Bots Target Retailers for Black Friday Bargains | F5 Labs
- by nlqip
Introduction
Black Friday is a popular shopping event throughout the United States of America and around the world. During Thanksgiving weekend and Cyber Monday (the Monday after Thanksgiving), thousands of companies offer steep product discounts that are not available at any other time, and consumers rush to buy these items while they are available. This can lead motivated buyers to resort to unethical techniques to purchase products, sometimes at the expense of other potential consumers, or carry out different forms of automated attacks.
Bot Automation Against Retailers
There is an expectation among security professionals that retail companies experience increased levels of bot attacks over the holiday shopping period, especially around Black Friday. We decided to look at 2022 data from online retailers around this period to test this expectation.
Using data from retail enterprises protected by F5 Bot Defense, we analyzed automated attacks against the online retail industry during the 2022 Black Friday period. This analysis covered automation patterns and trends over this period, using data spanning 8 weeks from July 28, 2022, to November 30, 2022. By leveraging this data, the fluctuations in automated attacks observed during the Black Friday period were compared against a baseline (before and after the black Friday and Cyber Monday sale periods).
Additionally, we explored attacker behaviors, including their testing and preparatory activities. This analysis provides a holistic understanding of attack trends against online retailers during this important shopping period.
We examined:
- The overall automated traffic targeting online retail companies in the weeks leading up to Black Friday.
- The daily percentage changes in automation on web and mobile platforms.
- The automation trends across different retail industry subcategories over this period.
- The distinct types of automated attacks that targeted each of these industry subcategories.
Online retailers are constantly exposed to unwanted automation. Automated bots are used against them in many ways, including credential stuffing/account takeover, gift card fraud, carding, scraping and checkout/reseller bots, to name just a few. Let’s start things off by defining the different kinds of automated bot attacks that retailers face, as well as some specific terms we use in our analysis.
Black Friday
When we refer to “Black Friday” in this article, we are referring to the day, November 25, 2022, while “Black Friday period” refers to the week leading up to and including the Black Friday weekend and Cyber Monday i.e. November 10th-30th, 2022.
Flows
When we refer to “Flows” in this article, we are referring to a category of endpoints on a website or mobile application. A group of endpoints related to authentication would be categorized as the Login flow.
Credential Stuffing
Credential stuffing is the use of stolen login credentials to gain unauthorized access to user accounts. This is sometimes the precursor to making fraudulent purchases.
Account Takeover
Account takeover is a form of attack where an unauthorized actor gains access to a user’s online account without the account owner’s permission. This can be achieved through several means including but not limited to credential stuffing, phishing, brute force, and malware.
Gift Card Fraud
Gift card fraud involves the use of bots to guess or brute force gift card numbers and PINs. This allows fraudsters to take over gift cards and spend them before the real owners of the gift cards have a chance to redeem them.
Scraping
Scraping involves the use of bots to collect information from an online retailer’s web or mobile application. This includes information about products for sale, their prices, variations, available inventory, discounts, deals, product specs and user reviews.
Reseller Bots
Reseller bots are designed to buy high-demand commodities faster than any human can, so that the reseller can sell them on the secondary market at a profit. Reseller bots were explored in detail by Tafara Muwandi in a recent article series.
Changes in Automation and Legitimate Traffic During the 2022 Black Friday
Our first analysis looked at the changes in both automated and legitimate traffic during the run up to the 2022 Black Friday period.
Legitimate Traffic Increased
Retail companies saw an increase in legitimate traffic leading up to Black Friday in 2022. This was to be expected as companies attracted customers with significant discounts. The steep rise in the green (legitimate) traffic in Figure 1 during the highlighted period indicates this increase as legitimate customers flocked to online retailers.
Source link
lol
Introduction Black Friday is a popular shopping event throughout the United States of America and around the world. During Thanksgiving weekend and Cyber Monday (the Monday after Thanksgiving), thousands of companies offer steep product discounts that are not available at any other time, and consumers rush to buy these items while they are available. This…
Recent Posts
- Hackers Strike at Heart of Italian Government
- The Rise of Ransomware-as-a-Service and Decline of Custom Tool Development | BlackFog
- Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks
- Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System