Fake account
A fake account is one created by someone who isn't a genuine new customer: bulk signups for fraud, trial farming, review manipulation, ban evasion, or seeding a botnet. The goal is volume, so the fastest tell is the identity attached to the signup. Real people sign up with an email address they actually keep. Bulk registration leans on throwaway inboxes and shortcuts no human bothers with.
Rupt scores this risk on the signup action.
What Rupt looks for
The headline checks are all about the email provided:
- Disposable email: the address comes from a throwaway provider built to vanish after one use.
- Invalid email: the domain has no working mail server, so the address can't receive anything.
- Unverified email: the user never confirmed they control the inbox.
- Webmail email: a free consumer provider. Weak on its own (most real people use Gmail), but it adds up with the others.
Rupt also scores linked accounts at signup: if the same fingerprint is registering account after account, that's a stronger fraud signal than any single email property.
Severity and response
The checks combine into a fake_account risk severity. Because email quality is cheap to fake and easy to get wrong honestly, blocking outright catches real users too. Most teams challenge the borderline cases and reserve a hard deny for the unmistakable ones: a disposable address from a fingerprint that just made ten other accounts. Your policies draw the line.
- Need help? Contact support.
- Want to see Rupt in action? Request a demo.
- Questions? Talk to sales.
- Check out our changelog.
- Check our status page.
- LLM? Read llms.txt.