In November, cybersecurity experts recorded a sharp increase in the activity of Internet bots. First of all, marketplaces, where sales were going on all month, were subjected to their attacks. Such activity of bots can prevent users from making purchases, and for unprotected store resources, it will distort the statistics of real attendance and affect the position of the resource in search results, experts say. – threats by Qrator Labs, dedicated to the actions of Internet bots in Russian networks in November.
Also, the share of filtered bots in daily traffic increased thirty times — from 0.13% to 3.12%. The previous surge was in July, but only for a few days.
According to Qrator Labs, online retail in general, fintech and online stores specializing in pharmaceuticals were hit in November. For example, on the resources of financial ecosystems during peak days, activity increased by 150-200% of the daily rate, reaching 30-35 thousand events per hour, follows from the report. As the company explained, the attackers often used the accounts of real users to log in, whose data was in the databases that fell into the public domain. -metrics (conversion, reach, ARPU, etc.) give a false trail in evaluating the effectiveness of marketing campaigns on websites and mobile applications, explains Georgy Tarasov, owner of the Bot Protection product at Qrator Labs.
In Wildberries reported that they did not note the activity of bots on their resources. Yandex.Market has built processes for automatically detecting traffic of Internet bots in real time, the data is not taken into account when evaluating indicators, the press service of the organization assured. Ozon, VK and banks developing fintech platforms did not respond to Kommersant‘s requests.
Kaspersky Lab says they have observed a multiple increase in the number of bots on retail they are aimed at performing any actions in automatic mode. Such activity may be associated with a large number of discounts and various promotions. On November 11, Kommersant talked about attempts to disable Russian marketplaces amid a massive sale on the Singles Day.
misleading, says Dmitry Nikonov, head of DDoS-Guard protection: “For example, by distributing phishing links under the guise of a “working” version of the site, which is currently unavailable due to attacks.” Such attacks create inconvenience for sites, adds Andrei Naidenov, head of the security analysis unit at Infosecurity a Softline Company, but bots cannot steal an account or withdraw funds from a linked card account.
Bots can be used to collect and process data on products, prices and content of competitors, notes Dmitry Nikonov:
A similar problem arose for site owners in connection with DDoS attacks: when a company’s website is unavailable, it is lowered in the issuance of any search engine (see Fig. “Kommersant” dated July 21).
Now the influx of bots has rather affected the statistics of resources following mass sales, Georgy Tarasov believes: “If an online resource does not use solutions to protect against bot attacks on logins , product catalog and promo campaigns, its metrics will be heavily polluted by bots and will be with a significant false excess.