BÖSARTIGE BOTS
Price scraping Price scraping means ‘scraping’ (copying) price information from an e-tailer’s webstore. It is most common in sectors where product lines are easy to compare, and purchase decisions are usually price-sensitive. Armed with real time pricing data provided by the bots, a price-scraping perpetrator gains an advantage by dynamically adjusting its own product prices in order to match or undercut its competitors. Content scraping Content scraping is the use of bots to duplicate proprietary aggregated online copyrighted or trademarked content, such as directories or reference guides, and then reuse it for illegitimate purposes. It can be characterised as intellectual property theft or plagiarism. The practice can be damaging to websites that invest resources in the aggregation and monetisation of big databases – online local business listings or online product catalogues, for example. If the scraped content is made freely available in the public domain, the original data owner’s business model is undermined; and if the scraped content is used to spam or for email fraud, their market reputation is damaged. Denial of Service attacks According to Neustar’s Global DDoS Attacks Insights Report (2017), a DDoS attack at peak times can cost a targeted enterprise at least $100,000 per-hour in lost revenue. The cost of undermined customer and advertiser relationships is harder to quantify, but likely causes just as much damage. Botinfected devices exhaust resources with DDoS attacks. Ransom DDoS attacks – where companies being extorted for protection money – are also on the rise, Neustar says. Forrester’s Stop Bad Bots From Killing Customer Experience report notes that bot-infected devices can strain IT security resources with DDoS attacks, and weaken their ability to guard against other forms of cyber assault. The proliferation of IoT devices and ‘bot-for-hire’ services (bad and good) has made DDoS an attractive attack method for cyberattackers. They launch DDoS attacks by infecting connected devices with bots. They then direct them to disrupt routine customer traffic and applications. The Mirai botnet targeted domain name service provider Dyn, in a DDoS attack that made the websites of many Dyn customers inaccessible. Dyn lost up to 8% of its customerbase as a result, some reports suggested. Denial of inventory Denial of inventory, known also as ‘inventory hoarding’, causes product items to be automatically held in online shopping trolleys without intention to purchase. With legitimate buyers prevented from purchasing the apparently ‘out of stock’ items, the targeted retailer loses revenues from sales to actual customers — with bots often picking the retailer’s most popular products. As well as ongoing loss of sales, if these attacks happen often enough the seeming perpetual absence of inventory can undermine the website’s credibility and kill repeat custom. Card testing fraud In this form of bad bot attack, cyber criminals first test stolen credit card details by making small online purchases on smaller, more vulnerable ecommerce sites. They must check the validity of the credit card details, and this tactic allows fraudsters to go mostly unnoticed by fraud detection solutions. Once they confirm the credit card is valid, they proceed with making higher-value purchases with larger online retailers. The given fraudster is now a recognised customer, so there’s a chance the order will not be flagged to the legitimate card holder as being suspicious. Typically, criminals use bots to test the card information, then target merchant sites that provide automated responses that provide decline details. With this information, payment protection specialifist Verifi explains, fraudsters can adjust the credit card details to increases their chances of success. For instance, when a merchant website indicates that a card’s expiration date is incorrect, a fraudster can use the Dark Web and other tactics to determine the correct expiration date. These bot-driven transactions cause losses to retailers through chargebacks, logistics costs – and lost shipped goods. Credential stuffing Credential stuffing uses bots to make repeated account access attempts by rapidly ‘stuffing’ stolen credentials – username and password combinations – into the login fields. When the logins succeed, attackers take over the accounts, and use them for nefarious purposes. Because so many account owners use the same credentials for their accounts, the success rate and pay-off for attackers can be high, while the bots do all the grunt work. Many organisations do not realise, says Martin McKeay, Senior Security Advocate at Akamai, that credential abuse and account
-ILAM
SUOICILAM
