How to stop new account fraud without ruining conversion

Digital businesses face increasing difficulties with new account fraud because criminals create fake accounts to misuse their systems and deplete their resources and manipulate their performance measurements. The growing trend of companies implementing "frictionless" onboarding procedures for business expansion has created an opportunity for fraudsters to exploit automated systems and advanced spoofing techniques to access their operations.

What is New Account Fraud?

New account fraud, which people call signup fraud or account creation abuse, happens when someone creates multiple accounts through the use of stolen identities and fake identities and synthetic identities. The process creates a new fraudulent entity which operates within your system because ATO involves attacking an already established account.

Common scenarios include:

- Incentive Misuse: Generating tremendous amounts of accounts in order to obtain sign-up bonuses or credit from referrals.

- Spam & Phishing: Setting up new accounts in order to send out harmful links or fictitious reviews.

- Free Trial Warehousing: Constantly creating new accounts to get free trials so you don't have to pay for the service.

How New Account Fraud Works

Fraudsters rarely act alone or manually. Modern signup fraud is an industrial-scale operation that typically follows these steps:

- Identity Harvesting: Fraudsters collect thousands of leaked emails, or phone numbers, or use “synthetic identities” (combining real and fake data). 

- Infrastructure Setup: They utilize proxies, VPNs, or data centres to conceal their actual physical locations and alternate IP addresses. 

- Bot Automation: Using scripts or headless browsers to complete sign-up forms in just a few seconds’ time while bypassing standard UI elements. 

- Device Spoofing: Use emulators or modified web browsers to create the appearance of each request as being sent from a unique, clean mobile device or laptop.

Why It’s Hard to Detect

The biggest challenge with signup fraud is that it is designed to look exactly like legitimate growth.

- Human Behaviour: Bots can replicate human interaction by simulating how people move the mouse and type.

- Many Bots: Frauds can have enough chances to attempt thousands of new accounts in less than 1 minute much too often than manual review will ever provide.

- Weak Signals: Most companies use IP addresses and email accounts that are too cheap or too easy for the fraudster to change or spoof.

The Impact on Your Business

Ignoring signup abuse doesn't just cost money; it poisons your entire business model.

- Financial Loss: Direct costs from promo abuse, chargebacks, and high cloud infrastructure bills.

- Skewed Growth Metrics: Marketing teams may think a campaign is successful due to high signup volume, only to find the "users" never convert to paying customers.

- Damaged Reputation: If your platform becomes a hub for fake accounts and spam, real users will lose trust and leave.

Key Signals to Detect New Account Fraud

To stop fake account detection from failing, you need to look beyond basic identity markers. Successful detection relies on four core signal categories:

Device Intelligence

This is the most critical signal. The detection of multiple accounts created from the same physical device becomes possible when you identify the complete hardware and software setup used by a visitor. The investigation should focus on two aspects which include finding "device fingerprint" discrepancies and detecting any use of emulators along with debugging software.

Behavioral Patterns

Users who visit websites spend time reading content while they show typical mouse movement patterns and their activities follow a regular sequence. Bots, however, often jump straight to the "submit" button or follow a rigid, scripted path. The system identifies suspicious activity when multiple users from the same network block create accounts in quick succession.

Network Signals

Legitimate users utilize VPNs and proxies, but organized fraud becomes evident when multiple users create accounts from a single data center IP address or from a recognized "bulletproof" hosting service.

Identity Inconsistencies

The system needs to verify whether the given email has ever been accessed before or whether it comes from a temporary email service. The system can use phone number verification to determine whether a call originates from a high-risk source by checking against established VOIP service providers.

Limitations of Traditional Detection

Many businesses still rely on "legacy" friction, but these methods are failing against modern fraud:

- OTP (One-time passwords): Fraudsters use SMS pumping or cheap SIM farms to bypass SMS OTPs given that they easily do so. The extra friction added to obtain an OTP from an SMS usually causes many real users to lose interest in making a purchase.

- Captcha: With modern-day AI and “solver services,” CAPTCHAs can be solved for just a few cents, making them an annoyance to real users but just a minor obstacle to bots.

- Email Verification: Since there are many free/disposable email addresses on the Internet, they have no value when used as stand-alone security methods.

A Modern Approach to Prevent Signup Fraud

The goal of modern fraud prevention is to be "invisible" to good users while being an "impenetrable wall" for bad ones. The system needs to change from using fixed security checks to implementing ongoing threat assessment methods.

Platforms use device intelligence together with real-time behavioral analysis to create "risk scores" which they assign to each signup attempt. Users with low risk experience a seamless process while the system either blocks or requires extra verification for high-risk attempts.

How DeepID Helps You Scale Safely

DeepID is built to solve the tension between growth and security. We provide the tools product and fraud teams need to identify and block account creation abuse without hurting your conversion rates.

Detect Fake and Duplicate Accounts

DeepID’s advanced device fingerprinting goes deeper than standard cookies. We identify the "DNA" of a device, allowing you to spot when a single fraudster is trying to create multiple accounts, even if they clear their cache or use a VPN.

Identify Suspicious Devices

We detect the tools of the trade—emulators, rooted devices, and automated scripts. If a signup is coming from a virtual environment rather than a real user’s smartphone, DeepID flags it instantly.

Prevent Abuse Without Harming Growth

The best part? Your real users never see DeepID. Because our detection happens in the background, you can remove clunky CAPTCHAs and unnecessary steps, leading to:

- Metrics for Cleaner Growth: This shows you are factoring only real users into your metrics instead of bots.

- Reduced Cost of Operations: Stop wasting your money on SMS OTPs for fake accounts.

- Quicker Onboarding: Provide a quicker, easier on-boarding process for your genuine customers.

Best Practices for Growth Teams

1. Monitor for cases with large numbers of new users who never return to engage with the content again. This pattern can be an indicator of bot activity or abuse.

2. Use tools such as DeepID to determine the user’s identity (who) based on their behaviors (what) when registering.

3. When approving users who registered through known data centers or high-risk proxies, either deny them access or ask them to provide additional verification.

4. Use extra verification (such as a driver’s license, ID, etc.) only when there is evidence that the ticket is coming from a high-risk device.

Conclusion

Your account fraud system requires advanced solutions because it poses challenges that need to be resolved for your company to expand. Your business will achieve better security protection by using advanced device identification methods instead of using simple IP address verification methods. The ability to identify threats before they occur now serves as a security measure which helps businesses that are experiencing growth to gain an edge over their competitors.