惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

酷 壳 – CoolShell
酷 壳 – CoolShell
GbyAI
GbyAI
SecWiki News
SecWiki News
Project Zero
Project Zero
C
Cisco Blogs
Simon Willison's Weblog
Simon Willison's Weblog
P
Privacy International News Feed
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Scott Helme
Scott Helme
A
Arctic Wolf
Security Latest
Security Latest
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
P
Privacy & Cybersecurity Law Blog
Apple Machine Learning Research
Apple Machine Learning Research
T
Tailwind CSS Blog
The Hacker News
The Hacker News
T
Tenable Blog
雷峰网
雷峰网
有赞技术团队
有赞技术团队
V
V2EX
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Threat Research - Cisco Blogs
T
Threatpost
AWS News Blog
AWS News Blog
L
LINUX DO - 热门话题
Application and Cybersecurity Blog
Application and Cybersecurity Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
S
SegmentFault 最新的问题
月光博客
月光博客
Spread Privacy
Spread Privacy
S
Secure Thoughts
宝玉的分享
宝玉的分享
博客园 - 三生石上(FineUI控件)
Forbes - Security
Forbes - Security
T
The Exploit Database - CXSecurity.com
G
GRAHAM CLULEY
The Last Watchdog
The Last Watchdog
Y
Y Combinator Blog
I
Intezer
博客园 - 【当耐特】
B
Blog RSS Feed
Attack and Defense Labs
Attack and Defense Labs
I
InfoQ
博客园 - 叶小钗
Cyberwarzone
Cyberwarzone
V2EX - 技术
V2EX - 技术
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Hugging Face - Blog
Hugging Face - Blog
H
Help Net Security
C
CERT Recently Published Vulnerability Notes

Stripe Blog

Four travel and hospitality trends from HITEC 2026 What Link data tells us about AI spending Stripe Projects adds new agent integrations, more providers, and custom developer controls New ways to turn global demand into revenue The future of agentic commerce is here Stripe Forum Seattle Helping businesses optimize network costs with the Visa Digital Commerce Authentication Program (DCAP) Solo founding is at an all-time high: Top performers have these traits in common Expanding Stripe Radar to protect more of your business Five vertical SaaS insights from Sessions 2026 Everything we announced at Sessions 2026 Giving agents the ability to pay How agents, digital wallets, and trust are rewriting checkout Insights from Shoptalk 2026: How agents are changing retail How Stripe Radar helps prevent free trial abuse Three of the biggest fraud trends from MRC Vegas 2026 Testing the impact of Adaptive Pricing across 1.5M subscription checkout sessions Introducing the Machine Payments Protocol 10 things we learned building for the first generation of agentic commerce Supporting additional payment methods for agentic commerce Can AI agents build real Stripe integrations? We built a benchmark to find out
Analyzing first-party fraud trends: Account, free trial, and refund abuse
2026-03-10 · via Stripe Blog

From November 2025 to February 2026, we detected a significant increase in abusive free trials across Stripe’s network.

Blog > First-party fraud trends > Image 1

This is part of a broader shift toward first-party fraud, where legitimate users abuse policies by setting up multiple accounts, cycling through free trials, or exploiting refunds. In fact, 62% of merchants have experienced an increase in disputes due to first-party fraud over the past year. Managing it costs businesses $35 for every $100 in disputes. 

Businesses facing these losses ask us the same questions: is first-party fraud increasing industry-wide as much as it is for my business? What can we do about it?

We analyzed hundreds of millions of transactions across the Stripe network to find answers. We identified three of the fastest growing types of first-party fraud, each occurring at a distinct point in the customer lifecycle: account abuse at sign-up, free trial abuse during product evaluation, and refund fraud after a customer has already received goods or services.

Here’s what we found about the prevalence of each and how Stripe Radar, our AI-powered fraud product, can help protect your business.  

Account abuse is especially costly for AI companies, where expensive compute costs are tied directly to usage

One in five consumers admit to using different email addresses or contact information to access promotions and discounts multiple times—rising to 29% of Gen Z and 27% of millennials, according to 451 Research’s Voice of the Connected User Landscape: Connected Customer, Trust and Privacy 2025. This behavior, known as account abuse or multiaccount abuse, occurs when a single person creates several accounts to repeatedly abuse free trials, use promotional coupons over and over again, or use their multiple accounts to spread stolen card use and avoid detection for longer. 

The fraud pattern forms a giant web with a single payment method identifier getting attached to dozens, if not hundreds, of emails, IP addresses, and names.

