banner1
Logo Blinking Image
banner2

Manage Cookie Preferences





HOME
Security

New ‘Jamtaras’ shift focus to ecommerce, Bureau analysis of 70 million users reveals fraud networks

by VARINDIA 2026-04-29
New ‘Jamtaras’ shift focus to ecommerce, Bureau analysis of 70 million users reveals fraud networks
Bureau has released findings from an analysis of 70 million eCommerce users done over a period of 10 days. The study shows that organised fraud networks are now systematically targeting online marketplaces. What Jamtara exposed in banking, coordinated groups exploiting systems at scale, is now playing out across eCommerce.
 
Features designed to drive growth such as return policies, cashback offers, referral incentives, and Cash-on-Delivery (CoD) are increasingly being misused. The analysis shows that marketplace fraud today is structured, coordinated, and operating at scale.
 
Bureau saw an average of 1 in 6 risky devices having more than 10+ accounts associated with the same device, which is typically a sign of a “farm.” This was also consistent with signs of large-scale automation, where for instance, in some cases, a single account recorded 50+ instances of activity within just one hour. In total, 256 clusters were mapped, comprising ~45,000 accounts across just 9,000 devices.
 
At the core of these patterns is device farming. A device farm where multiple phones are operated together acts as the operational backbone of these fraud networks. It allows fraudsters to run and control dozens, sometimes hundreds, of accounts simultaneously, switching between them at speeds no individual user can match.
 
This infrastructure enables different levels of abuse. At the most visible layer, it is used to commit promo and referral abuse by creating multiple accounts to repeatedly claim incentives. But this is only the entry point. The more critical function of device farms is to systematically move across large volumes of accounts to identify which ones can be exploited further.
 
In effect, these systems “scan” or parse through accounts hopping rapidly from one to another to detect those with saved cards or linked wallets. These become the high-value targets for direct financial fraud. What appears to be simple incentive abuse is often a filtering mechanism to identify accounts that can be monetised.
 
The scale and automation behind this activity are evident in the behavioural patterns observed. The study surfaced strong location anomalies: in one case, an account logged in from Gujarat and Bengaluru within 30 minutes; in another, a single account was active across 70 locations, patterns consistent with automated account cycling, not human behaviour.
 
Commenting on the findings, Ranjan Reddy, Founder & CEO, Bureau, said, "Promo abuse isn't petty theft. It's industrialized. Fraud has evolved beyond stolen cards into coordinated, cross-platform operations. We have found device farms running thousands of fake accounts simultaneously across multiple platforms. Bureau's network intelligence sees these operations cross-platform because a fraud ring doesn't attack one app at a time.”
 
Promo and referral abuse remains widespread, with device farm activity particularly concentrated in Delhi, Bengaluru, and Noida. Some platforms recorded up to 15 times the typical share of users operating multiple accounts, indicating that incentive structures can directly influence fraud volume.
 
Return abuse is also systematic. Fraudsters order high-value goods and return counterfeits, empty packages, or reject deliveries altogether. Bureau’s models detect these patterns early using device, address, and behavioural signals often before a return is initiated.
 
Just 0.95% of users show anomalous behaviour, but this small group drives a disproportionate share of abuse. These actors operate in clusters, using multiple accounts, shared devices, and automation to exploit platform systems. “With 99% of users being genuine, blunt controls hurt growth. Platforms need continuous, device- and network-level intelligence to act on the risky 1% without disrupting the rest,” says Ranjan.
 
Bureau’s key strength lies in its network-level intelligence. Its device graph, a shared intelligence layer that maps device activity across its client base, spans 100+ enterprises across banking, fintech, eCommerce, insurance, and gaming, protecting nearly 300 million devices on a daily basis.
 
This enables early detection: when a fraud ring targets one platform, that intelligence can immediately be applied across the network.
er

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Check Point Software Technologies expands its SecureAcademy™ Program to eight leading Indian universities

Check Point Software Technologies expands its SecureAcademy™ Program to eight leading Indian universities

New ‘Jamtaras’ shift focus to ecommerce, Bureau analysis of 70 million users reveals fraud networks

New ‘Jamtaras’ shift focus to ecommerce, Bureau analysis of 70 million users reveals fraud networks

Proofpoint finds India ahead in AI use, but 63% of businesses hit by AI security incidents

Proofpoint finds India ahead in AI use, but 63% of businesses hit by AI security incidents

SOFTWARE
View All
AI Adoption Is No Longer the Advantage - Execution Is, Finds Responsive Study

AI Adoption Is No Longer the Advantage - Execution Is, Finds Responsive Study

TeamViewer introduces AI-driven scripting for Tia

TeamViewer introduces AI-driven scripting for Tia

Elastic delivers embedded AI experiences for Observability and Security inside third-party AI tools

Elastic delivers embedded AI experiences for Observability and Security inside third-party AI tools

START - UP
View All
Logistics startup DAAKit secures $138,000 in pre-seed round

Logistics startup DAAKit secures $138,000 in pre-seed round

KreditBee enters Unicorn club, receives $280 Mn fund in Series E round

KreditBee enters Unicorn club, receives $280 Mn fund in Series E round

JetStream Launches With $34M to Govern Enterprise AI

JetStream Launches With $34M to Govern Enterprise AI

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

wew
wrdf
fc
Start-Up and Unicorn Ecosystem
HCLTech to help DP World Tour drive multi-channel digital experience transformation

HCLTech to help DP World Tour drive multi-channel digital experience transformation

LTSCT Joins imec Automotive Chiplet Program

LTSCT Joins imec Automotive Chiplet Program

Capgemini unveils Google Cloud AI Enterprise Hub to accelerate agentic AI enterprise transformation

Capgemini unveils Google Cloud AI Enterprise Hub to accelerate agentic AI enterprise transformation

Claude for Word: Redefining AI in Document Workflows

Claude for Word: Redefining AI in Document Workflows

Synthetic Identity Fraud Hits New Highs in 2026

Synthetic Identity Fraud Hits New Highs in 2026

AI governance, cybersecurity, and reskilling

AI governance, cybersecurity, and reskilling

Physical AI and Robotics bridging the Digital Intelligence gap

Physical AI and Robotics bridging the Digital Intelligence gap

Supply Chain Risk, Reimagined for a Digital World

Supply Chain Risk, Reimagined for a Digital World

SWIFT vs CIPS: The New Financial Divide

SWIFT vs CIPS: The New Financial Divide

The Invisible Threat Lurking in Your Network

The Invisible Threat Lurking in Your Network

dsf