ShieldLabs
Back to blog

How to detect fake reviews

Fake review detection: many review-posting accounts under different names all tracing back to one shared device behind a review ring

Last updated on July 10, 2026 · 8 min read

Fake reviews are now illegal to buy or sell. In 2024, the FTC finalized a rule banning fake and manufactured reviews, with penalties per violation. They remain everywhere anyway: the Federal Trade Commission estimates that between 55 billion and 146 billion dollars of goods and services sold in 2023 were tied to fraudulent reviews. For any platform that hosts reviews, catching them is now both a trust problem and a compliance one.

The hard part is that a fake review can read exactly like a real one, especially now that the text can be generated to order. This guide explains what review fraud is, the main types, why reading the words will never be enough, and how to detect fake reviews by looking at the accounts and devices behind them rather than the sentences.

Key takeaways

  • Review fraud is the posting of reviews that do not reflect a genuine, independent customer experience, to inflate a rating or sabotage a competitor.
  • The text alone is a weak signal, because a convincing fake review can be written by a paid human or generated on demand.
  • Fake reviews at scale come from rings of accounts, so the reliable signal is what those accounts share, most often the device and network behind them.
  • Detection combines content and account checks with device-level linking that ties a cluster of "independent" reviewers back to one operation.

What is review fraud?

Review fraud is the practice of posting reviews that do not reflect an honest, independent experience of a product or service, in order to manipulate its reputation. It runs in both directions: fake positive reviews to inflate a rating and drive sales, and fake negative reviews to damage a competitor or extort a business. The reviews may be paid for, incentivized, written by the seller, or produced by a farm of accounts created for the purpose.

For the platform hosting the reviews, whether a marketplace, an app store, or a business-profile page, the damage is direct. Fraudulent reviews mislead real customers, distort rankings, erode trust in the whole system, and now carry regulatory risk. The challenge is that the platform rarely knows the truth of any single review, so it has to find fraud in the pattern rather than the prose.

The main types of review fraud

Review fraud takes a handful of recognizable forms:

  • Paid and incentivized reviews. Sellers buy positive reviews from farms or reward customers for five-star ratings, producing praise that was purchased rather than earned.
  • Self-reviews. A business reviews its own product through fake accounts it controls, manufacturing a base of positive ratings.
  • Competitor sabotage and review bombing. Coordinated fake negative reviews, often in a short burst, are used to tank a rival's rating or pressure a business.
  • Reciprocal review rings. Groups, or one operator running many personas, review each other's listings so everyone's rating rises.
  • Task-scam reviews. Recruits are paid to make token purchases and post reviews as part of a job scam, generating a stream of fake but purchase-verified ratings.

The common thread is that most review fraud at scale is not one person writing one review. It is a ring of accounts, controlled by one operation, posting reviews that are supposed to look independent.

Why fake reviews are hard to catch

The instinct is to catch fake reviews by reading them, and it is exactly the wrong place to look. A paid reviewer writes fluent, specific, believable prose, and generated review text can now produce a hundred distinct, natural-sounding reviews in minutes. The words are the part a fraudster controls most easily, so judging authenticity from the text alone is a losing game that also flags plenty of real, poorly written reviews.

What a fraudster cannot cheaply vary is the machinery behind the reviews. A review farm runs many accounts, but it runs them from a limited pool of devices and connections, often masked with VPNs, proxies, or anti-detect browsers to make each account look independent. So the reliable signal is not whether a single review sounds fake, but whether a cluster of supposedly separate reviewers keeps tracing back to the same device, the same network, and the same coordinated timing. That is a pattern the text can never reveal.

We tested where that machinery actually shows. We ran a batch of accounts built to look independent, each with its own name and email and routed through a different VPN or anti-detect browser, and a persistent device identifier still linked them to the same small pool of machines and connections. The device is the part a review farm cannot cheaply reissue per account, which is why it holds up even against the fluent, generated text that the FTC's ban finalized in 2024 did nothing to make more expensive. Recognition stays probabilistic, accurate up to 99 percent rather than a guarantee, so it weighs as a strong signal next to account age and connection checks rather than a verdict on its own.

