DataDome

New Account Fraud Prevention: How to Stop Fake Account Creation

Table of contents
Account Takeover
Kira Lempereur, Sr. Technical Writer
21 Sep, 2025
|
min

New account fraud happens when criminals use stolen or fake identities to create new accounts on your platform. These fraudulent accounts cost businesses money, damage customer trust, and create operational headaches that drain your team’s resources.

This guide breaks down what new account fraud is, how criminals execute these attacks, and what proven strategies you can use to detect and prevent new account fraud. Whether you’re a financial platform, e-commerce site, or any service with user accounts, you’ll find practical steps to strengthen your defenses in this article.

Key takeaways

  • Attackers can create a fraudulent account every three seconds using automation, making manual detection impossible and requiring automated prevention systems.
  • Fake accounts damage more than your business’s revenue. They skew your analytics, waste team resources, and erode customer trust when real users encounter spam and fraudulent activity.
  • Real-time behavioral analysis and AI-powered fraud detection provide the most effective protection without frustrating legitimate users.

What is new account fraud?

New account fraud is when fraudsters create accounts using stolen personal information, synthetic identities (a mix of real and fake data), or completely fabricated credentials. These accounts look legitimate during registration but exist only to commit fraud.

The scale of this problem is massive. In the first half of 2025 alone, 748,555 cases of identity theft were reported to the Federal Trade Commission(1), putting 2025 on pace to be a record-breaking year. According to Javelin Research’s 2025 Identity Fraud Study, new account fraud resulted in $6.2 billion in losses in 2024, up from $5.3 billion in 2023(2).

Industries most affected by new account fraud

New account fraud hits hardest in industries where digital onboarding is standard and the value of accounts is high.

  • Banking and financial services: Banks face constant attacks because criminals need to legitimize illegal profits. Fraudsters open accounts to launder money, finance illicit activities, or commit credit fraud. Financial institutions must balance strict security with smooth customer experiences, making them prime targets.
  • E-commerce and retail: Online shopping platforms are targeted for promotional abuse and payment fraud. Criminals create multiple accounts to exploit welcome bonuses, abuse return policies, or make purchases with stolen credit cards. Subscription-based services also face threats as fraudsters enroll in free trials using stolen credentials without ever paying.
  • Social media and digital platforms: Facebook deleted 1.1 billion fake accounts in Q3 2024(3), highlighting the massive scale of fake account creation on social platforms. Criminals use these accounts to spread misinformation, conduct phishing attacks, and manipulate public opinion.
  • Gaming and entertainment: Digital gaming platforms face in-game currency fraud, compromised account sales, and phishing scams targeting other players. Fraudsters create accounts to exploit virtual economies and scam legitimate users.
  • Telecommunications: Telecom companies are targeted for valuable services like expensive mobile devices, international calling, and premium data plans. New account fraud causes direct revenue loss and increases fraud management costs.

How fraudsters create new accounts

Criminals use multiple techniques to bypass security measures and create fraudulent accounts at scale.

Identity theft

Fraudsters obtain real personal information through data breaches, phishing attacks, or dark web purchases. They use social security numbers, addresses, and birthdates of real people to open accounts. These stolen identities make detection harder because the information passes basic verification checks.

Synthetic identity fraud

This method combines real and fabricated information to create new, fictitious identities. A fraudster might use a real social security number with a fake name and address. These synthetic identities are particularly difficult to detect because they appear legitimate but don’t correspond to real people. Criminals often build credit histories with these identities before committing large-scale fraud.

Bot automation

Criminals use bots to automate the account opening process, studying application forms and automatically populating fields while sidestepping initial security protocols. With this technology, fraudsters can open hundreds of accounts in minutes. Premium bot services even include CAPTCHA solving and multi-platform support.

Money mule schemes

Criminals manipulate or convince victims to use their personal information to open bank accounts at different institutions. Once created, these accounts transfer illicit funds, with the victim often facing legal consequences. Money mule accounts enable the movement of illicit funds while shielding the actual criminals from detection.

6 stages of a new account fraud attack

New account fraud follows a process of six stages that helps criminals avoid detection.

  1. Data collection: Fraudsters gather personal information through data breaches, phishing campaigns, or by purchasing stolen credentials on dark web marketplaces. They may also use synthetic data generators to create realistic fake identities.
  2. Identity preparation: Criminals either steal existing identities or create synthetic ones by combining real and fabricated information. They prepare documentation and verification materials to pass security checks.
  3. Automated registration: Fraudsters deploy bots or scripts to fill registration forms automatically. These tools rotate IP addresses, change browser fingerprints, and mimic human behavior to avoid detection.
  4. Verification bypass: Attackers use temporary email services, virtual phone numbers, or CAPTCHA-solving services to complete verification steps. Some intercept verification links through compromised email accounts.
  5. Account warming: Sophisticated fraudsters perform normal activities to build account reputation before executing fraud. They might browse products, engage with content, or make small legitimate transactions.
  6. Exploitation: Once established, criminals use the accounts for their intended purpose, whether that’s promotional abuse, fraudulent purchases, money laundering, or other criminal activities.

