Announcing Cloudflare Account Abuse Protection: prevent fraudulent attacks from bots and humans

Cloudflare has unveiled a new suite of fraud prevention capabilities aimed at preventing account abuse by addressing both automated and human-driven threats. The initiative builds on existing measures like leaked credentials detection and account takeover (ATO) detection, now incorporating tools such as disposable email checks and email risk assessments to identify and mitigate fake account creation and risky email patterns. A notable addition is the Hashed User IDs, which provide per-domain identifiers that enhance visibility into suspicious account activity without compromising user privacy. These capabilities, available to Bot Management Enterprise customers in Early Access, aim to tackle the growing threat of industrialized fraud by offering a layered security approach that focuses on both automation and the authenticity of user intent. This comprehensive strategy seeks to protect every stage of the user journey, from account creation to login and transaction integrity.