Which industries review fraud hits hardest

Review fraud concentrates wherever a rating moves money:

  • Online marketplaces. Seller ratings and product reviews drive the buy box, so paid and self-posted reviews are rampant, and the rings behind them run many accounts from few devices.
  • App stores. Ratings gate discovery and installs, which makes bought reviews and rating manipulation a growth shortcut worth policing.
  • Local business and maps. A star rating decides foot traffic, so both fake positive reviews and competitor review-bombing hit local listings hard.
  • Travel and hospitality. Hotel, restaurant, and rental ratings convert directly to bookings, a strong incentive to inflate your own and sabotage rivals.
  • Direct-to-consumer e-commerce. On-site reviews and testimonials shape conversion, so a brand or its competitors have reason to manufacture them.

The content differs by vertical, but the tell does not: a cluster of supposedly independent reviewers tracing back to one device is a review operation, whatever it is reviewing.

How to detect fake reviews

Effective detection layers a few checks, weighted toward the account rather than the content:

  • Read content signals, but lightly. Repeated phrasing, generic praise, bursts of reviews with no verified purchase, and reviewers with a single review can flag suspicion, but none of these is conclusive on its own.
  • Check account age and velocity. Freshly created accounts, or a spike of reviews on one listing in a short window, are stronger signals than any individual review's wording.
  • Link the accounts by device. The single most reliable check is whether a cluster of "independent" reviewers traces back to one device or a small pool of them. A persistent device identifier surfaces the ring behind the reviews even when every account has a different name and email.
  • Read the connection. Reviews arriving over VPNs, proxies, or anti-detect browsers, especially clustered, point to an operation working to look like many separate people.
  • Prefer verified experience. Weighting or gating reviews behind a verified purchase or genuine usage raises the cost of manufacturing them, without judging the honest reviewer's words.

Together these move the decision off the text, where fraudsters are strongest, and onto the account and device, where they are weakest.

Preventing fake reviews with ShieldLabs

ShieldLabs gives a review platform the device signal that exposes a review ring, without trying to judge whether any single review sounds fake. You add one JavaScript snippet to your signup and review flows, and each account returns a persistent device identifier that survives cleared cookies and a rotated IP, so a cluster of "independent" reviewers that all trace to one device stays linked. That is the multi-accounting pattern, many accounts on one device, surfaced directly as the fingerprint of a review operation.

Alongside it, each visit returns a risk score from 0 to 100 and the named anonymity signals, VPN, proxy, Tor, and anti-detect browser use, that farms rely on to make one operation look like a crowd. ShieldLabs scores the account and names the evidence; it does not read or rate the review text, and it does not moderate content for you. You read the pattern and the score through the API and webhooks and decide, by your own rules, which reviews to trust, hold, or remove, so the moderation call stays in your system. The free tier covers your first 5,000 identifications.

Sources

  1. Federal Trade Commission: Final Rule Banning Fake Reviews and Testimonials (2024)
  2. National Consumers League (Fraud.org): Fake reviews are influencing billions in purchasing decisions (2024)
  3. Wikipedia: Fake review

Frequently asked questions

What is review fraud?
Review fraud is posting reviews that do not reflect a genuine, independent customer experience, in order to manipulate a product or business reputation. It includes fake positive reviews bought or self-posted to inflate a rating, and fake negative reviews used to sabotage a competitor. Most review fraud at scale comes from rings of accounts controlled by one operation, rather than a single person writing a single review.
Are fake reviews illegal?
In the United States, yes, in many cases. In 2024 the FTC finalized a rule that bans the sale and purchase of fake reviews and testimonials, along with other forms of review manipulation, with monetary penalties per violation. Posting or buying fabricated reviews can now carry regulatory consequences for a business, on top of the platform-level bans that already applied.
How do you detect fake reviews?
By focusing on the accounts and devices behind the reviews rather than the wording, since convincing fake text is cheap to produce. The strongest signal is a cluster of supposedly independent reviewers tracing back to one device or a small pool, followed by anonymity signals like VPN and anti-detect browser use, account age and velocity, and whether the review is tied to a verified purchase. Content checks help but cannot carry the decision alone.
How do platforms catch fake-review rings?
By linking the accounts. A review farm runs many accounts from a limited set of devices and connections, so a platform that assigns a persistent device identifier can see when dozens of different reviewers share one machine or network. Combined with velocity and anonymity signals, that turns a scattered set of plausible reviews back into a single coordinated operation the platform can act on.
Does ShieldLabs detect fake reviews?
ShieldLabs detects the device and account signals behind fake reviews, in particular the many-accounts-on-one-device pattern that exposes a review ring, rather than reading or rating the review text itself. It links reviewer accounts with persistent identification and returns a risk score with the named signals, so your own moderation rules decide which reviews to trust or remove. The free tier covers your first 5,000 identifications.

Related articles