Multi-Accounting Fraud: Step-by-Step Detection & Prevention Guide

Like many other types of fraud, multi-accounting is on the rise. In 2024, instances of multi-accounting fraud increased by 10% year-on-year. While it might not be the most common type of fraud out there (that title goes to impersonation attacks), it can still leave a mark on your bottom line if it goes undetected.

Here’s what you should know about multi-accounting fraud and how to detect and prevent it.

What Is Multi-Accounting Fraud?

As the name suggests, multi-accounting means that a single user creates multiple accounts on a specific platform. It’s a common occurrence in eCommerce, iGaming, SaaS, and fintech. That said, any digital product that allows users to create accounts may encounter multi-accounting.

Multi-accounting can be relatively benign. Some legitimate customers create multiple accounts to benefit from free trials or discounts more than once. Or, if you took action against their existing account, they may create another one to bypass those penalties.

In other cases, however, fraudsters can use multi-accounting for affiliate fraud, money laundering, and fake reviews, all of which represent more serious risks to your business.

The Evolution of Multi-Accounting

Tactics Multi-accounting schemes have grown more sophisticated over the past few years. What once required manual effort — creating individual email addresses, switching devices, clearing cookies-can now be automated at scale.

Fraudsters use bots to generate synthetic identities, employ residential proxy networks to mask their location, and leverage CAPTCHA-solving services to bypass basic security checks. While automation drives most multi-accounting today, human elements still play a crucial role. Organized fraud rings often recruit “micro-workers” — real people paid to complete onboarding steps that bots can’t easily handle, like selfie verification or manual email confirmation. This hybrid model allows fraudsters to pass both automated and human-moderated checks.

This industrialization of fraud means that a single bad actor can now control thousands of accounts simultaneously, making traditional detection methods increasingly insufficient.

Frogo tip: Monitor not just speed but consistency in user behavior. Accounts that combine automated bursts (rapid form completion) with long idle periods or manual actions may indicate hybrid fraud operations. Detecting those subtle timing inconsistencies helps uncover human-in-the-loop schemes that traditional velocity rules miss.

Why Pay Attention to Multi-Accounting?

If multi-accounting fraud goes unchecked, its impact isn’t pretty. It can damage your reputation and cause financial losses from unfairly obtained bonuses and discounts. A large number of fake accounts also inflates your user numbers and makes analytics less reliable, impacting decision-making and investor trust.

Even if the financial loss per incident seems small, multi-accounting tends to scale fast. In sectors like iGaming or eCommerce, one fraudster can operate hundreds of profiles simultaneously, draining promotional budgets or referral bonuses in days. Bonus abuse alone accounts for up to 30% of total promo-related fraud losses, while fake referrals can distort marketing ROI metrics by as much as 25%.

Beyond the numbers, the hidden cost is operational. Teams waste time analyzing inflated metrics, while campaigns optimised on fake data underperform. Even worse, inflated user counts can mislead investors and skew business forecasts.

While these operational costs might seem abstract, they directly affect long-term growth. A marketing team that reports inflated user numbers may allocate budgets inefficiently, targeting channels that appear to perform well but in reality attract fraudulent sign-ups. Over time, this creates a feedback loop: campaigns are optimised on false data, while genuine users receive less attention.

Frogo tip: Audit acquisition metrics quarterly. If “new users” rise sharply while activation or retention stagnates, you may be measuring fraud growth – not business growth.

8 Red Flags to Watch Out For

Some multi-accounting attempts can be easy to catch. For example, if the user doesn’t hide their IP address, you can easily check it and block the attempt. However, there are also more sophisticated schemes that involve VPN use, AI-generated deepfakes, or identity theft.

Here are eight fraud indicators you should look out for when combating multi-accounting:

  • A sudden surge in the number of user accounts created in a short span of time
  • Several accounts that share similar personal data (e.g., name, payment details)
  • Multiple accounts being accessed from the same IP address or device, with frequent switching between them
  • Anomalies in transaction behavior (unusually high-value orders, same discount code usage across accounts)
  • Abrupt exits during security checkups and identity verification flows
  • Use of proxies, VPNs, or the Tor browser
  • Logins at odd hours across multiple locations
  • Frequent transactions between the same accounts

Frogo tip: Don’t just flag repeated IPs – track behavioral overlaps across devices, browsers, and emails. Understanding how fraudsters move helps design stronger onboarding flows for genuine users.

