you around the
corner.
Handling the phone call
Amex frequently calls the phone number on file for massive purchases.
You intercept the communication before they can reach the real victim. You use a
VoIP service to spoof the victim's phone number. You call Amex customer service
first.
You navigate the automated menu. You tell the system you plan to travel and make
large purchases over the next 48 hours.
Sometimes you hit a human representative. The reps train specifically to catch
social engineering attempts. They listen for background noise. They listen for
hesitation.
I use a professional voice changer app on my iPad. I pitch my voice down to
sound like a 60-year-old executive. I act slightly annoyed. Rich people hate
talking to customer service. I demand they clear the fraud block immediately so
I can finish my holiday shopping.
They ask for the 4-digit security PIN. You pull it from your fullz data.
They ask for the last 4 digits of the victim's social security number. You read
it from the LexisNexis report.
The rep apologizes for the inconvenience and whitelists your specific merchant.
You hang up. You hit the checkout button. The transaction slides through
instantly.
The cooldown and the burn
You get one massive hit per card.
The guys who try to hit an Amex Platinum 6 times in one afternoon end up with a
dead card and a blown proxy. The algorithm catches velocity spikes immediately.
You buy the 8000 dollar Cartier bracelet. You get the confirmation email. You
log out. You completely delete the Dolphin Anty profile. You wipe the cookies.
You burn the IP address.
You never return to the scene of the crime. You never log back into the account
to check the tracking number. You track the package using the guest portal on
the FedEx website.
The physical hardware eventually gets fenced at a pawn shop or sold on a darknet
marketplace. The cryptocurrency goes straight to a cold wallet.
Stop treating Amex like a standard debit card. Put in the research hours. Build
the proxy environment properly. Read the background reports.
Drop your specific SafeKey error codes below. I check the board on Thursday
nights.