What new account fraud costs your business

Financial losses

Financial losses stem from fraudulent transactions, resources spent on detection and prevention, operational costs for resolving fraud cases, and investments in security measures like account takeover protection.

Skewed data and bad decisions

Fake accounts contaminate your analytics. Daily active users, engagement rates, and conversion funnels all include fraudulent activity. Marketing teams optimize campaigns based on fake interactions. Product teams build features for users who don’t exist. Your analytics show growth, but revenue doesn’t match.

Operational inefficiency

Customer support teams waste time investigating suspicious accounts. Fraud analysts manually review registration patterns. IT teams build custom rules to block specific attack patterns. Each fake account costs your team valuable hours that could be spent on strategic work.

"As we were growing and bringing more awareness to our brand, we were getting increasingly hit by bots creating fake accounts, essentially abusing our platform. We were spending way too many man-hours dealing with bots, instead of developing our solution. We needed to find a better way to combat it.”
Ian Sells
CEO, RebateKey

Reputational damage

The reputational impact can be more damaging than immediate financial losses. Companies experiencing significant fraud incidents see decreased stock values and loss of customer confidence. Real users abandon platforms overrun with spam and fake reviews. Customer churn accelerates as user experience degrades.

Regulatory implications

New account fraud leads to severe regulatory consequences. Regulations like GDPR in Europe and CCPA in the United States impose hefty fines for failing to protect customer data. Companies might face legal action or increased scrutiny from regulatory bodies, leading to additional financial and operational burdens.

Customer trust erosion

According to Experian’s 2025 Identity and Fraud Report, less than half of consumers are highly trusting of companies to address their concerns online, even though 85% of businesses believe their fraud controls align with consumer expectations(4).

This trust gap shows how fraud incidents fundamentally damage customer relationships. Restoring customer trust requires significant effort and resources, making prevention far more cost-effective than remediation.

Red flags that signal new account fraud

Early detection is critical. Here’s what to watch for in your registration data.

Registration velocity spikes: A sudden surge in account creations indicates automated attacks. If your platform typically sees 100 registrations per hour but suddenly receives 1,000 in ten minutes, you’re likely under attack. Monitor registrations by IP address, device, and geographic location.

Suspicious data patterns: Look for sequential email addresses (user001@domain.com, user002@domain.com), sequential phone numbers or usernames, identical shipping addresses across multiple accounts, disposable email domains (tempmail, guerrillamail), and unrealistic personal information like birthdates of January 1, 1900.

Device and browser inconsistencies: Multiple accounts sharing identical device signatures or unusual browser configurations suggest bot activity. Disabled JavaScript, missing plugins, or spoofed user agents are common indicators.

Behavioral anomalies: Fake accounts behave differently than legitimate users. Watch for immediate inactivity after registration, extremely fast form completion (faster than humanly possible), perfect accuracy with no typos or corrections, uniform timing between form fields, and no exploration or browsing before registration.

Promotional exploitation patterns: Monitor how new accounts interact with offers. Red flags include accounts that only claim bonuses and never return, multiple accounts claiming the same promotion with similar patterns, and referral chains where accounts only refer each other.

Unusual traffic sources: A significant number of registrations coming from the same IP address, geolocation, or data center indicates fraudulent activity. Traffic from known proxy services, VPNs, or anonymized networks requires additional scrutiny.

How to prevent new account fraud

Prevention requires multiple defensive layers working together.

Real-time behavioral analysis

Monitor how users interact with registration forms. Real users take time, make corrections, and show natural variation. Bots complete forms with mechanical precision. Behavioral analysis examines mouse movements, keystroke dynamics, time spent on each form field, navigation patterns, and interaction with page elements.

These signals build a risk profile. Accounts showing bot-like behavior get flagged for additional verification or blocked entirely. This approach works because it’s nearly impossible for bots to perfectly mimic human behavior patterns.

Advanced identity verification

Implement robust know-your-customer (KYC) processes appropriate for your industry. Document verification, biometric analyses, and identity proofing help ensure the legitimacy of account applicants. This is particularly important and often legally required for banking, financial services, and telecommunications industries.

Banks might require valid ID documents for new accounts, while e-commerce sites may only employ identity verification for high-value or age-restricted goods. Organizations should verify the legitimacy of account details at creation by checking email address and phone number reputation against public records.

Multi-factor authentication (MFA)

MFA adds an extra security layer by requiring multiple forms of verification. This could include something the user knows (password), something they have (mobile device), or something they are (biometric verification). MFA is particularly effective to prevent account takeover attacks and phishing.

Progressive verification works well here. Start with light verification during registration, then add stronger verification when accounts attempt high-risk actions like making purchases or changing payment details.

