Centre d’assistance

Bienvenue dans le système d'assistance technique de BotGuard

Base de connaissances BotGuard

Top 6 Most Common eCommerce Bot Threats

Updated: May 2021

We have prepared this short guide for you, describing the most wide-spread and common types of bot activity that can threaten your online store. To help you identify a potential threat, we’ve included some typical symptoms that may indicate the risk of bot interference.

If you want to check your risk level, you can also use our Threat Identification Questionnaire.

Scalper  |  Denial of Inventory  |  Spambot  |  Ad Fraud  |  Credential Cracker  |  Scraper

Scalper

Current Risk Level: high 

Business Threat Level: high 

Keywords: Grinch bot Bulk purchase Purchase automaton Purchase bot Speed-booking Queue jumping Sale stampede Secondary ticketing Ticket resale Ticket scalping Ticket touting

Bots buying out goods and services using the application in a manner that a normal user would be unable to undertake manually. A scalper is a piece of software designed to search e-commerce websites for specific items and purchase them, often clearing out inventory. It is especially common during the holiday shopping season, which is why frustrated online shoppers have named it the "Grinch" bot.

  • Accelerating the purchase cycle beyond human capabilities
  • High peaks of traffic for certain limited availability goods or services
  • Decrease in the expected number of loyalty program subscriptions
  • Customer complaints
  • Increased circulation of limited goods reselling on the secondary market
  • Customer frustration
  • Loss of customer loyalty
  • Waste of marketing budgets
  • Inventory planning errors
  • Reputational losses

Examples:

  • Good Luck Finding a Playstation 5 - Reuters
  • The Real-Life ‘Grinch Bots’ Stealing Christmas in 2020 - Luckbox
  • Here's why you can't get good concert tickets - Iohud

Denial of Inventory

Current Risk Level: medium 

Business Threat Level: high 

Keywords: Inventory hoarding Phantom ordering

A denial of inventory attack is performed by a bot depleting goods or services stock without ever completing the purchase or committing to the transaction. Such an attack is almost always carried out using automatic means, so the main method of defence is to reliably distinguish between human and machine-generated traffic.

  • Increased stock held in baskets, carts, or reservations
  • Elevated cart abandonment
  • Reduced %% of payments
  • Inventory balances reduce quickly
  • Increasing complaints from users being unable to obtain goods/services
  • Normal buyers lose access to the goods and services hold
  • Revenue losses
  • Customer frustration
  • Disruption of inventory operations
  • A sharp increase in the load on the site

Examples:

  • Are TikTok activists actually shutting down Trump’s merch stores with abandoned shopping carts? - The Verge

Spambot

Current Risk Level: high 

Business Threat Level: medium 

Keywords: Fake feedback Fake reviews Ranking manipulation Click-bait Comment spam Content spam Content spoofing Fake news Form spam Forum spam Guestbook spam Referrer spam Review spam SEO spam Spambot

A spambot is a piece of software aimed to spread malicious or questionable information that appears in public or private content, databases, or user messages. This threat exists on all ecommerce sites that support any kind of user feedback, including various ratings, and reviews. Typically the scheme is based on automated bulk account creation. The aim of the attack is to manipulate customer behavior and / or statistics used by a store or marketplace. As a rule, such an attack is always carried out using automated tools, so the utilization of a modern means of detecting and blocking the bot traffic neutralizes the threat.

  • Growth in the number of ratings and reviews in comparison with the purchases dynamics
  • Inconsistent timing of ratings and reviews in comparison with the purchases dynamics
  • Repetitive wording and other conspicuous linguistic symptoms
  • Increased automated account creation
  • Fake feedback on goods and services leads to unpredictable manipulation of real user behavior
  • Distortion of analytics leading to marketing mistakes
  • Difficulties in real user site navigation

Examples:

Ad Fraud

Current Risk Level: high 

Business Threat Level: high 

Keywords: Advert fraud Adware traffic Click bot Click fraud Hit fraud Impression fraud Pay per click advertising abuse Phoney ad traffic

In the context of bad bots, ad fraud is automated clicks and fraudulent bot requests for the display of web-placed advertisements. This is used by owners of websites and apps displaying ads, unscrupulous suppliers of advertising solutions, and competitors. For an eCommerce company that ordered an advertisement, one of the most reliable supervisions is distinguishing between human and automated traffic on their own target website. In this case, the data provided by the ad traffic provider must match the human traffic stats collected on the site.

  • Inconsistent visitor behaviour patterns, in particular, unusually low number of page views
  • Higher bounce rate, lower conversion
  • Peaks in impressions and clicks
  • Loss of advertising and marketing budgets spent in vain
  • Distortion of statistics and analytical data leading to marketing and planning errors

Examples:

  • Golf Equipment Retailer Sues Competitor for Ad-Click Fraud - Bloomberg
  • Streaming TV Fraudsters Steal Millions of Ad Dollars in ‘ICEBUCKET’ Attack - Threatpost
  • New Ad Fraud Scheme Highlights a Growing Problem for Streaming TV - The Wall Street Journal
  • CTV Fraud Made Headlines Again, But It Shouldn’t Have - Forbes

Credential Cracker

Current Risk Level: medium 

Business Threat Level: medium 

Keywords: Brute-force attacks against sign-in Brute forcing log-in credentials Brute-force password cracking Cracking login credentials Password brute-forcing Password cracking Reverse brute force attack Username cracking Username enumeration

A credential cracker is a bot identifying valid login credentials by trying different values for usernames and passwords. Such actions are used both for the direct theft of goods and within the framework of various account manipulation schemes. Most of these attacks are carried out with bots, so they can be easily neutralized by blocking malicious bot traffic.

  • Identical account data and delivery address shared across multiple accounts
  • Data changing simultaneously across multiple accounts
  • Multiple accounts changing country IP ranges
  • Quick changes in the user device models ratio
  • Direct financial losses
  • Customer frustration
  • Loss of control over private data
  • Loss of customer loyalty
  • Reputational losses

Examples:

Scraper

Current Risk Level: high 

Business Threat Level: medium 

Keywords: Web harvesting API provisioning Bargain hunting Comparative shopping Content scraping Data aggregation Database scraping Farming Harvesting Meta search scraper Mining Mirroring Pagejacking Powering APIs Ripping Scraper bot Screen scraping

A scraper is a bot that collects web application content and other data for use elsewhere. This is an extremely hard-to-detect activity commonly used by competitors to monitor prices (especially in a dynamic pricing environment), product availability, ratings, and inventory. This is usually done by bots, so this type of activity can be prevented in principle by blocking the malicious automated traffic.

  • Signs of an atypical visitor behavior
  • Significant increase in the depth of site browsing
  • Increase in the average number of viewed products
  • Fast adaptation of prices on competitive sites to changes in prices on the target website
  • Notable parasitic server and traffic load
  • Competitive monitoring
  • Distortion of statistics and analytic data
  • Hacking dynamic pricing systems typically leading to direct financial losses
  • Often used in preparing focused attacks

Examples:

  • QVC Can't Stop Web Scraping - Forbes
  • Legal aspects of online price monitoring / web scraping - Indie Hackers