Verified accounts are a common asset in demand amongst fraudsters, as fraudsters are always looking to outsource assets to other people's names to launder money and/or process money without involving their real identity. The creation of these accounts are done typically via false identification documents, as covered in this article. These accounts range from verified payment processing accounts to banking accounts like Bank of America to launder funds.
There are a few prominent domains I found in my investigation of this market, roober, stealthway, and verifpro. These are all automated shops that provide all sorts of verified accounts with no wait time to fraudsters, essentially on-demand laundering accounts available for any service you can think of. The purpose of this article is to analyze different purposes of accounts for sale on these websites.
PayPal accounts appear to be one of the most prominent accounts sold in the market, nearly any verified account shop sells PayPal accounts of varying quality. The quality of a PayPal account is indicated by whether a SSN is attached to it, a real phone is attached to it, and whether a banking account is connected to the account. Many services sell banks with their PayPal accounts so the user can use the bank in conjunction with the PayPal. There is a forum dedicated to the verifying false PayPal accounts, Aspkin. PayPal has metrics that determine the quality of an account, as PayPal is aware of the abuse that is conducted on their site.
These PayPal accounts are typically used for fraudulent sellers to accept payments from others in the market. Sometimes, people sell assets like methods or even Robux, and they want to accept PayPal but not reveal their real-world identity, hence they use a false PayPal account, then launder the balance to cryptocurrency after the funds are accepted via PayPal. Additionally, some people want to anonymize or avoid paying taxes on their dropshipping services, so they use a fake PayPal account to avoid any sort of tax obligation. There remain other purposes like laundering stolen credit card funds, using PayPal to charge the card, but widely the field is used to accept money that will then be easily converted to Bitcoin.
Stripe, similar to Paypal, can act as a payment processor. This instantly opens the opportunity for people to use Stripe as a way to process stolen card payments, but Stripe has security to combat this. Stripe holds funds for up to two weeks before paying an account owner for the funds they received, in case a reverse is needed in the situation of a stolen card being processed through the Stripe account. Pre-verified Stripe accounts are sold to bypass this two week hold, reducing it to two days, and additionally legitimate funds can be processed through Stripe under someone else's identity to avoid any tax obligations of the real business owner. For instance, just like PayPal, if I wanted to run a dropshipping service accept Stripe, I could use Stripe and avoid tax obligations by using other people's identities on Stripe. The money goes to a 'drop bank account', a pre-made bank account, where the money is typically converted to Bitcoin using another third-party app that will require verification.
As you can see, a common goal of these payment processor accounts are to centralize funds in bank accounts. This is because bank accounts can be used to convert USD to Bitcoin using apps like CashApp, with the right verification. CashApp wants to prevent abuse of this feature for people who are using illegitimately obtained bank accounts, so they require ID verification before withdrawals are made on the platform. Therefore, people buy CashApp accounts, link their drop bank they received with their Stripe/PayPal account purchase, and transfer the funds from that bank to CashApp, where they will then withdrawal the funds to Bitcoin. CashApp accounts are probably the most commonly sold asset on the market for account verifications, as CashApp acts like PayPal as a way to accept payments for assets as well, but directly allows Bitcoin conversion, cutting out the extra steps PayPal requires.
Binance / Kraken / Coinbase
Binance and Kraken are both cryptocurrency exchanges that allow deposits from bank accounts and thousands of options for cryptocurrency-to-cryptocurrency exchange. These exchanges are often used for their intended purpose, to exchange different cryptocurrencies for other cryptocurrencies. The fraudsters use these accounts though to launder money specifically, they make the cryptocurrency harder to trace to any investigations of stolen funds. These accounts are also used to connect bank accounts and purchase cryptocurrencies with, in bulk amounts, as platforms like CashApp won't allow a buyer to do much more than 5K of BTC withdrawals per week.
Coinbase accounts are also purchased for doing cryptocurrency exchanges and laundering, but these accounts can be used for another purposes, carding. People purchase Coinbase accounts to 'age' the account with legitimate transactions with the goal of using a stolen credit card to purchase Bitcoin at the end. Doing prior transactions before using the stolen credit card is necessary as Coinbase imposes limits on accounts, such as if an account has not done x amount of USD in card transactions, they cannot be trusted to do more than x dollars. The maximum a Coinbase will let you purchase is 7,500 USD, but this would take a while to age.
Paxful / LBC
Paxful and Local Bitcoin are two sites that allow for peer-to-peer asset to cryptocurrency exchanges, they serve essentially the same purpose. These sites are essentially just middlemen between buyers and sellers who have things like giftcards and they want Bitcoin in exchange for the value of the giftcard. People use these accounts to sell fraudulent giftcards for cryptocurrencies, they come verified and sometimes with reputation, meaning other users are more likely to trust these accounts. The website administrators are also more likely to favor towards users with high reputation if a deal goes wrong, which people can abuse via scamming users and claiming that they didn't do anything. For instance, some sellers on Paxful buy giftcards, use the balance, and then claim the card with no balance as an excuse not to pay the seller of the giftcard. Additionally, people use these accounts to just sell stolen merchandise which is not allowed on the site. For instance, people phish giftcards and sell the giftcards to buyers for cryptocurrency for Bitcoin, effectively converting that giftcard to Bitcoin under a false identity.
Bank Account Open-ups
Banking accounts are typically the connecting piece to many types of accounts. Many platforms use bank accounts to verify people's identities and thereby they serve as an integral part of the verification process on platforms like PayPal and CashApp. These bank accounts can also be used as an intermediary to receive fraudulent funds that will be later converted to cryptocurrencies via exchanges like Coinbase or apps like CashApp. A popular banking solution are online banks that require no shipments like Revolut, but account open-ups are also done for more brick-and-mortar banks like Bank of America and Discover. These brick-and-mortar banks have higher credibility in the eyes of services like PayPal and work universally, while some services may ban accounts like Revolut as they are less credible by nature, as they are easier to open there by easier to commit fraud with.
All sorts of account open-ups are useful for fraudsters, to launder money, to sell goods, and to begin fraudulent projects that require access to services that require verification. Accounts range from the low hundreds to the higher hundreds - depending on how hard it is to verify the account. This difficulty depends on the verification system underlying for the platform, as discussed in my article regarding false IDs.