Device and IP reputation scoring

Use systems to evaluate risk based on the reputation of IP addresses and devices used for access. Detect anomalies and malicious intent based on device and network attributes, including traffic from anonymized networks, data centers, devices with abnormal hardware attributes, or forged device attributes.

Check whether registration requests come from known proxy or VPN services, data centers and hosting providers, IP addresses with fraud history, devices previously linked to fraudulent accounts, or regions with high fraud rates.

AI and machine learning

AI and machine learning analyze vast amounts of data to identify patterns and red flags that human analysts might miss. These systems are particularly effective against complex fraud schemes and adapt to new attack methods automatically. The technology is applicable across all industries where large-scale data analysis is feasible.

Email and phone validation

Verify that email addresses and phone numbers belong to real people. Check email domain reputation and activity history, identify disposable email services automatically, validate phone number format and carrier information, and send verification codes that require actual access.

Comprehensive email intelligence reveals whether an address has engagement history or was just created for fraud. Phone validation confirms numbers connect to legitimate mobile carriers, not virtual services.

Employee training and awareness

Regularly train employees to recognize fraud signs and understand the latest fraud trends. Employee training is particularly valuable against phishing and social engineering attacks. It’s beneficial for businesses in all industries, especially those with significant customer interaction.

Collaboration and information sharing

Share information about fraud trends and tactics within your organization and with industry groups. This helps you stay ahead of fraudsters. This approach is particularly effective against cutting-edge fraud tactics and is valuable in sectors like banking, finance, and telecommunications where industry-wide collaboration is common.

Prevent new account fraud with DataDome

DataDome Account Protect uses multiple layers of machine learning to identify and block fake account creation in real time. The solution analyzes hundreds of signals including login location, device fingerprints, registration timing, form interaction patterns, email validation, and session history.

The system responds automatically by blocking obvious bot traffic, challenging suspicious registrations with additional verification, or allowing legitimate users through without friction. Account Protect operates invisibly for real users while stopping fraudsters at registration.

"As we rapidly grow and globalize as a company, our defenses against such attacks have to grow accordingly, and that's where DataDome came in. We have many defensive layers recording statistics for us, and since implementing DataDome, we've seen a 93% reduction in the number of accounts that have been taken over in ATO attacks."
Patreon

The solution requires no architecture changes and deploys in minutes. Account Protect provides comprehensive defense against both automated bot attacks and human-led fraud operations. Learn how DataDome Account Protect can provide the security your business needs.

FAQ

What's the difference between new account fraud and account takeover?

New account fraud involves creating fraudulent accounts using stolen or synthetic identities. Account takeover happens when criminals gain access to existing legitimate accounts through credential stuffing, brute force attacks, or password attacks. Both threaten platform security but require different detection and prevention approaches.

Can CAPTCHAs prevent new account fraud?

CAPTCHAs add friction and are no longer effective at fraud prevention. Modern bots solve CAPTCHA challenges using machine learning or human solving services that claim 90% success rates. Sophisticated fraudsters bypass CAPTCHAs while legitimate users face annoying verification steps that can drive them away.

How do fraudsters bypass email verification?

Attackers use disposable email services that provide temporary addresses with automated inbox access. They intercept verification links using these services or compromise legitimate email accounts. Advanced bots automate the entire email verification process, making this security layer ineffective on its own.

Does multi-factor authentication stop new account fraud?

MFA helps but doesn’t completely prevent fake account creation. Fraudsters can create accounts using stolen credentials that pass MFA checks. They intercept SMS codes through SMS pumping schemes, use SIM swapping attacks, or employ social engineering to bypass MFA during registration. MFA works best as part of a layered security approach.

How quickly can fraudsters create fake accounts?

A single attacker using automation tools can create a fraudulent account every three seconds. Bot networks can create hundreds or thousands of accounts in minutes during coordinated attacks. This speed makes manual detection and response impossible, requiring automated fraud prevention systems.

What are synthetic identities?

Synthetic identities combine real and fake information to create new, fictitious identities. For example, a fraudster might use a real social security number with a fabricated name and address. These are harder to detect than stolen identities because they aren’t associated with real people but appear legitimate to verification systems.

References

 

  1. https://www.fool.com/money/research/identity-theft-credit-card-fraud-statistics/
  2. https://javelinstrategy.com/research/2025-identity-fraud-study-breaking-barriers-innovation
  3. https://www.statista.com/statistics/1013474/facebook-fake-account-removal-quarter/
  4. https://www.experian.com/blogs/insights/experian-2023-identity-and-fraud-report/
DataDome
Kira Lempereur
Sr. Technical Writer
Kira Lempereur is the Sr Technical Writer for DataDome and the leader of the company’s LGBTQ+ pod. She collaborates with the threat research, marketing, and product teams to build content for thought leadership in bot and online fraud mitigation. Kira has more than 6 years of experience in the cybersecurity industry, from enterprise antivirus software to bot mitigation.

Related posts

DataDome
dd product home overview

Still exploring?

Start with an on-demand demo.

Watch a demo