Banned twice in 24 hours on Claude Code – What could have triggered it?

Detailed Analysis

A user on Reddit's r/Anthropic community describes being banned twice within 24 hours while attempting to use Claude Code, Anthropic's CLI-based coding tool, raising questions about how the platform's automated fraud detection systems operate and what combinations of signals may trigger account suspension. The user's first account was registered with a ProtonMail address and paid for by a parent using a fintech card, with the payment made from abroad while the account holder used the CLI locally via WSL2. The second account was banned almost instantaneously upon attempting to log in via the same machine, before any commands were executed.

The scenario illustrates several well-documented friction points in automated fraud and abuse detection systems. The simultaneous login from two geographically disparate IP addresses — one abroad accessing the web interface, another domestic accessing the CLI — is a classic multi-account or account-sharing signal that fraud systems are designed to flag. Compounding this, fintech or virtual cards are statistically associated with higher rates of fraudulent transactions and are frequently treated with elevated suspicion by payment processors and downstream platforms alike. The use of a ProtonMail address, while entirely legitimate, is also a known signal in fraud scoring models, as disposable or privacy-focused email services are disproportionately used in abuse scenarios. The first ban was therefore likely the result of a confluence of these factors rather than any single trigger.

The near-instantaneous second ban is consistent with hardware or environment fingerprinting. When a new account is created and immediately connects via the same WSL2 environment — sharing identical system identifiers, network characteristics, or cached credentials — automated systems designed to prevent ban evasion will typically act before any usage occurs. This is a deliberate design choice: waiting for harmful usage to manifest before acting would undermine the purpose of such systems. The user's own analysis of the second ban as a "ban evasion" trigger is almost certainly correct.

The incident reflects broader tensions in deploying AI tools at the intersection of consumer accessibility and enterprise-grade abuse prevention. Anthropic, like other AI platform providers, faces significant pressure to prevent misuse of powerful models — including prompt injection attacks, credential sharing, and large-scale automated abuse — which necessitates aggressive automated gating. However, legitimate users with atypical but benign usage patterns, such as family-shared subscriptions or cross-border payment arrangements, can become collateral damage in these systems. The lack of a timely support response compounds the frustration, a recurring complaint across AI platform communities where trust and safety enforcement has scaled faster than human review capacity.

This case sits within a broader industry pattern as AI coding assistants — including Claude Code, GitHub Copilot, and Cursor — rapidly expand their user bases while simultaneously tightening access controls in response to subscription fraud and API abuse. The tension between frictionless onboarding and robust fraud prevention is particularly acute for high-value subscription tiers, where the financial incentive for abuse is greater. As these platforms mature, pressure will likely mount to build more sophisticated appeals processes and to better communicate to legitimate users why their accounts were flagged, reducing the opacity that defines the current experience for users like the one described here.