Spot the signs of account creation fraud and suspicious recurring user logins
Stopping fraudsters is possible by knowing how to spot the signs of account creation fraud and subsequent suspicious login attempts.
Marc FesslerSenior Sales Engineer
6 June 2023
6 min read
Account creation fraud is just one method of many that fraudsters will attempt to utilise to fool anti-fraud systems - it is often used if a fraudster has already obtained stolen details with the aim of registering new online accounts. Using fake details or synthetic IDs (a mix of real and fake details) is also possible but can prove difficult to fool anti-fraud - it is difficult but certainly not impossible.
On the other hand, account takeover (ATO) fraud is one of the most common fraud types used to target online payment services, with fraudsters aiming to purchase high-value goods for later resale - this is, for most threat actors, the end goal. For more experienced fraudsters, however, the ATO phase may just be one part of a greater plan - to then use the details of the original account holder to create numerous other fake accounts in their name, or even using a mix of real and fake details. How a fraudster will proceed depends on their overall gameplan.
Fraudsters can get crafty in their approach and create accounts using a mix of identities to commit account creation fraud - sometimes completely bypassing ATO fraud.
Let’s look at the worst-case scenario: a fraudster posing as ‘John Smith from London’ has succeeded in jumping the 1st security hurdle and has created an online account, fooling an ineffective anti-fraud system at the registration stage - what next? Fraudulent activities can go unnoticed until it’s too late, meaning high-value goods have been purchased and resold. A crafty fraudster will know that to fool anti-fraud, they must behave as convincingly as possible to the persona of the person they are pretending to be - either real or fake. This will include:
Fraudsters can remain undetected indefinitely - either until anti-fraud systems pick up on suspicious signs, or an original bank account holder notices suspicious payments on their bank statement and they make requests for a chargeback - potentially leaving the original merchant out of pocket.
Reputation is critical - but it is earned, not simply given. In failing to spot and prevent account creation fraud, businesses may unwillingly build a reputation among fraudsters that they are a soft target. And where fraudsters know there is a golden opportunity awaiting, they will act. From a practical point of view, for a fraudster to try and outwit advanced fraud systems can be time-consuming and ultimately end in failure. The best option is to therefore focus attention on the weakest targets.
From our own darknet research, we have encountered online threads in cybercrime forums dedicated to specific eCommerce merchants with fraudsters sharing the tips, tricks and tools to be able to fool their anti-fraud systems successfully. If a target is particularly useful, fraudsters will even go to the effort of making tutorials with step-by-step guides (in the form of screenshots) showing exactly how they defrauded a target site - and crucially, how numerous further attempts can be made within the fraudster community. Fraudsters use such actions to build up their own credibility amongst fellow cybercriminals while showing off. In effect, your online service becomes not only a target of fraud, costing you financially, but also acts as a training ground for newbies and mid-level fraudsters.
It can be hard to recover from fraud, however, it is certainly not impossible. It can be harder still to recover from a tarnished reputation - but again, not impossible. The key to effective reputation management is not only to react to threats but to pre-empt them, understanding the fraud risks involved and implementing effective cybersecurity and anti-fraud measures from the word go. This could save you from becoming a fan favourite on darknet fraud forums.
When dealing with the security of any important government buildings or critically important large companies, security is never limited to just guarding the main entrance - this is usually one part of a larger security net - which can deal with threats that can perhaps get past the 1st level of security. The same applies to the security of online accounts, a holistic approach is necessary to prevent threat actors breaking your system. Ineffective anti-fraud systems may use what they claim to be the best tech to prevent fraudsters from committing fraud, however, their fraud rules may be trained to look for only a handful of specific threats.
The best approach is to deploy AI-powered fraud solutions that use: