# Signup, Trial, Promo, and Business-Flow Abuse > **Intro:** This class of abuse is often dismissed as fraud-adjacent noise until it becomes a board-level cost line. Product Security should help product teams identify which workflows are easy to script, chain, or arbitrage. > > **What this page includes** > > * common abuse patterns around growth and monetization features > * controls that do not ruin the product experience > * what to monitor by actor, object, and workflow > * how to prioritize fixes using business impact ## Repeating abuse themes * account farming for free tiers; * coupon or referral abuse; * invite-chain or workspace proliferation abuse; * API budget exhaustion through deliberately expensive workflows; * abuse of trial reset or account deletion and recreation patterns. ## Control ideas * bind entitlements to stronger identity than email alone; * monitor by household, device, payment instrument, workspace pattern, and not only by account; * make high-cost workflows scarce and observable; * separate user friction from fraud friction by using progressive challenge models. ## Product Security role The goal is not to own fraud. The goal is to help product teams see when a workflow grants too much authority or too much economic value without enough identity confidence or monitoring. ## Related pages * [API Abuse Resilience and Rate Limits](/architecture-api-crypto-and-identity/index/api-abuse-resilience-and-rate-limits.md) *** *Author attribution: Ivan Piskunov, 2026 - Educational and defensive-engineering use.* --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.product-security.expert/application-security-and-secure-sdlc/index-3/signup-trial-promo-and-business-flow-abuse.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.