Automated attacks on eCommerce get more sophisticated
The sophistication level of bots attacking eCommerce sites is on the rise according to a new report from cybersecurity company Imperva.
Traffic to eCommerce sites is made up of 17.7 percent bad bots, 13.1 percent good bots and 69.2 percent humans, the findings show, and the bad bots are getting better -- but not in a good way.
Nearly four-fifths (79.2 percent) of bad bots targeting eCommerce are classified as moderate or sophisticated, up from 75.8 percent in 2018, while those classified as simple have decreased from 24.2 to 20.8 percent. The rise in sophistication is, says the report, due to an arms race at play between bot operators and bot mitigation technology.
The variety of bot attacks is more diverse in eCommerce than in many other industries too. These attacks include unauthorized price and content scraping, denial of inventory, scalping by resellers, customer account takeover, credit card fraud and gift card fraud.
"This study shows that bad bots cause round-the-clock damage on e-commerce websites, APIs and mobile apps," says Tiffany Olson Kleemann, VP of bot management at Imperva and former CEO of Distil. "We agree with the approach taken in proposed legislation to ban the use of 'Grinch bots' and 'sneaker bots,' which are used to scalp limited edition, high-demand inventory, yet we know from first-hand experience that legal action alone is not enough. Online retailers must also practice good web security hygiene and take advantage of the technology solutions at their disposal to protect their websites and customers. Gaining a granular understanding of bot threats is a critical first step in the right direction."