Tuesday, 19 May 2020 18:39

Here are the four verticals most targeted by bad bots

Pavan Thatha, Radware Pavan Thatha, Radware

GUEST OPINION by Pavan Thatha, Radware: The data sought by cybercriminals vary from one vertical to another, whether banking credentials, medical records, pricing information or confidential research, to name just a few.

In some cases, cybercriminals write and deploy very sophisticated bots to overcome security measures and take over user accounts, disrupt service availability and exploit vulnerabilities in applications and APIs. In other cases, businesses directly target their competitors, commonly deploying bad bots to scrape the content and aggregate data such as product names and pricing.


The e-commerce industry grew 15% in 2019. The vertical industry reports an increase in bad bot attacks on its web applications, mobile apps and APIs.

Bad bot attacks are common across all applications, from payment fraud on checkout pages to content scraping (prices or product info) on product pages, coupon scraping, inventory holdups and cart abandonment, as well as various forms of account takeover, including brute force and credential stuffing on the homepage or user login page.

Since every disruption affects revenue, most e-commerce companies invest heavily in protecting their applications. So we see an extremely high amount (58%) of distributed, mutating bots within the total bad bot activity for this vertical. Hackers use sophisticated bots to evade bot management technologies that rely on data and behavioural profiling that are not big enough to produce correlations between different violations.

Data about bad bot attacks on e-commerce sites reveal a mix of sophistication levels. Some attacks such as scraping can be performed by simple scripts or headless browser bots. Denial of inventory and account takeover attacks require advanced capabilities to impersonate a real human user.

Media & publishing

Media and publishing outlets use many good bots for advertising and affiliate programs. Their main challenges are to filter out dirty bot traffic as well as to correct marketing analytic tools.

In this vertical, it is common for competitors and ad platforms to scrape data and content or attempt to skew the analytics of the media campaigns causing further harm by leading the targeted publisher to make thwarted decisions that are based on false data.

Online marketplaces & classifieds

Marketplaces and classifieds rely on the credibility and trust of consumers to grow their businesses. As they attract more traffic, these companies benefit from performing as hubs for advertisements.

Their objective is to keep ads secure from scraping — especially from competitors — which may also run scripts to collect users’ sign-up information. This effort is why we see more bad bot traffic against the homepage.

Travel & hospitality

Travel and hospitality organisations such as airlines, transportation and hotel chains rely heavily on online purchases. Cybercriminals target their sites with attacks that mainly use human-like and distributed mutating bots to bypass security tools.

Nearly two-thirds of ad bots accessing their web properties are considered sophisticated bots.

The most common bot attack type identified is denial of inventory. Twenty-nine percent of the traffic to booking sections is generated by bad bots. These bots can hold inventory for as long as the bot herder chooses making it unavailable to real users, thus causing an immediate financial impact on the victim.

Empty hotel rooms are locked up and airline seats go unsold. The bots run in a loop and hold the rooms or tickets after timeouts are generated and the inventory is supposed to go back to the pool. The loss is even greater as the airline must pay a small amount to a Global Distribution System (GDS) per every request. Another common issue is bot activity that takes advantage of loyalty programs rewards.

pic 1 1

pic 2 1

pic 3 1

pic 4 1

pic 5

pic 6

pic 7

Read 845 times

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.




Recent Comments