Fake Users

Less than 40% of all online accounts are owned by legitimate sources

Fraudsters create accounts in bulk by automating sign-up processes at scale. These accounts are subsequently misused to share spam, commit financial crimes, spread malware, and skew polls, reviews, and surveys. If security controls can be quickly deceived in account registration applications, fraudsters will automate them for mass account creation.

Fake Users are also referred to as Account Fraud, Account Pharming, Bot Accounts, Fake Registrations, Fraudulent Accounts, Impersonator Bots, and Synthetic Users.

Arkose Labs prevent fraudsters from creating illegitimate accounts at scale

Arkose Labs detect when fraudsters attempt to generate multiple accounts using automated tools and digital sweatshops. These attempts are intercepted by Arkose Labs’ Enforcement, a challenge–response mechanism that generates scaling costs for fraudsters. When the cost of committing abuse scales beyond the possible economic return, fraudsters move on or give up.

Did you know? Fake Users and Account Takeover have gained notoriety for influencing discourse on social media by inflating perceived social capital around messages with political and financial interests

Fraudsters disguise bulk account creation using Single Request Attacks

Single Request Attacks allow fraudsters to conceal Fake Users by making them look authentic at scale. These requests simulate legitimate sources by obfuscating IP addresses, consuming dynamic fingerprints, using headless browsers, and executing JavaScript as expected. Single Request Attacks cannot be remediated with bot mitigation and unknown requests should be intercepted to neutralize attackers and their ability to retool.


Intercept Fake Users before they abuse rewards, skew trust, or launder goods and services

Find out how Arkose Labs can strengthen your web application security with Enforcement