Bad Bots Are Taking Over the World

2018 was the year that Bots went mainstream.  According to a new report by Distil Networks, Bot activity accounts for 42% of all internet activity.    And what’s worse, is that close to half of that activity is by malicious “bad” bots.

Bad Bots are taking over the world.  1 in every 5 hits to your website could be coming from evil robots.

8 Things Bad Bots Do

Every business online is regularly bombarded by bad bots on their website.  And those bots never sleep.  What do these bad bots do on your sites?  They steal information, try to penetrate your security and commit fraud against you.

Here are the 8 most popular and damaging bad bots last year:

  1. Account Takeover – They test stolen credentials on your login pages.
  2. Account Creation – They create fraudulent accounts to create spam messages or exploit promotions.
  3. Credit Card Fraud – They test fraudulent cards to identify holes and steal merchandise/
  4. Denial of Service – They slow your website down by repeatedly hitting your site, thousands of times a second.
  5. Denial of Inventory – They hold items in shopping carts so that your inventory is depleted and you can’t sell to other customers.
  6. Gift Card Balance Checking – They steal money from gift cards.
  7. Price Scraping  – Bad Bots programmed by your competitors with scrape your prices.
  8. Content Scraping – They scrape your content off  your site

Bad Bots Are Smarter, And Look More Human Now

There is a new type of bot in town and they look more human than ever.  They’re called Advanced Persistent Bots (APB) and they look more human because of how they act.

  • Cycle IP’s – They cycle through random IP addresses so that you can’t detect them.
  • Anonymous Proxies –  They enter through anonymous proxies
  • Change Identities – They change their identities with each transaction
  • Mimic Human Behavior – They move slower, make more random transactions.

These Advanced Persistent Bots have learned how to bypass your fraud controls!

Bad Bots Love To Target Gambling, E-commerce, and Financial Services Industries

The bad bots target industries where the money is, Gambling, e-commerce and financial services top the list.

Gambling Bots – Aggregators scrape competitors sites to find betting lines. They do it so much that it causes a denial of service and pushes consumers to their own site.

Airline Bots –  Airline bots are scraping for the best deals and looking to undercut competitors.  I guess you could say these bots are searching for the best deals for you.

E-commerce – Bad bots run rampant on e-commerce sites testing fraudulent cards, attempting account takeover, price scraping – you name it and the bots are on it.

Account Takeover Attacks By Bad Bots Increase After Breaches

Bad bots are increasingly being used to test out new breached credentials.  Distil Networks analyzed bad bot activity across sites before and after major breaches and made a startling discovery – bot activity significantly increased after the breach.

The typical website sees account takeover attacks happen on average 2-3 times per month. But immediately following a breach, the increase in the number of account takeover attacks is 3 times the norm.

How To Keep Bad Bots From Hitting You With Theft and Fraud

Distil Networks recommends 9 things you can do to stop these bad bots in their tracks

  • Block Outdated Browsers and Agents  – If you see someone accessing your site from a browser from 1999, it’s probably a bot and not a real person. Go ahead and block it.
  • Block Proxy or Hosting Services –  If you see someone accessing from Digital Ocean, OVH Hosting, Amazon.com, Choopa LLC or Gigenet, it’s probably a bad bot.
  • Protect Bad Bot Access Points – Be sure to protect exposed APIs and mobile apps—not just your website—and share blocking information between systems wherever possible.
  • Evaluate Traffic Sources – Evaluate traffic sources with high bounce rates, it’s probably a bad bot.
  • Investigate Traffic Spikes – If you see a big spike in traffic, it is likely a bot hitting your site.
  • Monitor Failed Logins – Brute force failed logins are a key red flag that bots are hitting your system trying to find a door in.
  • Monitor Increased Failed Validation of Gift Cards -An increase in failures, or even traffic, to gift card validation pages can be a signal that bots such as GiftGhostBot are attempting to steal gift card balances.
  • Watch Public Data Breaches – They often precede large-scale bot attacks as those new credentials are being tested.
  • Evaluate a Bot Mitigation System – Such as those offered by Distil Networks.

Thanks for reading the blog.  Watch out for those Bad Bots. They are taking over the world.

Frank McKenna is the Chief Fraud Strategist for PointPredictive and a Fraud Consultant based in San Diego California