He’s likely signing up with different IP through a VPN/proxy.
It’s a tricky situation to deal with. This Discourse Fingerprint - Browser Fingerprinting Plugin might help you detect early, but there is not much you can do (in the meaning, automatically).
The help of your community by flagging inappropriate content is important.