Case Study

Delivery Hero brands secure over 7X ROI and significant fraud savings with Incognia | Read the case study >>
Ban Evasion: How Platforms Can Shut Out Repeat Offenders Featured Image

Ban Evasion: How Platforms Can Shut Out Repeat Offenders

Even "permanent" bans aren’t always permanent. Ban evasion lets repeat offenders slip through the cracks, but with the right identity signals—like device and location intelligence—platforms can finally make bans stick.

October 14, 2025 by Danny Paulk

Fraudsters don't care about platform policies. When they're banned for violating terms of use, they don't disappear. They adapt.

Ban evasion is a common tactic among bad actors who want to keep exploiting platforms even after being caught. Through methods like multi-accounting, device manipulation, and account takeover, they find ways to slip black in.

This cycle leads to more fraud, less trust, and growing costs for platforms—and worse experiences for their users.

Understanding how ban evasion works is key to stopping repeat abuse before it spreads.

Key Takeaways

  • Ban evasion happens when a banned user returns to a platform using a new or stolen account
  • Common tactics include multi-accounting, device resets, app cloners, and account takeovers
  • Weak enforcement allows repeat fraud, hurts user trust, and drains platform resources
  • Robust device and location intelligence can expose returning fraudsters, even when they use new accounts or devices
  • Proactive prevention at onboarding helps block bad actors before they can cause more harm

What is ban evasion? 

Ban evasion is an attempt by an individual to circumvent an online platform ban or suspension by using a different account on that platform.

For example, Twitter’s ban evasion policy prohibits users from creating new accounts or repurposing existing ones to get around a suspension.

For social media platforms and content moderation teams, the major concern with preventing ban evasion is protecting users from abusive content and bad user conduct.

For fraud teams, the focus is different. Fraudsters who commit policy violations and other abuses can use organized ban-evading tactics to continue defrauding the platform and its users even after being caught and penalized.

This issue of ban evasion is a major challenge for many platforms. 

Incognia CEO and co-founder André Ferraz does a good job of summarizing the vicious cycle of ban evasion: 

 

How does ban evasion work? 

There are several different tools and techniques that bad actors can use to successfully evade a ban or suspension.

1. Multi-accounting 

Multi-accounting is the foundation of ban evasion.

Unless they breach the platform's systems, bad actors can't unblock their own accounts. To keep operating, they need fresh accounts that haven't been banned.

Having multiple accounts at their disposal creates a safety net for fraudsters. If one gets banned or blacklisted, they can simply switch to the next and continue on like normal.

With enough accounts, even a single fraudster can heavily tax fraud prevention teams—wasting time and resources as each new account has to be flagged, reviewed, and banned.

Multi-accounting is often a direct violation of platform policy, particularly in verticals like food and grocery delivery in which accounts are directly associated with users' real-world identities for the sake of safety and transparency.

2. Using multiple devices

Having multiple devices takes multi-accounting to the next level.

A bad actor with just one phone might be able to run multiple instances of the same app using an app cloner, but switching between accounts manually is slow and inefficient. There's only so much damage they can do on a single screen.

Adding more devices removes those limitations. With each new phone or tablet, bad actors can control more accounts at once, scaling their operations and increasing profits.

When this setup grows large enough, it becomes fraud farming—teams of bad actors managing dozens or hundreds of devices in parallel to extract as much value as possible from a fraud scheme.

As Shawn Colpitts of Just Eat Takeaway said:

How much damage can one person do with one device? Then you give that one person ten, twenty, thirty, forty, or fifty devices. Think about how much more they can do. And that's what these fraudsters are attempting.

3. Manipulating device ID parameters or factory resetting banned devices

Device ID is a key signal platforms use to identify and even block users tied to high-risk or fraudulent behavior. But it's far from foolproof. 

Fraudsters can manipulate or obscure their device ID parameters to evade detection. One common tactic is performing a factory reset, which can wipe identifying details and make the device appear new. 

