How Digital Marketplaces Are Preparing for the Growing Threats of Bots and Identity Fraud

The most significant threats to digital marketplaces today aren't fraud in the traditional sense. Rather, they are the industrialization of fraud at scale, and the two forces driving that industrialization are bots and AI-powered identity fraud.

‍

We’re in an era of industrialization of fraud at scale. The two forces driving it are bots and AI-powered identity fraud.

Threats used to be human-driven, but bots and AI fraud were always automated by nature. But they have evolved into something fundamentally different. Bots, increasingly powered by AI, have transformed fraud from isolated incidents into persistent, adaptive systems of abuse. At the same time, advances in generative AI have made it easier than ever to fabricate convincing identities, bypass verification systems, and impersonate real users. Together, these two forces tear away at the foundational trust that every marketplace depends on to thrive.

The Rise of Scaled, Programmatic Abuse

Digital marketplaces are designed to scale efficiently. Their value increases as more users participate, more transactions occur, and more supply meets demand. But this same architecture, open, dynamic, and growth-oriented, also creates ideal conditions for automation to thrive.

Every new account, listing, and transaction expands the surface area for attack. As a logical consequence of marketplace growth, the opportunity for exploitation increases as well.

Bots capitalize on this asymmetry. They can create accounts, test credentials, manipulate incentives, and execute transactions at a velocity that far exceeds any human capability. But it's not just their speed that makes them dangerous, it's their persistence. Unlike human fraudsters, bots don't get tired, don't take breaks, and have no natural limits. They continuously probe systems to identify weaknesses and adapt their behavior accordingly.

The scale of this threat is only growing. According to Cloudflare CEO Matthew Prince, bot traffic is on pace to exceed human internet traffic by 2027, a direct result of the explosion in AI agents, each of which can visit thousands of websites to complete a single task that a human would accomplish by visiting just a handful. The result is a transition from episodic fraud to always-on, system-level abuse.

When Identity Becomes Disposable

At the core of every successful marketplace is a simple but critical assumption: that participants represent real, accountable entities. Trust depends on the idea that a buyer is a real person, a seller is legitimate, and interactions between them reflect genuine intent.

Bots fundamentally undermine this assumption. By enabling the rapid creation and recycling of accounts, they turn identity into a disposable asset. A single bad actor can control thousands of accounts simultaneously, each appearing as a distinct participant in the ecosystem. When one account is flagged or removed, it can be replaced almost instantly with another.

This dynamic fuels the most common forms of marketplace abuse today, including automated account creation, credential stuffing, fake reviews, and promotional exploitation, all of which rely on the ability to generate and manage identities at scale.

AI Has Supercharged Marketplace Threats

If automation introduced scale, AI has introduced sophistication and it has done so across both bots and identity fraud simultaneously.

The latest generation of bot attacks is no longer defined solely by volume, but by its ability to convincingly replicate legitimate user behavior. At the same time, advances in generative AI have made it easier than ever to fabricate synthetic identities, produce realistic content, and bypass traditional document verification systems.

The scale of this shift is already measurable. Deepfake-driven identity attacks have increased by 300%, and the vast majority of identity fraud now involves some form of generative AI, with fraud losses in the U.S. are projected to climb from $12.3 billion in 2023 to $40 billion by 2027. Fraudsters are no longer limited to stealing real identities. Now, they can manufacture new ones at will, complete with convincing documentation, behavioral patterns, and interaction histories.

This creates a compounding problem for marketplaces. Bots provide the scale and automation to deploy synthetic identities at volume, while generative AI provides the realism to make those identities pass inspection. The two threats reinforce each other, enabling attacks that are simultaneously broader and harder to detect than either could achieve alone.

Why Marketplaces Are Especially Vulnerable

While all digital platforms face bot activity and identity fraud, marketplaces are uniquely exposed due to the complexity of their ecosystems. Unlike single-sided platforms, marketplaces must establish trust across multiple participants simultaneously. A failure on either side of a transaction, whether buyer or seller, can undermine the entire interaction and, in some cases, lead to real-world consequences.

At the same time, marketplaces operate under intense pressure to minimize friction. The cost of introducing additional steps—whether during onboarding, authentication, or checkout—is immediate and measurable in the form of abandonment.

This creates a structural imbalance. Marketplaces must simultaneously maximize accessibility and minimize risk, while bots and fraudulent identities exploit both objectives. Bots take advantage of low-friction environments to gain entry; synthetic identities take advantage of verification systems that were designed for a pre-AI world.

The Erosion of Trust as a Systemic Risk

The most profound impact of these threats is not always captured in fraud loss metrics. It manifests as a gradual erosion of trust across the platform.

When fake accounts proliferate, when reviews can no longer be relied upon, when synthetic sellers or buyers enter the ecosystem, confidence in the marketplace declines. This degradation is often subtle at first, but over time it can fundamentally alter user behavior. Participants become more cautious, engagement declines, and the marketplace's ability to match supply and demand effectively begins to deteriorate.

For platforms whose core value proposition is built on enabling trusted interactions between strangers, this represents an existential risk.

The Limitations of Point-in-Time Controls

Many marketplace defenses remain anchored in a point-in-time model of risk management. Users are verified at onboarding, authenticated at login, and evaluated at the moment of transaction. While these controls are necessary, they are no longer sufficient.

Fraud does not occur at a single moment. It evolves across the user lifecycle, shifting from account creation to account takeover, from transaction abuse to ongoing manipulation of trust signals. The static verification methods and deterministic rules that worked in the past are increasingly insufficient in the face of adversaries that can fabricate identities and adapt behavior in real time.

By the time traditional systems recognize suspicious activity, the damage—financial, operational, or reputational—has often already been done.

Reframing the Problem: From Fraud Prevention to Trust Infrastructure

What bots and identity fraud ultimately expose is not just a gap in fraud detection, but a deeper limitation in how marketplaces approach trust.

If identity can be easily created, reused, and discarded, then enforcement becomes temporary. If verification occurs only at discrete moments, then attackers can simply operate in the gaps between them. And if security measures introduce too much friction, legitimate users will leave before fraud is ever prevented.

Addressing this challenge requires a shift in perspective, from treating fraud as a series of events to treating trust as a continuous, dynamic system. This means moving beyond static verification and toward models that incorporate persistent identity signals, behavioral context, and real-time risk assessment across the entire user lifecycle. It requires the ability to distinguish genuine users from automated actors and synthetic identities not just at entry, but throughout every interaction on the platform.

The Path Forward

As bots become more sophisticated, as generative AI continues to lower the barrier to identity fraud, and as automated traffic increasingly outpaces human traffic online, the ability to establish and maintain trust will increasingly define competitive advantage.

The platforms that succeed will not be those that simply add more controls or increase friction. They will be the ones that apply intelligence more effectively, by verifying users seamlessly, detecting anomalies early, and adapting to risk without disrupting the user experience.

In this environment, the challenge is to ensure that real users can continue to participate with confidence, even as the threats arrayed against them grow more automated, more convincing, and more persistent than ever before.

Ultimately, the success of any marketplace depends not only on growth, but on the integrity of the interactions that growth enables. In a world of AI-driven automation, preserving that integrity has become both more difficult, and certainly more essential, than ever.