Documents & Resources

Welcome to BotGuard Knowledge Base

BotGuard Knowledge Base

Please login to see your partner documents.Login

The Most Common Web Threats

Updated: July 2021

For your convenience, we have prepared this short guide describing the most wide-spread types of web threats that can threaten your website. We’ve included some typical symptoms that may indicate the risk of bot interference.

Credential Cracker

Current Risk Level: medium 

Business Threat Level: medium 

Keywords: Brute-force attacks against sign-in Brute forcing log-in credentials Brute-force password cracking Cracking login credentials Password brute-forcing Password cracking Reverse brute force attack Username cracking Username enumeration

A credential cracker is a bot identifying valid login credentials by trying different values for usernames and passwords. Such actions are used both for the direct theft of goods and within the framework of various account manipulation schemes. Most of such attacks are carried out with bots, so they can be neutralized by blocking malicious bot traffic.

  • Account data and delivery address shared across multiple accounts.
  • Simultaneous data changing across multiple accounts.
  • Multiple accounts changing country IP ranges.
  • Quick changes in the user device models ratio.
  • Direct financial losses.
  • Loss of control over private data.
  • Customer frustration.
  • Loss of customer loyalty.
  • Reputational losses.

Examples:

Spambot

Current Risk Level: high 

Business Threat Level: medium 

Keywords: Fake feedback Fake reviews Ranking manipulation Click-bait Comment spam Content spam Content spoofing Fake news Form spam Forum spam Guestbook spam Referrer spam Review spam SEO spam Spambot

A spambot is a piece of software aimed to spread malicious or questionable information that appears in public or private content, databases, or user messages. This threat exists on all ecommerce sites that support any kind of user feedback, including various ratings and reviews. Typically the scheme is based on automated bulk account creation. The aim of the attack is to manipulate customer behavior and / or statistics used by a store or marketplace. As a rule, such an attack is carried out using automated tools, so the utilization of modern means of detecting bot traffic by the e-commerce website neutralizes the threat.

  • Growth in the number of ratings and reviews in comparison with the purchases dynamics
  • Non-consistent timing of ratings and reviews.
  • Repetitive wording and other linguistic symptoms.
  • Increased automated account creation.
  • Fake feedback on goods and services leads to unpredictable manipulation of user behavior
  • Distortion of analytics leading to marketing mistakes
  • Difficulties in user navigation

Examples:

Ad Fraud

Current Risk Level: high 

Business Threat Level: high 

Keywords: Advert fraud Adware traffic Click bot Click fraud Hit fraud Impression fraud Pay per click advertising abuse Phoney ad traffic

In the context of bad bots, ad fraud is automated clicks and fraudulent bot requests for the display of web-placed advertisements. This is used by owners of websites and apps displaying ads, unscrupulous suppliers of advertising solutions, and competitors. For an eCommerce company that ordered an advertisement, one of the most reliable controls is distinguishing between human and automated traffic on their own target website. In this case, the data provided by the ad traffic provider must match the human traffic stats collected on the site.

  • Non-consistent visitor behaviour patterns, in particular, unusually low number of page views.
  • Higher bounce rate, lower conversion.
  • Peaks in impressions and clicks.
  • Loss of advertising and marketing budgets.
  • Distortion of statistics and analytical data leading to planning errors.

Examples:

  • Golf Equipment Retailer Sues Competitor for Ad-Click Fraud Bloomberg
  • Streaming TV Fraudsters Steal Millions of Ad Dollars in ‘ICEBUCKET’ Attack Threatpost
  • New Ad Fraud Scheme Highlights a Growing Problem for Streaming TV The Wall Street Journal
  • CTV Fraud Made Headlines Again, But It Shouldn’t Have Forbes

Scraper

Current Risk Level: high 

Business Threat Level: medium 

Keywords: Web harvesting API provisioning Bargain hunting Comparative shopping Content scraping Data aggregation Database scraping Farming Harvesting Meta search scraper Mining Mirroring Pagejacking Powering APIs Ripping Scraper bot Screen scraping

A scraper is a bot that collects web application content and other data for use elsewhere. This is an extremely hard-to-detect activity commonly used by competitors to monitor prices (especially in a dynamic pricing environment), product availability, rating and inventory. This is usually done by bots, so one can prevent such activity in principle by blocking the malicious automated traffic.

  • Signs of an atypical visitor behavior.
  • Significant increase in the depth of site browsing.
  • Increase in the average number of viewed products.
  • Fast adaptation of prices on competitive sites to changes in prices on the target website.
  • Notable parasitic server and traffic load.
  • Competitive Monitoring.
  • Hacking dynamic pricing systems typically leading to direct financial losses.
  • Distortion of statistics and analytic data.
  • Often used in preparing focused attacks.

Examples:

  • QVC Can't Stop Web Scraping Forbes
  • Legal aspects of online price monitoring / web scraping Indie Hackers