How Marketplaces Can Outsmart Seller Fraud in 2026

If you're fighting seller fraud, you've probably noticed something unsettling: traditional prevention tactics are falling behind.  

Fraudsters are faster, smarter, and better equipped than ever before. They're finding workarounds, and then they're industrializing them.

During a discussion with Nicole Pauls (Senior Product and Trust & Safety Leader), Gal Peled-Hayoon (Risk Analyst Team Leader at Fiverr), and Kathleen Corrigan (Account Executive at Incognia) we dug into what's actually changing in the seller fraud landscape—and more importantly, what fraud teams need to do differently in 2026.

These are the tactics hitting marketplaces right now, and the defenses that are proving effective against them. Here's what you need to know.

Want the full context? Catch up on the full conversation below:

Fraud looks legitimate and moves fast

Fraudsters are scaling faster and smarter, making seller fraud increasingly difficult to distinguish from legitimate activity.

Remember when a generic Gmail address or sketchy product photos were enough to flag a fraudulent seller? Those days are over.

Nicole shared what she's been hearing from fraud teams dealing with fake item listings. These used to be easy to spot, clustered in high-risk categories like phones and video games and often reused the same copy.

Now? They’re spreading across unexpected categories, like clothing, home goods, and even baby products. 

The language varies, sounds natural, and no longer triggers the detection rules teams relied on in the past. Familiar signals—like suspicious email domains—are far less reliable.

As Nicole put it, “everything's getting a little easier and a little faster.” 

That speed is the biggest shift. What used to take fraudsters weeks to adapt can now happen in days or even hours. You make a detection update, and they could be back with a new approach in short order.

That same speed and ability to look legitimate has moved upstream into accounts and identities themselves.

Gal pointed out two major areas of concern at Fiverr:

• Fake identities powered by AI  that look completely authentic to human reviewers.
• Account takeovers using increasingly sophisticated hacking techniques, including AI-generated voice calls that can mimic someone's mom asking for a verification code

This doesn’t happen by accident. 

Sophisticated fraud tools are more accessible than ever

The shift toward faster, more realistic fraud is being fueled by a core trend: sophisticated fraud tools are now widely accessible.

Fraudsters no longer need to be tech-savvy or coding experts to use advanced methods. They can buy plug-and-play fraud tools. The barrier to entry for sophisticated fraud is dropping fast.

Device farms are going mainstream

Device farms are growing more common, and we see two factors that could be driving this:

Factory reset automation. There are now tools that allow fraudsters to wipe and reset an Android or iOS in under 30 seconds. This capability could allow them to scale operations with a fraction of the physical devices they used to need.

Cloud-based device farms. These were originally built for dev teams to run QA testing across multiple devices. Now? Fraudsters are renting them instead of building their own device farm.

Our team at Incognia recently discovered a cloud device farm provider in Singapore openly advertising their service specifically for managing multiple seller accounts on a major P2P reselling marketplace—with the platform's logo featured on the site. This wasn’t on the dark web. It was public.

Fraud-as-a-Service vendors are shamelessly marketing platform-specific bypass solutions like any other SaaS product.

AI is making everything easier

It's easy to create multiple accounts. It's easy to create a bot. It's easy to create AI agents. Everything is easy peasy.
— Gal Peled-Hayoon, Fiverr

With generative AI, fraudsters can:

• Create realistic profile pictures that pass human review
• Generate fake licenses and identity documents
• Produce authentic-looking product descriptions and listings
• Even impersonate real people using stolen identity data

The tools that used to require expertise? Now they're point-and-click. Existing fraud tactics are easier than ever, sophisticated fraud is becoming more accessible to amateur bad actors.

The best fraud analysts stay curious and think like attackers

When fraud becomes this fast, accessible, and realistic, tooling alone isn’t enough. Teams have to change how they think.

The best analysts think like fraudsters and constantly explore new attack surfaces.

When we asked Nicole what she'd teach a new fraud analyst being trained today, her answer was surprising: "Go look at what tools are being used against you."

