An overview

The value of global e-commerce retail sales is expected to reach over $4.9 trillion by 2021, with 24 million e-commerce sites in the world and 2-3 million e-commerce companies (excluding China). Recently, research from Imperva reflected the impact of ‘bad bots’ targeting the booming e-commerce industry.

According to the report, bad bot traffic makes up 17.7% of the e-commerce website traffic.

What more the report says

The researchers analyzed 16.4 billion requests from 231 domains during July 2019.

  • It was found that the e-commerce traffic comprised more of bad bots (17.7 percent) than good bots (13.1 percent)
  • Bots are affecting customer experience and brand reputation to the core
  • Targeted attacks may lead to poor website performance and even downtime, ultimately resulting in lost revenue

“E-commerce companies are in a continuous and varied war against bad bots. There are consistent business problems created that are caused by the continual barrage of bots,” the report read.

Various goals and attack methods

There are many perpetrators of bad bots within the e-commerce sector itself. These may include:

  • Competitors seeking to scrape pricing and market intelligence data to be more competitive
  • Resellers looking to steal product information
  • Investment companies gathering “alternative data” for investment purposes
  • Criminals attempting to commit fraud and abuse credit card data through account takeover

The bad bots behavior

As noted by Imperva, the attackers use highly-popular browsers to hide their identities. Here’s the browser data distribution:

  • Chrome - 66 percent of perpetrators use this
  • Firefox - 13.6 percent of perpetrators use this
  • Safari - 6.8 percent of perpetrators use this

Comments and observations by experts

Tiffany Olson Kleemann, VP of bot management at Imperva, said this study shows that bad bots cause round-the-clock damage on e-commerce websites, APIs, and mobile apps.

“We agree with the approach taken in proposed legislation to ban the use of ‘Grinch bots’ and ‘sneaker bots,’ which are used to scalp limited edition, high-demand inventory, yet we know from first-hand experience that legal action alone is not enough. Online retailers must also practice good web security hygiene and take advantage of the technology solutions at their disposal to protect their websites and customers. Gaining a granular understanding of bot threats is a critical first step in the right direction.”

Cyware Publisher