Blog > First-party fraud trends > Image 2

Any business that offers something valuable—a free trial or a free perk with a new account—can be a target. But AI companies are particularly impacted.

Based on a Stripe analysis, 7.4% of customer sign-ups at AI companies are implicated in suspected multiaccount abuse. AI tools run on compute resources, which makes multiaccount abuse especially costly. Users might breach a business’s terms to create multiple accounts to get repeated access to free tiers or perks that come with new account sign-ups, such as free tokens. When a bad actor spins up five accounts instead of one, they consume five times the compute resources. 

In response, we are rolling out a new Radar feature to help you evaluate potential abuse during customer account registration and login events. You can see which new sign-ups are real customers, who might be likely to convert to a paid subscription, rather than fraudulent actors looking to repeatedly exploit new account perks. Sign up for early access. 

Free trial abuse is accelerating, driven by AI companies and the legitimate use of virtual cards

Free trials are necessary for customer evaluation, but they can be abused by users who violate common trial terms, such as cycling through multiple trials to get prolonged free access to a product or service. 

We found that this type of abuse is accelerating for two reasons: AI companies’ free trial acquisition strategies and the breakdown of traditional prevention methods that businesses have previously relied on.

  • AI companies face acute exposure. Free trial abuse isn’t new, but AI companies are driving much of the increase we’re seeing today. These businesses run on expensive compute resources and rely on free trials to acquire customers, making them especially vulnerable to abuse. In fact, AI startups that offer free trials with self-serve sign-ups and direct API access see 10x more attempted abuse than enterprise AI solutions.
Blog > First-party fraud abuse > Image 3
  • Traditional prevention methods no longer work. In an effort to reduce free trial abuse, businesses used to block high-risk payment methods such as virtual cards at sign-up. However, today, many virtual cards are legitimately used by customers for privacy and security. Blanket blocking them means rejecting legitimate sign-ups and hurting conversion rates. This leaves AI companies in a bind: they need free trials for customer acquisition, but those trials create financial exposure that traditional fraud tools weren’t designed to address.

Radar launched a new solution that predicts common free trial terms abuse with 90% accuracy. We also introduced a new analytics page that shows all high-risk payments that are blocked. For businesses that have not yet enabled the control, we show which payments would have been blocked if you had turned it on. Email us at trial-abuse-prevention@stripe.com for early access.

Refund abuse costs businesses worldwide $100 billion each year 

Many retailers offer generous refund policies to stay competitive and improve the customer experience. However, lenient policies can be abused, with customers falsely claiming items never arrived or are defective in order to receive a refund—and keep the product. It’s an expensive problem: we estimate that global losses from refund abuse reach approximately $100 billion each year. 

Customers might buy expensive clothing, wear it for a short time, and then return it—behavior known as “wardrobing.” According to the National Retail Federation’s 2025 Retail Returns Landscape report, 27% of shoppers that returned at least 1 online purchase in a 12-month period admitted to wardrobing, and that increased to 49% for Gen Z shoppers.

Blog > First-party fraud trends > Image 4

Retailers tell us that social media has amplified this behavior: influencers might purchase large shopping hauls for content and then return the clothes once the video is created. Retailers absorb the cost on both ends—two-way shipping, processing fees, and markdowns on items they may no longer be able to sell as new.

There are also more sophisticated operations. We’ve seen bad actors use more than 100 email variations and multiple payment cards to systematically exploit refund policies, such as “no questions asked” refund policies. When retailers implement refund limits, like charging a fee for frequent returns, these bad actors simply create new accounts with different cards to bypass the restrictions.

In both cases, there are real customers with valid payment credentials making genuine purchases. This makes it very difficult to detect refund abuse at the point of transaction; the fraud only becomes apparent later, once the refund is processed.

We are actively building solutions to help businesses identify and prevent refund abuse. Please contact us at refund-abuse-prevention@stripe.com to be part of the preview for this feature. 

What we’re building to help

Our goal is to equip businesses on Stripe with tools to identify, reduce, and monitor first-party fraud and abuse. We process billions of transactions across millions of businesses, which gives us visibility into comprehensive fraud patterns, such as repeat abusers, networks of fake accounts, and emerging tactics. We plan to continue using our existing AI infrastructure and Radar’s capabilities to extend fraud protection to first-party fraud. 

To hear more about how Radar is adapting to additional fraud and abuse vectors, join us at Stripe Sessions.