Indian eCommerce platforms are facing an organised wave of high-tech fraud in which small groups of users are allegedly causing disproportionate financial and operational damage through device farms, fake accounts and coordinated abuse of platform features. A recent analysis has warned that online shopping fraud is no longer limited to isolated misuse, but has grown into a structured ecosystem targeting cashback offers, returns, cash-on-delivery systems and saved payment methods.
Device Farms Drive Fake Account Networks
According to the analysis, the centre of this emerging fraud model is “device farming,” a method in which hundreds of smartphones or virtual devices are used from a single setup to create and control thousands of fake accounts. These accounts are designed to appear like genuine users, making it difficult for platforms to separate legitimate activity from organised abuse.
FCRF Academy Launches Premier Anti-Money Laundering Certification Program
In a 10-day review of nearly 70 million users, one in every six suspicious devices was found to be linked to more than 10 accounts. In some cases, a single account performed over 50 actions within an hour, a pattern that was far beyond normal human behaviour.
The analysis also found that around 45,000 accounts were being operated through just 9,000 devices. These accounts were grouped into 256 structured clusters, suggesting coordination rather than random activity.
Cashback, Returns and COD Features Exploited
The networks reportedly begin by creating large numbers of fake accounts to exploit referral bonuses, cashback offers and promotional incentives. These activities are used to test platform systems and identify weaknesses before moving to more serious forms of fraud.
The operation then shifts to rapid account cycling to identify users with saved payment methods, including cards, UPI and digital wallets. Once such accounts are identified, they may be targeted for high-value financial fraud.
The report also flagged unusual login behaviour. In one case, a single account appeared active in Gujarat and Bengaluru within 30 minutes. Other accounts were recorded logging in from as many as 70 different locations, indicating possible automation, bot activity and scripted operations.
Return fraud has emerged as another major concern for eCommerce companies. Fraudsters allegedly order high-value products and later return counterfeit items, empty boxes or refuse delivery, leading to losses across payment, logistics and refund systems.
Tech Hubs See Higher Concentration of Suspicious Activity
The analysis found a higher concentration of such activity in major technology hubs, including Delhi, Bengaluru and Noida. Some platforms reported up to 15 times the usual number of multi-account users in these regions, raising concerns that aggressive offers and promotional campaigns may be enabling organised fraud networks.
One of the report’s key findings is that just 0.95% of users account for a disproportionately large share of fraudulent activity. While the number appears small, the scale of digital platforms means even this fraction can create significant losses and operational pressure.
Cybercrime expert and former IPS officer Prof. Triveni Singh said modern cyber fraud is no longer isolated theft but a combination of social engineering and advanced technology. He said device farming allows criminals to generate thousands of digital identities at speed and exploit loopholes across platforms.
The findings present a difficult challenge for online marketplaces. Platforms must tighten fraud detection without creating unnecessary friction for genuine users. The report suggests that the so-called Jamtara model of coordinated fraud has moved beyond banking scams and call-centre operations into the eCommerce ecosystem.
