arrow left facebook twitter linkedin medium menu play circle

The Underground Market for User Accounts | Fake Accounts, Account Fraud

By Ting Fang Yen September 15, 2015

Photo of Ting Fang Yen

about Ting Fang Yen
Director of Research // Ting-Fang specializes in network and information security data analysis and fraud detection in the financial social and eCommerce industries. She holds a PhD in Electrical and Computer Engineering from Carnegie Mellon and has previously worked for E8, RSA, and Microsoft.

For Sale Sign - Real Accounts of Fake Accounts?

User accounts are extremely valuable – real accounts far more so than fake accounts. This is not only true for Internet properties, which are valued by the size and growth of their user base, but also for professional online criminals exploiting these platforms for a profit.

The prevalence of these user accounts in the underground market proves this is a common problem across all social platforms. The figure below shows the price range per account on BlackHat World, a web forum for black hats providing tips or services for online marketing. As you can see, the price varies widely by service, and also depends on the number of accounts purchased, whether the accounts are phone-verified, the country in which they were created, the age of the accounts, etc. Credible accounts are far more valuable than fake accounts. 

Price Per Account - Real Accounts Not Fake Accounts
The price range of a user account on Black Hat World forums. This figure is based on data collected during two weeks in late July to early August 2015.

In the figure, the red line is the median price per account, the box is drawn between the first and third quartile of the price range, and the “whiskers” (in dotted line) extend to the furthest value within 1.5 times the interquartile range from the end of the boxes. Any data point further than that is marked as ‘+’.

In addition to accounts, other types of social currency are also up for sale. On the BlackHat World forums, a thousand Facebook “likes” run for a median price of $3, a thousand Twitter retweets is about $0.75, and a thousand Instagram followers is $2. Combo packages are available – $18.99 will buy you 530 Facebook likes, 500 Twitter shares, 380 Google +1’s, 300 Pinterest repins, 250 Facebook shares, and 240 LinkedIn shares. Looking for a quality marketing channel? LinkedIn accounts with 500 connections are only $30 each.

So what does all of this mean? Clearly it shows that the current security solutions in place, such as multi-factor authentication and rules/model-based systems, are ineffective at stopping mass registrations and account takeovers. It also underscores the point that there is a thriving underground for “fraud-as-a-service” where people buy and sell user accounts, fake reviews, followers like commodities on the stock exchange. Furthermore, it demonstrates the type of adversary we are now up against. Well-organized, well-funded criminal businesses that are spending a lot of money in these black markets to create huge armies of fake accounts to do their bidding for financial gain – whether it be fraudulent transactions, spam ad campaigns, promotional abuse or more. We need to rethink how we combat this modern adversary by stopping the creation of these accounts and the downstream damage they conduct.


Popular Posts

Intelligent solutions. Informed decisions. Unrivaled results.

DataVisor Fraud Index Report: Q2 2019

Learn More

The DataVisor Q2 2019 Fraud Index Report is here.

Customers online want convenience, ease, and access. Fortunately, your business offers it all. Unfortunately, that’s what fraudsters want too. To a cyber criminal, those features means vulnerabilities. To bring you the very latest and most actionable insights about where the risks are and what you…

Dumb & Dumber vs Ocean’s 11

Learn More

Understand the range of modern fraud attacks to ensure complete coverage for your organization.

Complex and coordinated fraud attacks that are extensively planned, hard to detect, and highly scalable are the new normal for online platforms. Explore and understand the full spectrum of fraud attacks—from simple to sophisticated—and learn how you can defend against each type in this…

Diagnose and Defeat Application Fraud with the Latest AI-Powered Tools

Learn More

Learn how leading financial institutions are using ML to proactively detect card application fraud.

In this insightful webinar, you’ll explore how organizations are leveraging AI-powered fraud management solutions to get tangible, real-world benefits as they work to proactively detect and defeat sophisticated modern fraud attacks. Plus, you’ll discover strategies for empowering cross-team…


Protect your business, your customers, and your data.

Request Demo