Malicious bots targeting ecommerce sites during COVID-19 outbreakhttps://etailingsummit.co.uk/wp-content/uploads/2020/04/corona.jpg 960 640 Stuart O'Brien Stuart O'Brien https://secure.gravatar.com/avatar/81af0597d5c9bfe2231f1397b411745a?s=96&d=mm&r=g
A third of e-commerce traffic was from bad bots in February, with a surge in bot traffic on sites selling masks and sanitiser.
That’s according to findings from bot research conducted by Radware, which showed 27.7% of traffic on media sites in February was made up of bad bots and involved automated activity, including scraping.
Bots are also being used to drive the infodemic, continuing to be an efficient tool for powers like cybercriminals, nation-state actors, and conspiracy theorists. In February 58.1% of bots on the internet in February could mimic human behaviour. They disguise their identity and create fake accounts on social media sites to post their masters’ propaganda as a genuine user. With such advanced bots, spreading disinformation becomes easy for countries such as Russia.
The WHO has already warned nations to manage fake news because the impact of information — true or false — especially in times of fear, uncertainty and confusion is greater. And the EU’s European External Action Service has wanted about Russia’s aggressive exploitation of the novel virus to push disinformation and weaken western society using bots. For example, Radware expects the US Presidential Elections will be increasingly targeted over the coming months.
31.3% of e-commerce traffic was from bad bots making it the second most targeted industry by bad bots in February. The sector witnessed an unexpected surge in bad bot traffic after the rise of coronavirus pandemic. In particular sites selling masks or sanitiser were hit hard. These automated attacks are aimed at performing denial of inventory attacks, hoarding these essential products to sell in black markets, or even scraping product details to list similar products on malware-ridden sites to scam people.
Phishing in relation to CV-19 is rising as a result of fear and in the UK alone, coronavirus scams costed victims over £800,000 (the equivalent of nearly USD 1M) in one month (February 2020 – source National Fraud Intelligence Bureau).
Radware has issued a more detailed report ‘The Big Bad Bot Problem’ on the 2019 bot landscape and 2020 threats. Key findings:
- In 2019, overall bot traffic grew by 10% year over year, of which the bad bot traffic grew by 26%.
- Sophisticated bots that can mimic human behaviour and deceive conventional security measures increased 18% and now account for 45% of the bad bot traffic.
- Automated attacks on mobile phones and APIs are rising. Bad bot traffic accounted for 15.4% of total traffic on mobile devices and 16.6% of total traffic.
- e-commerce is the industry that is most targeted by bad bots, followed by travel.
- The use of bad bots to disseminate misinformation is likely to increase in 2020 in response to events such as elections and the COVID-19 pandemic.
- The increase in automated attacks on APIs is expected to intensify as more APIs are deployed to facilitate communication between web applications.