How to Protect Your Business Against Multi-Accounting

To combat multi-accounting fraud, you’ll need to monitor large volumes of data to detect attempts and prevent them by requiring additional identity verifications. Here’s how.

Fraud Detection & Prevention: Two Sides of One Coin

As with any other type of fraud, your measures should combine both multi-accounting fraud detection and prevention:

  • Multi-accounting fraud detection focuses on catching multi-accounting already underway by analyzing historical and real-time data
  • Multi-accounting fraud prevention involves measures like disposable email detection and identity checks to ensure users never manage to create multiple accounts. It can also help identify and block users who previously caused serious damage, for example, accounts linked to chargebacks or other confirmed fraud cases.

7 Effective Measures for Combating Multi-Accounting

To detect multi-accounting attempts underway, you can use:

  • IP address tracking. Simple monitoring with static rules can help you catch the lazier multi-accounting attempts. To that end, keep a log of IP addresses for each account’s registration and login history.
  • Device fingerprinting. It involves collecting device hardware and software information to create a unique profile (i.e., a fingerprint). With it, you can detect accounts originating from or accessed on the same device, even if the IP address is different.
  • Behavioral analytics. Powered by AI/ML, this type of analytics identifies standard user behavior (session duration, scrolling patterns, clicks, text input, interactions, etc.) and detects deviations from it. That makes it useful for catching suspicious transactions and login behavior.
  • Email analysis. Fraudsters often use disposable emails to create fake accounts. Use disposable email detection to raise risk / step up verification / restrict promos, and block only if your policy requires it. Another red flag is clusters of similar email addresses (for example, small variations of the same name), which can indicate multi-accounting attempts.
  • Biometric and document verification. In high-risk industries like financial services, you can require users to pass selfie checks and/or upload IDs or proof of address documents when creating accounts. While effective, keep in mind that this data is highly sensitive and should be stored securely.
  • Phone verification. In addition to an email address, you can require users to verify their phone number with a single-use code or link. Phone numbers will also come in handy for multifactor authentication, which helps prevent account takeovers. It’s also worth monitoring phone number patterns: fraud rings often use batches of numbers with the same prefix or mask (the first N digits), which can indicate coordinated multi-account activity.
  • Data cross-referencing. Other information entered by the user can give away their use of multiple accounts. That information can include the same address, payment details, or account information.

As fraud tactics evolve, so must detection mechanisms. A recent survey by Alloy of financial institutions showed that 60% of organisations experienced an increase in fraud events in 2024. Moreover, 31% of respondents reported total fraud losses exceeding US$1 million.

What does this mean for your business? Simply put, prevention cannot rely solely on traditional static rules. Behavioral analytics, device-fingerprinting, graph-based account linkage and real-time risk scoring must all be layered in.

For example: consider a rule that blocks a second account from the same device within 24 hours — useful, yes, but easily bypassed by fraudsters using device emulators or rotating proxies. The smarter alternative is to build a profile of the “account ecosystem” – tracking device, IP, payment method, biometric indicators, referral origin and behavioral signature. When multiple attributes show overlapping patterns the risk score soars.

Frogo tip: Don’t just monitor “accounts created per device” – monitor the trajectory of accounts: creation → bonus claim → cash-out → inactivity. If you see accounts that claim bonus within minutes and cash-out within hours, flag as high-risk.

By shifting from “reactive rule” to “predictive pattern” mindset, you convert what was reactive defence into strategic asset protection. In this way you enhance detection and preserve customer experience for legitimate users.

Fraud Prevention vs Customer Experience

Overzealous multi-accounting fraud prevention can negatively impact your user numbers. For example, if you routinely treat logins from a specific country as suspicious, requiring an extra authentication step can introduce friction into the user experience. That can lead to higher churn.

Finding the right balance between friction and security requires continuous testing. One effective approach is progressive authentication – start with minimal verification, then trigger stronger checks only when risk scores rise. For example, users logging in from a familiar device skip biometric verification, while those showing anomalies (new device, VPN use, or rapid logins) face additional validation.

In addition to that, an improperly configured multi-accounting fraud detection tool can block legitimate users altogether. Needless to say, in this case, you’d be losing a customer. Your reputation might suffer as a result, too.

57% of financial organisations lost over $500,000 to identity-related fraud in 2024. Overly rigid rules can amplify this risk by turning away legitimate users who fail extra verification steps. Balancing friction and safety through risk-based authentication is therefore critical – especially as fraudsters become adept at mimicking human behavior.

