The Latest Imperva News
Product and Solution Information, Press Releases, Announcements
|E-commerce: Bad bots are ready for the holidays. Are you?|
|Posted: Wed Sep 18, 2019 11:07:50 AM|
The busiest time for online retailers is almost upon us—the holiday season. Each business is looking at ways to take advantage of cyber week when a significant portion of annual sales are made. At this time, preparation is well underway for Black Friday and Cyber Monday promotions. But another group is also preparing to exploit ecommerce websites—bad bots.
This bot problem has become so bad that last year, the US Congress proposed legislation called the Stopping Grinchbots Act of 2018.
To examine this topic, Imperva recently released a new threat research report titled, “How Bots Affect E-commerce.” This is the first industry-specific report into e-commerce bots. In it, we analyzed 16.4 billion requests from 231 domains internationally, finding that 30.8 percent of website and mobile app traffic was bots.
Who Launches E-commerce Bots?
E-commerce bots are deployed by four main groups:
Bots Affect Conversion Rates and Website Performance
Some e-commerce domains see over 90 percent of their traffic coming from bots. These bots perform constant scraping of product and pricing information that skew online retail analytics. Bots pollute key metrics such as the conversion rate and lifetime value of a customer. In addition, the volume of bots, particularly during peak times like Black Friday, adversely affect website performance that can lead to cart abandonment and lost revenue if the website becomes unavailable.
How Criminals Attack Gift Cards and Loyalty Programs
Bots can be deployed to check for gift card numbers that contain a balance by using the gift card balance checking features on a website. Any balances that are identified can be used by criminals to fraudulently purchase goods. Criminals also use automation techniques to attack loyalty programs using bots. Because of the ‘currency’ held within loyalty programs, gaining access to these accounts is potentially lucrative. Bots are used by criminals to launch brute-force credential stuffing and credential cracking attacks to take over accounts. Once a loyalty bot is inside an account, the criminal can commit fraud. The customer relationship with the victim can be irrevocably damaged by their loss of loyalty points and confidence in the security of the website.
To understand more about how bots affect e-commerce, download the report.