Fake accounts have recently made headlines for maliciously influencing discourse on social media. However, bad actors also use fake accounts (AKA synthetic accounts, bot accounts, and account registration fraud) to commit financially-motivated attacks, including reward abuse on retail sites, money laundering via online banking, and even as a disguise for credential stuffing.
F5 Distributed Cloud Bot Defense sits in front of online account registration applications and can detect in real time if an attacker tries to create fake accounts at scale using automated tools or via sophisticated manual techniques.
A SINGLE ATTACKER CREATED A FRAUDULENT ACCOUNT ON A RETAILER’S SITE EVERY 3 SECONDS FOR A WEEK.
If an attacker plans on making more than 20 or 30 accounts, he will typically want to leverage automation to quickly input data into each field of the registration application.
This attack script might include API calls to appropriate services, such as CAPTCHA solvers or disposable email address services.
The attacker runs the script, creating hundreds, or even thousands, of accounts in a short period of time. Depending on the purpose of the fake accounts, account creation successes and failures are recorded.
The monetization scheme depends on the type of site being targeted. For example, criminals use fake accounts on retail sites to launder money by buying and selling gift cards, which becomes difficult for authorities to trace.