E-Commerce Sector Most Affected By High-Risk Bot Traffic: Akamai Report
With its reliance on revenue-generating web applications, the e-commerce sector has been most affected by high-risk bot traffic.
Cybersecurity company Akamai Technologies Inc. has released its State of the Internet report that explores the security and business threats that organisations face with the proliferation of web scraping bots. The report found that bots compose 42% of overall web traffic, and 65% of these bots are malicious.
With its reliance on revenue-generating web applications, the e-commerce sector has been most affected by high-risk bot traffic. Although some bots are beneficial to business, web scraper bots are being used for competitive intelligence and espionage, inventory hoarding, imposter site creation and other schemes that have a negative impact on both the bottom line and the customer experience.
There are no existing laws that prohibit the use of scraper bots, and they are hard to detect due to the rise of artificial intelligence botnets.
Key findings from the report include:
AI botnets have the ability to discover and scrape unstructured data and content that is in a less consistent format or location. Additionally, they can use actual business intelligence to enhance the decision-making process through collecting, extracting and processing data.
Scraper bots can be leveraged to generate more sophisticated phishing campaigns by grabbing product images, descriptions and pricing information to create counterfeit storefronts or phishing sites aimed at stealing credentials or credit card information.
Bots can be used to facilitate new account opening abuse, which according to recent research, composes up to 50% of fraud losses.
Technical impacts that organisations face as a result of being scraped include website performance degradation, site metric pollution, compromised credential attacks from phishing sites and increased compute costs.
“Bots continue to present massive challenges resulting in multiple pain points for app and API owners. This includes scraping that can steal web data and produce brand impersonation sites,” said Patrick Sullivan, chief technology officer, security strategy at Akamai.
“The scraper landscape is also changing due to advancements like headless browser technology, requiring organisations to take an approach to managing this type of bot activity that is more sophisticated than other JavaScript-based mitigations,” Sullivan said.
