---
title: Fake account
description: A fake account is a signup that doesn't belong to a real person, created in bulk for fraud, abuse, or farming free trials. Rupt scores it at signup, mostly from the quality of the email provided.
---

# Fake account

A fake account is one created by someone who isn't a genuine new customer: bulk signups for fraud, trial farming, review manipulation, ban evasion, or seeding a botnet. The goal is volume, so the fastest tell is the identity attached to the signup. Real people sign up with an email address they actually keep. Bulk registration leans on throwaway inboxes and shortcuts no human bothers with.

Rupt scores this risk on the `signup` [action](/docs/v3/concepts/actions).

## What Rupt looks for

The headline [checks](/docs/v3/concepts/checks) are all about the [email](/docs/v3/concepts/email) provided:

- **Disposable email**: the address comes from a throwaway provider built to vanish after one use.
- **Invalid email**: the domain has no working mail server, so the address can't receive anything.
- **Unverified email**: the user never confirmed they control the inbox.
- **Webmail email**: a free consumer provider. Weak on its own (most real people use Gmail), but it adds up with the others.

Rupt also scores [linked accounts](/docs/v3/concepts/linked-accounts) at signup: if the same [fingerprint](/docs/v3/concepts/fingerprints) is registering account after account, that's a stronger fraud signal than any single email property.

## Severity and response

The checks combine into a `fake_account` [risk](/docs/v3/concepts/risks) severity. Because email quality is cheap to fake and easy to get wrong honestly, blocking outright catches real users too. Most teams [challenge](/docs/v3/concepts/challenges) the borderline cases and reserve a hard `deny` for the unmistakable ones: a disposable address from a fingerprint that just made ten other accounts. Your [policies](/docs/v3/concepts/policies) draw the line.