New Fraud Prevention Suite Available in Early Access

Cloudflare is announcing Account Abuse Protection, a comprehensive set of fraud detection capabilities designed to stop account abuse from both automated attacks and human-driven fraud. These tools address the evolving threat landscape where attackers combine leaked credential databases, human fraud operations, and automated tools to compromise accounts at scale.

Key New Features

The announcement introduces three major new capabilities:

• Disposable Email Check: Helps prevent fake account creation and promotion abuse by identifying and blocking signups with throwaway email addresses
• Email Risk Scoring: Evaluates email addresses based on patterns and infrastructure to flag risky accounts
• Hashed User IDs: Generates privacy-preserving, per-domain identifiers by cryptographically hashing usernames, enabling better detection of suspicious account activity without exposing sensitive user information

Existing Features Expanded

These new tools complement existing Cloudflare fraud prevention capabilities:

• Leaked Credentials Detection (free for all customers): Now detects that 41% of logins across Cloudflare's network use previously leaked passwords, with this number rising due to recent large-scale data breaches
• Account Takeover (ATO) Detections: Bot Management customers can now identify suspicious login patterns, with ATO detections catching an average of 6.9 billion suspicious login attempts daily across Cloudflare's network

Availability and Pricing

Account Abuse Protection is available in Early Access with no additional cost for Bot Management Enterprise customers during the trial period. General availability is expected later in 2026 as part of Cloudflare Fraud Prevention. Interested customers can sign up for early access through Cloudflare's website.