Multi Accounting Is on the Rise – Who Is Affected & How to Stop It

Have you ever signed up for a service with different accounts? You might have, without noticing, broken their terms and conditions by performing what is known as multi accounting.

Of course, it doesn’t make you a fraudster but those who purposefully create multiple accounts to abuse a system are crossing a fine line between customer benefits and company damage. 

What Is Multi Accounting?

At its core, multi accounting means opening more than one account per person but there are both sophisticated methods and simple ones.

A basic level of multi accounting would be a user create an account with an email address and password, log out of said account then create another one. This is often seen with the same device or by the same IP, or even potentially through a VPN, but with certain solutions such as device fingerprinting, this can easily be detected.

More sophisticated cases would see organized fraudsters use emulators, virtual machines, and even residential-like IPs, such as SOCKS5 proxies or mobile networks to leverage fresh IP addresses. This is also referred to as gnoming.

Furthermore, they could use stolen data or synthetic identities, or IDs constructed based on a real original document to fool the operator in thinking they are a real user.

3 Examples of Multi Accounting Fraud

Multi accounting creates different problems depending on the site platform or service it is targeted at as it can lead to both abuse and reputational damages. The most common reasons it’s used are:

• Fake reviews/feedback: It’s so easy to create an email address or social media profile, that many people do it to boost targeted products, services, or even their own reputation. It can be innocent enough (making it look like you have more friends), or a full organized crime operation, like click farms with tens of thousands of phones.
• Reset bans / bad history: Users who have been blacklisted from a site can simply create a new account under a different name. The same applies to someone with a bad credit history or crash record with rented cars.
• Promo and coupon abuse: Companies often try to onboard new users through promotions, free demos and coupons. This is true everywhere, from the gambling world to eCommerce. Multi accounting takes advantage of these promos and bonuses.

But there’s more; below we’ll look at some examples of multi accounting that are specific to different verticals.

Industries Impacted by Multi Accounting Fraud

The following industries are the most affected when it comes to multi accounting scams:

Ecommerce

In the eCommerce industry, companies have to deal with multi-account payment fraud and promo abuse as fraudsters look to hit merchants with chargebacks as well as spam discount codes/offers at scale.

Loan Providers

Online loan providers have to battle fraudsters who use multi accounting to default on the loan and run away with the money. Similarly, financial institutions have to stop fraudsters from gaining access to promos or payment methods for fraudulent purposes.

Online Dating

In the social media and online dating world, users will create multiple accounts to reach more people – often to scam or spam users. 

Travel

The travel industry is also increasingly targeted and now must battle the problem of fake bookings and reviews from scammers – and even from malicious competitors who can try to damage other businesses’ reputations.

Gambling / iGaming

The Gaming or iGaming industry has its own term for multi accounting: smurfing. The method is the same, and the goal allegedly more innocent. It is simply for gamers to improve their tactics without damaging the statistics of their main account.

Finally, the Online Gambling Vertical is one that’s hit particularly hard as it’s susceptible to a number of attack vectors such as:

• Affiliate fraud: Whereby fraudsters create fake accounts to boost their numbers of CPAs (cost per acquisition) and CPLs (cost per lead).
  
• Arbitrage: Even World Poker Series winners have been caught creating multiple accounts to gain an advantage over other players.
  
• Matched betting: Another situation where controlling multiple accounts can help change the odds in your favor.

Solutions for Multi Accounting Fraud

To prevent multi accounting you would immediately think to simply increase the difficulty for players to create multiple accounts by implementing more steps to the account creation process.

However, not only does this add more friction to your user experience but also in a webinar we hosted for the gambling industry, a poll revealed that finding connections between different accounts was the number one challenge for fraud managers.

It’s important to combine all the analyzed data and process it through intelligent rules, while fraud managers can spot connections manually, they can’t do it at scale. 

This is why AI-powered rules, velocity rules, and behavior profiling are the only effective solutions to filter out the noise and reveal accurate insights to determine if multiple accounts do indeed belong to the same person. 

Our solution includes combining the following tools to create a four-pronged line of defense that we believe is vital to mitigate the risk of multi accounting:

• Device fingerprinting: by creating browser, device hashes or IDs, it’s easy to see when multiple users obviously rely on the same device to log into your platform. While not necessarily indicative of frauds (family PCs), it’s an important point to check.
  
• IP analysis: More than checking if users connect through the same IP address. It’s also about flagging known VPN IPs and suspicious open ports, ISPs. Using TOR network is also considered as a red flag.
  
• Email analysis: data enrichment can turn single data points into full user pictures. This is particularly true with email address parameters such as domain validity, creation date, and link to social media accounts.
  
• Phone number analysis: you can check the carrier type, the country, and the social media presence to get an even better picture of your users.

In short, it’s about using a system that leverages AI and human intelligence to process incredibly large amounts of data, and validate the recommendations thanks to human wisdom and insight. 

See a basic walkthrough below of how SEON catches multi-accounting abuse, based on custom rules.

Key Takeaways for Multi Accounting

Multi accounting is a growing problem for almost any kind of business operating online. It can be simple or complex, and innocent or done on a scale only an organized crime ring can reach.

However, tools such as IP and Device fingerprinting, email analysis, and AI-driven algorithms are strong weapons to have in your arsenal against fraud.

And while not all multi accounting should necessarily be seen as fraudulent, you can still implement the right tools to let your team decide if it must be stopped or not. 

More importantly, if a customer seems suspicious based on the digital footprint, you should have enough flexibility to add or remove dynamic verification steps. All so you can reduce conversion churn, friction, and simplify the user journey for delivering the best experience possible.

Frequently Asked Questions

You might also be interested in reading about:

• SEON: iGaming Affiliate Fraud: How to Stop It
• SEON: How to Prevent iGaming Fraud
• SEON: Online Gambling Fraud: Detection & Prevention
• SEON: Synthetic Identity Fraud: How to Detect it

Further Reading

Learn more about:

Browser Fingerprinting | Digital Footprinting | Device Fingerprinting | Fraud Detection API | Fraud Detection Machine Learning | Fraud Detection & Prevention