Last Updated: 24th July, 2022

Sector-Based Security: An interesting one is the topic of how information security affects diverse industries of the sector. For instance, how would the finance industry stand out from the health sector or entertainment business in terms of information security? Is there certain industries demanding higher cyber risks and threats than the others? Do some people do better stuff to keep information safe, and if it is, why and how? A recent research has shone a light on the impact of ‘bad bots targeting’ the booming e-commerce industry.

The e-commerce industry has pretty much exploded in recent years, transforming the buying and selling market into a fast-paced, global and almost boundaries cog in the modern economic landscape. It has been estimated that the value of global e-commerce sales will reach over $43tn this year, with some 12 to 24 million e-commerce sites believed to exist in the world.

However, as has always been all-too-evident, cyber-criminals and online fraudsters are exploiters of the popular and the profitable and recent research from Imperva has shone a light on the impact of ‘bad bots targeting’ the booming e-commerce industry.

Imperva’s survey found that the amount of sophistication of bots attacking e-commerce sites is rising, with almost four-fifths (79.2%) categorized as progressive or sophisticated, up from 75.8% in 2018.

The firm analyzed 16.4 billion requests from 231 domains during the month of July 2019, finding that e-commerce traffic consists of more bad bots (17.7%) than good bots (13.1%), and that they are also getting harder to detect.

“E-commerce companies are in a continuous and varied war against bad bots. There are consistent business problems created that are caused by the continual barrage of bots,” Imperva’s report read.

These nefarious activities not only damage the customer experience and brand, Imperva warned, but they can also lead to poor website performance and even downtime, this eventually leads to loss of revenues.

There are various perpetrators of bad bots within the e-commerce sector, each with their own goals and attack methods, the research continued. These include competitors seeking to scrape pricing and market intelligence data to be more competitive, resellers looking to steal product information, criminals attempting to commit fraud and abuse credit card data through an account takeover, and investment companies gathering “alternative data” for investment purposes.

What’s more, ‘bad bots targeting’ is more prevalent on highly popular browsers to mask their identities, Imperva noted. These include Chrome (66% of bad bots), Firefox (13.6%) and Safari 96.8%). In terms of countries of origin, the research discovered that e-commerce bot traffic was mainly coming from the US (63.6%), Germany (10.1%) and France (6.2%).

“This research demonstrates that bad bots on e-commerce websites, APIs and mobile apps cause destruction round the clock,” said Tiffany Olson Kleemann, VP of bot management at Imperva and former CEO of Distil.

“We comply with the strategy adopted in the suggested regulation (Sector-Based Security) to prohibit the use of ‘Sneaker bots‘ and ‘Grinch bots‘ used to scalp restricted edition, high-demand inventory, but still we understand about first-hand experience that legal intervention alone is not adequate. Online merchants also need to exercise strong web security hygiene as well as reap the benefits of the available technology solutions to safeguard their websites and clients. Gaining a granular understanding of bot threats is a critical first step in the right direction,” Tiffany Olson Kleemann explained.