 You can pretty much go search for whatever your marketplace is and ‘tools’ and find what techniques are being used against you. Don’t be afraid to look. The bigger your platform is, the easier it’s going to be to find how they’re trying to bypass your technology.
— Nicole Pauls, Sr. Product and Trust & Safety Leader

This means checking:

• YouTube tutorials showing how to bypass your verification
• Reddit threads where banned users ask how to get back on
• Telegram and Facebook groups selling account access
• Fraud forums advertising platform-specific tools

It sounds uncomfortable, but it works. A simple Reddit post—"I got banned, how do I get back on?"—could reveal five different bypass techniques you didn't know existed.

Gal emphasized that fraud analysts need to constantly refresh their understanding: "I would show them many kinds of tactics that happened before and tell them: this might be irrelevant in one hour. You should always be suspicious and curious."

This curiosity is about anticipating what's coming next. 

Today's fraudster has many tools, resources, and ideas at their disposal to help them grow their fraud on your platform. So the best place to stop them is before they ever get started.

Stop fraud at onboarding, not after it scales

The best place to stop fraud is before it starts: at account creation.

If you're catching fraud downstream—after listings are posted, after transactions happen, after chargebacks hit—you're already losing. The goal isn't just to catch fraud. It's to prevent it from taking root in the first place.

A strong gate leads to strong trust.
— Gal Peled-Hayoon, Fiverr

Gal outlined the early signals that tend to indicate high-risk sellers:

• Inconsistencies in identity information  (name, location, documentation)
• Clone accounts (same person opening multiple accounts)
• Device farms  detectable through location and device clustering
• Unusual device or network patterns  that don't match legitimate user behavior

The key isn't to auto-block everyone who triggers one signal. It's to use these indicators to prioritize deeper reviews and add targeted friction only where it's needed most.

True location is the hardest signal to fake

Nicole made a compelling case for one signal in particular:

If I had to pick one signal and only one signal, I would pick true location. Not where their device tells me they are, but where they actually are.

Why is location so powerful? Because fraudsters can fake almost everything digital—device IDs, verification selfies, even identity documents—but they can't easily change their actual physical location.

If someone's providing a US driver's license but they're nowhere near the US? That's a red flag worth investigating.

If hundreds of accounts are being created from a single apartment? That's most likely a fraud scheme that you should shut down immediately. (Apartment is the key word here—more on that below).

The key is trusted indoor location, not GPS coordinates

Of course, fraudsters often try to spoof their GPS location. That's why it's critical to have strong tamper detection that catches those spoofing attempts.

When you combine precise location intelligence with tamper detection, you can be confident you're actually seeing a user's real physical location—not what they want you to think it is. 

That's what makes location such a powerful signal for vetting sellers at onboarding and detecting ban evasion attempts.

Location data also helps you:

• Identify device farms by spotting unusual clustering (multiple devices, multiple accounts, single location)
• Detect ban evasion when a previously banned user tries to rejoin from the same physical location
• Reveal collusion between buyers and seller accounts operating from connected locations

This is one area where the right technology makes all the difference. Precise location intelligence that can't easily be spoofed (like Incognia's) gives you a signal that fraudsters have a hard time working around.

Not all location data is created equal

But here's where many platforms go wrong with location: they assume GPS and IP-based location is good enough for fraud prevention on their own. They’re not.

IP location data is problematic because:

• It's only precise enough to determine the state or city a user's in
• Fraudsters can easily manipulate it with VPNs, proxies, or Tor

IP used to be something where we could say 'I know where you are.' It's nothing today. You can find people using the same IP who aren't clones—they're just friends at the same location. And it's very easy for fraudsters to change IP.
— Gal Peled-Hayoon, Fiverr

And GPS data has its own problems:

• It's extremely easy to spoof by putting a device in developer mode or using GPS spoofing apps
• It lacks the precision needed for fraud prevention

Think about this scenario: You have a high-rise building with 100 apartments. In one apartment, there's a fraudster running a device farm. 

If you're relying on GPS data to block that fraudster, you'd have to block the entire building—99 innocent users blocked because of one bad actor.

That's how you end up with false positive rates through the roof.

Strategic friction builds trust and drives growth

Trying to cut down on fraud raises a common concern: applying too much friction.

Many marketplaces are cautious about applying friction in the user journey because they’re concerned good users might get frustrated and churn. But interestingly, strategic friction can actually boost growth by increasing user trust.