Others may change their operating system version, alter screen resolution, or install and uninstall apps on the device—all to confuse or bypass device fingerprinting systems.

These simple tricks make it harder for platforms to recognize repeat offenders, potentially giving bad actors a fresh start using the same hardware.

4. Using stolen account credentials

While not as scalable as other methods, account takeovers (ATOs) with stolen credentials is yet another way for bad actors to regain access to a platform after being banned or suspended.

And unfortunately, this tactic not only enables ban evasion and fraud, but also puts the original account holder in danger of being wrongly blamed for actions they didn't commit.  

Ban evasion doesn't always require deep technical stills. Many ban evasion approaches like multi-accounting are abuses that organized fraudsters will already be committing, making ban evasion an easy integration into their existing operations. And while these shortcuts make life easier for fraudsters, they create major headaches for platforms, users, and fraud prevention teams alike.

 

Subscribe to Incognia's newsletter about fraud prevention and digital identity

The consequences of ban evasion for platforms

Ban evasion creates a serious operational challenge for fraud prevention teams. When platforms can't make bans stick, teams end up spending time and resources banning the same fraudsters over and over again, without addressing the root cause.

Any amount of time that a ban evader can spend on a platform undetected is time in which they can commit fraud and abuse against other users or the platform itself—making ban evasion a high-risk concern for platforms. 

If you're not addressing the issue of ban evasion, all of your efforts are just delaying the bad actor. You're not really stopping them.

– André Ferraz, CEO and Co-Founder, Incognia

How can platforms detect and prevent ban evasion?

The key to stopping ban evasion is the ability to recognize banned users when they return to the platform—even when they switch accounts, reset their devices, or use a new device. If fraud and trust & safety teams can consistently identify the individual behind the activity, they can make bans stick and prevent repeat abuse. 

That's where persistent identity signals come in.

Device intelligence + location data = persistent identification

Device intelligence allows platforms to bind a device to a user's identity, making it possible to recognize returning banned users. High-precision location data adds another layer of context, allowing platforms to persistently block bad actors even if they switch devices or try to hide behind a factory reset.

For instance, Incognia’s solution can flag new devices that appear in environments previously linked to fraud.  So even if a fraudster wipes their phone or uses a new one, they can still be blocked based on their location behavior.

Prevent fraud before it starts

The most effective way to stop ban evasion is by cutting it off at the source.

Device intelligence makes it possible to evaluate new devices for risk before they ever gain access to the platform. Signals like the presence of app cloners, tampering tools, or GPS spoofing apps can indicate malicious intent, allowing platforms to flag and block high-risk devices during onboarding.

Platforms put time and resources into enforcing policies for a reason. Without strong enforcement, fraud goes unchecked, user safety declines, and long-term revenue is at risk.

Persistent identity signals give fraud teams the edge they need to keep platforms secure and fight back against ban evasion.

Learn more about how Incognia's team can help your platform tackle ban evasion.
Danny Paulk

Danny Paulk

Content Creator and Copywriter
Subscribe

Most recent

Featured image for The Gig Economy Fraud Trends to Know for 2026 resource

The Gig Economy Fraud Trends to Know for 2026

Stay informed about gig economy fraud trends to know for 2026. Uncover emerging scams and tips to keep your platform secure and trustworthy.
Featured image for 5 Ways Gig Economy Platforms Can Strengthen Fraud Prevention in 2026 resource

5 Ways Gig Economy Platforms Can Strengthen Fraud Prevention in 2026

Learn 5 effective ways delivery and ride sharing platforms can enhance fraud prevention in 2026. Protect your users and grow trust in your business.
Featured image for Episode 3: Fighting Back Against Promo Abuse resource

Episode 3: Fighting Back Against Promo Abuse

Learn how gig economy platforms combat promo abuse, detect fraud patterns, and collaborate across teams to maintain growth without compromising security.