It’s well known that bots ─ more specifically, the botmasters who deploy them — are always looking for ways to make a quick buck through web-based attacks on websites, mobile applications and the APIs that facilitate their operation. Botmasters execute their attacks by taking advantage of various limitations in conventional website security systems and/or the lack of specialized anti-bot systems. Fraudsters, competitors and other nefarious parties use bots to infiltrate a digital storefront or another type of portal to carry out attacks. They’re looking to steal confidential personal and business data, take over accounts, deplete stored funds and scrape valuable proprietary content that can be used in a range of ways; most result in financial and reputational damage to a business.
ATO Attacks Threatened Retailer’s Revenue and Long-Standing Reputation
A Radware Cloud Workload Protection client that is one of the largest drugstore and grocery chains in Africa turned to Radware’s cybersecurity experts to help mitigate and prevent bot attacks that were executing account takeover (ATO) attacks on their customers’ accounts. The fraudsters that attacked the retailer that served over 20 million customers from 500 stores relied on credential stuffing (using lists of previously breached usernames and passwords) and cracking (attempting to guess log-in credentials) to take over user accounts. Once they had access to these accounts, they depleted wallet balances, gift vouchers and loyalty coupons. These ATO attacks also exposed the personally identifiable information (PII) of the retailer’s customers, which potentially exposed them to an array of fraudulent activities.
Approximately 20% of the retailer’s online traffic was comprised of bad bots engaged in various, harmful attacks, including the scraping of product reviews and pricing and the creation of fake accounts from which to launch other types of malicious attacks. So, there was definitely an immediate and critical business need for a specialized bot management and mitigation solution. The good bots, such as those deployed by search engines and price-comparison sites, are usually welcome and allowed to index web content to inform and attract genuine shoppers. However, the bad bots are nothing but bad news to online businesses. They carry out an alarming array of harmful activities.
Radware Trumps Any In-House Bot Management Solution
After years of meeting with businesses that have fallen victim to bot attacks and need the best solution available, Radware’s cybersecurity professionals have never seen an in-house solution that reliably and effectively detects and differentiates between different types of bots that constantly infiltrate web properties. Once Radware Bot Manager was deployed and integrated with the retailer’s content distribution network (CDN), virtually all of the bad bot traffic was mitigated. Just like that, Radware Bot Manager protected the retailer against damage to its operations, reputation and revenue.
Need to Stop Malicious Bots? You’re Just a Click Away
Radware has helped e-commerce firms around the world prevent malicious bot attacks and secure their websites and mobile applications against constant bad bot threats. Radware Bot Manager works across all channels (websites, mobile applications and APIs) by combining behavioral modeling for granular intent analysis, collective bot intelligence and fingerprinting of browsers, devices and machines. For help keeping your digital storefront safe from malicious bots ready to jeopardize revenue and tarnish your organization’s brand reputation, reach out to Radware’s cyber security experts.
Please note: You can read a more detailed case study about how we helped this African retailer. It details attack techniques and includes insightful graphs that detail the scale of the various bot attacks that Radware Bot Manager successfully mitigated for this large, successful retailer. As always, we welcome your comments and queries at firstname.lastname@example.org.
If you’ll be attending the RSA Conference in San Francisco on April 24-27, make sure and stop by the Radware booth (#2139). Meet with our team of experts and take your cybersecurity to the next level. Better yet, you can set up an appointment with them here.