Oh, for sure. It's definitely not either/or. I've worked in fraud prevention software in the past and our clients would definitely see both.
I've been away from that world for a while but remember that more serious operations will separate the cashing out part (either money or goods) from their acquiring / validating operation because the former carries more risk.
There's also an interesting episode of the darknet diaries podcast (https://darknetdiaries.com/episode/85/) about card cloning which I found interesting.
Doing tiny transactions to validate cards is a thing. I've seen this happen, it's a known problem, and that at other times it's larger transactions does not make it go away.
I've been away from that world for a while but remember that more serious operations will separate the cashing out part (either money or goods) from their acquiring / validating operation because the former carries more risk.
There's also an interesting episode of the darknet diaries podcast (https://darknetdiaries.com/episode/85/) about card cloning which I found interesting.