Frogo tip: Use dynamic rules to automatically recalculate thresholds and minimize the risk of false positives. Plus, outline risk-based measures (e.g., extra identity verification) to avoid overly harsh automated responses.

The Cost of Inaction

Delaying action on multi-accounting fraud creates compounding problems. Each fraudulent account not only represents an immediate loss but also pollutes your data ecosystem, making future detection harder.

Marketing teams optimize campaigns based on inflated metrics, product teams build features for non-existent users, and finance teams forecast revenue that will never materialize. The longer multi-accounting persists, the more deeply it embeds itself into your operations and the more expensive remediation becomes.

Early intervention isn’t just about stopping losses; it’s about preserving data integrity across your entire organization.

Implementing Multi-Accounting Detection & Protection: Your Checklist

Here’s your step-by-step guide for implementing multi-accounting fraud detection and prevention:

Phase Key steps
Detect existing multi-accounting schemes
  • Outline relevant fraud indicators
  • Integrate a fraud detection tool with your digital product and internal systems (e.g., CRM)
  • Set up account information checks and data cross-referencing (emails, IP addresses, shipping addresses, etc.)
  • Implement behavioral analytics to detect unusual user behavior (e.g., exits during security checks, bot-like interactions)
  • Ensure high data quality to avoid incorrect or imprecise output
  • Set up device fingerprinting to catch different accounts logging in from the same device
  • Continuously monitor cookie, browser, and device hashes
Prevent multi-accounting
  • Create filters to block registration attempts using disposable emails or VPNs/proxies
  • Add multifactor authentication during registration
  • Implement risk scoring to trigger extra verifications for medium- and high-risk users
Strengthen verification
  • Implement phone verification for registration
  • Set up risk-based additional verifications (e.g., MFA, extra documents, etc.)
  • Introduce selfie and/or liveness checks
  • Consider requiring documents for registration or risk-based verification
Track and optimize
  • Define and monitor success metrics, such as attempts blocked
  • Keep an eye on the impact on customer experience and corresponding metrics (churn, etc.)
  • Monitor false positives and strive to minimize them
  • Regularly audit fraud detection and prevention measures
  • Iteratively improve on them following audits and high-profile incidents

Final Thoughts

Compared to other types of fraud, multi-accounting may not seem like such a big deal to some businesses. Yet, it can still do substantial damage to both your reputation and your bottom line.

So, don’t put off dealing with it. And while you’re at it, pay close attention to minimizing friction in user flows and reducing the risk of false positives.

Frogo helps businesses detect and prevent multi-accounting with device fingerprinting, behavioral analytics, and flexible rule-based anti-fraud measures. Discuss your fraud risks with our experts, and we’ll help you adapt Frogo to your specific use cases.

Scroll up
Ask our experts
Cookies consent management
We use technologies such as cookies to store and/or access information on a device. We do this to improve your browsing experience. By agreeing to the use of these technologies, you enable us to process data such as your browsing behavior or unique identifiers on this site. Not giving your consent or withdrawing it may negatively impact certain features and functionality.

Cookies consent management

We use technologies such as cookies to store and/or access information on a device. We do this to improve your browsing experience. By agreeing to the use of these technologies, you enable us to process data such as your browsing behavior or unique identifiers on this site. Not giving your consent or withdrawing it may negatively impact certain features and functionality.

The storage of or access to technical data is strictly necessary for the legitimate purpose of enabling the use of a specific service expressly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

These cookies allow us to measure and analyze traffic on our website, such as pages visited and user behavior, using Google Analytics. The information is collected in an anonymized form and does not directly identify you. These cookies are only set if you give your consent.

Privacy Policy
Frogo

Talk to Expert

    This is an optional field and can contain up to 2000 characters.
    [aios_captcha]
    Thank you
    We will contact you.

    Frogo

    Welcome to apply

      Personal information
      Upload your resume
      Cover letter
      Optional field. Message 250-2000 symbols
      Thank you for your interest in the vacancy at Frogo.
      Your resume has been successfully sent. We will be sure to contact you if your qualifications meet the vacancy criteria.

      Frogo

      Refer a friend

        • Step 1/2

          Your Contacts
          Reason for recommendation
          Next Step

        • Step 2/2

          Friend’s Contacts
          Upload your resume
          Cover letter
          Optional field. Message 250-2000 symbols
        Thank you for your interest in the vacancy at Frogo.
        Your resume has been successfully sent. We will be sure to contact you if your qualifications meet the vacancy criteria.

        Privacy Policy