Vinted Partners With DataDome to Stop Account Fraud & Protect Millions in Revenue
Vinted, a C2C marketplace with over 100 million users, partnered with DataDome to tackle sophisticated bots that were launching credential stuffing attacks and creating fake accounts to sell illegal, counterfeit, and limited-edition products.
By integrating Bot Protect and Account Protect, Vinted achieved a multi-layered AI defense system. Bot Protect acted as the first line of defense, using advanced machine learning and AI to detect and block automated threats like credential stuffing and scraping in real time. Meanwhile, Account Protect continuously analyzed user behavior to identify and prevent account fraud, such as takeovers and fake account creations.
Together, these solutions shared intelligence to enhance detection accuracy and offered a unified dashboard for seamless management—safeguarding Vinted from significant financial losses, fraud, and disruptions.
The challenge: A marketplace threatened by an army of sophisticated bots
Vinted, as a leading online marketplace, naturally attracted attention from sophisticated bots seeking to exploit its platform. These attackers employed advanced techniques, such as creating fake accounts and conducting credential stuffing attempts, in an effort to scam and commit fraud. Vinted’s proactive approach to safeguarding its users highlights its commitment to maintaining a secure and trusted environment for its community.
“The impact of bots at Vinted is high. They create counterfeit listings, attempt to scam users, and slow down our operations with fake accounts,” explains Karolis Zilinskas, Engineering Manager at Vinted. Each fake account creation or bot attack meant thousands of fraudulent items listed on the platform, damaging Vinted’s reputation and giving additional work to their moderation team.
The financial consequences were considerable, due to chargeback fees, time wasted by internal resources, and, more difficult to quantify, the loss of user confidence. “The cost of fighting bots runs into millions of dollars,” says Karolis.
As Vinted strengthened its protection against bots, they became even more sophisticated. “These attackers are not your average bot creators,” Karolis notes. “They were spending a lot of time and money on their attacks—using paid proxy services, rotating IP addresses, and even employing advanced device emulation to impersonate legitimate iOS devices.”
Vinted needed a robust, intelligent solution to keep up with these evolving tactics.
The solution: Real-time, multi-layered AI protection across websites, mobile apps, & APIs
“Vinted exists thanks to our great user experience and low cost. So, it is very important for us to protect it. We partnered with DataDome to protect users from scams and fraud, and it is one of the few products we tried that proved effective against bots,” says Karolis.
Indeed, DataDome quickly proved its worth by blocking credential stuffing attacks and preventing account takeovers. However, the issue of creating fake accounts persisted, especially when attackers focused on Vinted’s mobile app.
DataDome responded quickly, automatically refining models in real time to counter the fake accounts. By continuously integrating new signals, the platform adapted to emerging attack patterns and was able to combat the disruptions caused by fake accounts.
By introducing enhanced detection methods, real-time traffic monitoring, and additional signal detection, Vinted achieved a proactive defense strategy. This collaborative approach enabled Vinted to stay one step ahead, even as attackers pivoted to new strategies within hours.
Vinted also experienced immediate value by combining Bot Protect and Account Protect, leveraging the strengths of both solutions. Bot Protect, as the first line of defense, blocked malicious bot traffic in real time, stopping fraud before it could occur. Meanwhile, Account Protect served as the second line of defense, utilizing additional signals and analyzing longer timeframes tied to specific accounts to detect and prevent suspicious behaviors such as unusual browsing patterns, automated activity in messaging or reviews, and irregular purchasing or selling actions in the app.
Together, these solutions created a powerful two-pronged protection approach that delivered exponential returns: bad bot traffic filtered out fraudulent accounts, and insights from bad accounts enriched bot detection signatures. By bridging bot and fraud protection with shared signals, data, and insights, Vinted achieved a more robust and proactive defense, proving that these solutions are truly better together.
The results: Blocking fraudulent listings, preventing account takeovers, & saving millions
Thanks to DataDome’s multi-layered AI defense, Vinted has seen a marked improvement in the security of its platform. Credential stuffing attacks have been completely blocked, and Account Protect’s adaptive, supervised AI models have significantly reduced the number of fake accounts created on both the website and mobile app. These models continuously learn and evolve, adapting to changing attack patterns in real time. This automated, intelligence-driven approach ensures that Vinted stays ahead of sophisticated threats without requiring constant manual intervention, delivering both immediate and long-term protection.
By blocking bots in real time and dramatically reducing fake accounts, Vinted has improved its user experience and saved millions of dollars in potential losses caused by fraudulent registrations. The reduction in bot activity has also lightened the workload of Vinted’s moderation team, previously inundated with requests to mitigate the issues being caused by bots.
Working with DataDome has given Vinted not only a bot management solution but also a strong partnership. “DataDome’s willingness to work closely with us, share their knowledge, and tackle problems head-on has made a huge difference. I would definitely recommend them to any company faced with bot issues,” concludes Karolis.
Don’t wait to see if your business is vulnerable to bot attacks. Test your site today with the Bot Vulnerability Assessment and get instant insights into your bot attack resilience.
*** This is a Security Bloggers Network syndicated blog from Blog – DataDome authored by Paige Tester. Read the original post at: https://datadome.co/customers-stories/vinted-partners-with-datadome-to-stop-account-fraud-protect-millions-in-revenue/