There's this persistent myth that fraud prevention and growth are at odds. Add any verification step, and users will bounce. Right?

Not necessarily.

Nicole shared something surprising: 

I've actually seen a couple of times—surprising results by measuring them—that by signaling more protection, it actually created more trust, and more people wanted to use a feature. What we might expect to be a negative in creating friction actually signaled that we cared about trust, and more people were likely to transact.

Let data determine where friction belongs

Not every seller should face the same verification steps. 

The most effective teams use risk signals to decide when additional friction is necessary—focusing interventions on high-confidence fraud while keeping legitimate sellers moving quickly.

Both Nicole and Gal emphasized the importance of being data-driven about where and how you add friction:

Start with the highest risk. Don't create interventions that every user has to pass. Focus on users with the highest confidence of fraud, build credibility with your growth team, then expand thoughtfully.

Use A/B tests when possible. Gal was emphatic about this: "If you can do A/B tests, push for them. We've done some tests that were super helpful and convinced not only marketing, but also management that these protections help growth."

Speak the business language. Nicole's advice: understand growth goals, be ready to test with small audiences, and show partnership. When fraud teams demonstrate they understand business impact, growth teams stop seeing them as obstacles.

The reality is that false positives are harmful to growth. But done right? Strategic friction builds trust and can actually improve retention and transaction rates.

Layer your signals—single defenses won't cut it anymore

Diverse signals, layered defenses, and continuous learning will define the platforms that win.

As we head into 2026, here's what marketplace fraud teams need to prioritize.

Verify seller identity (the right way)

Gal was clear: 

Anything you fail to stop at the gate will become fraud later on. Our goal is to catch them as soon as possible.

This means:

• Strong ID verification  that goes beyond basic document checks
• Device intelligence  that can detect factory resets and app cloner usage
• Trusted location signals  that can't be spoofed
• Cross-account coordination detection  that reveals collusion

Layer your defenses and make the most of your data

Relying on one signal obviously isn’t enough. You need a combination of multiple layers, starting at onboarding and continuing through the user journey.

We can't focus on a single protection or detection mechanism. We have to think about layering our approaches at different points in the lifecycle.
— Nicole Pauls, Sr. Product and Trust & Safety Leader

Think about your user journey as a funnel. 

At onboarding, collect high-value signals: device ID, device integrity, true location.

Even if you don’t act on them immediately, those signals become critical context when fraud happens later.

For example, when a device gets reset or location behavior suddenly shifts, early signals can help validate whether a future transaction is suspicious or legitimate.

Focus on ban evasion

Ban evasion is what keeps fraud alive. 

If fraudsters can just come back after being banned—using the same device with a factory reset, or reinstalling the app to change their device ID—you're not actually stopping anything.

You need to be able to:

• Persistently block risky devices despite resets and tampering
• Identify location behavior patterns that reveal when the "new" account is really an old fraudster
• Connect the dots between accounts to reveal multi-accounting and collusion

When you can do this at onboarding, you stop the fraud cycle before it starts.

Stay ahead by matching fraudsters’persistence and innovation

Fraudsters are iterating quickly—so must you.

If there's one thing to take away from this discussion, it's this: effective fraud prevention means stopping fraud before it has a chance to scale by collecting the right signals early and using them to block bad actors at the door.

Fraudsters aren't standing still. They're experimenting with new tools, testing your defenses, and sharing what works on Telegram and Reddit. Your team needs to match that energy with proactive intelligence gathering.

That means:

• Understanding what tools are being used against your platform
• Testing your defenses before fraudsters do
• Gathering signals early so you can detect patterns later
• Staying curious about how attacks are evolving, even when (especially when) your current defenses seem to be working

Be curious. Things change all the time. We should improve ourselves again and again.
— Gal Peled-Hayoon, Fiverr

The teams that win in 2026 won't just be the ones with the best technology. They'll be the ones who adapt quickly, think like attackers, and never stop learning from what's happening on their platform and other platforms around the world.

Want to learn more about upstream seller fraud prevention and stopping ban evasion at onboarding? Reach out to our team to see how Incognia's device and location intelligence can help you catch seller fraud before it scales.