Fake accounts have recently made headlines for maliciously influencing discourse on social media. However, bad actors also use fake accounts to commit financially-motivated attacks, including reward abuse on retail sites, money laundering via online banking, and even as a disguise for credential stuffing.
Shape Enterprise Defense sits in front of online account registration applications and can detect in real-time if an attacker tries to create fake accounts at scale using automated tools or via sophisticated manual techniques.
Key Challenges of Fake Accounts:
If an attacker plans on making more than 20 or 30 accounts, he will typically want to leverage automation to quickly input data into each field of the registration application.
The attacker runs the script, creating hundreds, or even thousands, of accounts in a short period of time. Depending on the purpose of the fake accounts, account creation successes and failures are recorded.
The monetization scheme depends on the type of site being targeted. For example, criminals use fake accounts on retail sites to launder money by buying and selling gift cards, which becomes difficult for authorities to trace.