'Grinch bots' are here to ruin your holiday shopping

  
Via:  perrie-halpern  •  one week ago  •  3 comments

By:   Ben Popken

'Grinch bots' are here to ruin your holiday shopping
Didn't catch that hot item online? That may be because you're competing with bots programmed to sweep up the best deals.

S E E D E D   C O N T E N T


Consumers may think they’re avoiding the   crush this holiday season by shopping online , unaware that as they’re trying to get through the digital doors, so too are hordes of bots. And they’re throwing elbows.

Up to 97 percent of all online traffic to retailer login pages this holiday shopping week comes from bots, largely operated by organized gangs of cybercriminals, according to estimates by cybersecurity firm Radware.


The bots fill out online forms and navigate retail sites faster than a real person can, and try to swiftly purchase limited supply gifts before you’ve even filled up your cart. The items are then sold for a higher price on third-party sites. The cyber thieves also crack into accounts, drain accounts of rewards and other digital currency, conduct credit card fraud, and more, said Ron Winward, a Radware spokesman.

“Website operators are seeing uptick in bot activity leading up to Cyber Monday from people trying out their bots,” said Winward. “People are really competing with automated infrastructure and bots to get hot holiday items.”

191130-cyber-monday-al-0933_dde244294286 Man using laptop with Cyber Monday promotion sale on screen. simpson33 / iStockphoto/Getty Images

On a normal shopping day, humans outnumber bots on login pages by two to one. On the days leading up to   Black Friday and Cyber Monday , bots outnumber humans by 20 to 1.

The latest generation programs are evolving new tricks to defeat “pooky,” the systems and software used to detect and deny bot activity.

The newest shopping bots can appear human, using artificial intelligence to defeat image-based CAPTCHAs meant to stop older bots, and try to mimic human user activity by adding in random mouse movements and other “humanlike” browsing behaviors. They also spread out their activity to use a variety of devices and IP addresses to make it harder to detect, according to Radware’s research.

While most of the responsibility is on retailers to use the best cybersecurity and server management practices to protect their customers, experts recommend several steps shoppers can take to protect themselves from “Grinch bots” and other automated fraudsters this holiday shopping season.

“The most significant bot-linked threat related to the retail sector is the risk of account takeover, also known as credential stuffing, with criminal groups using bots to brute force tools to log in to legitimate customers’ accounts, often assisted by records that they have found online from other cyber breaches,” said Christian Beckner, Senior Director of Retail Technology and Cybersecurity at the National Retail Federation, an industry group.

“If individuals are reusing passwords across multiple sites, they are most susceptible to an account takeover attack and illicit transactions within their account,” Beckner told NBC News.

Protect yourself


Installing a password manager software tool can make this easier. Implementing two-factor authentication can also make your accounts harder to break into.

  • If you miss a must-have item while shopping the holiday sales online, avoid the temptation to buy it on a third-party site. You may be funding a scalper, or the site itself could be a scam.

  • On retailer websites, look for a green lock in the URL address bar or “https” instead of “http." Those features indicate the website traffic is encrypted, better protecting your banking and personal information.

  • Complete checkout with Paypal or another payment service instead of a credit card. If there’s a breach, then your credit card information is protected.

  • Scrutinize your billing and accounts and contest any unexpected charges. Sometimes fraudsters will try out a series of low-level charges to see if cards work before running up unauthorized charges.

“It extends well beyond kids trying to get sneakers," said Winward.

"The proceeds go to fund organized criminal activity," said Stephanie Martz, general counsel for the National Retail Federation.

Shopping bots can exist in a legal gray area. Only ticket scalping bots are illegal, under the federal BOTS act of 2016. But other automated purchase bots can violate a site's terms of service.

But without bots, some buyers say they'd never have a shot at some hard-to-get items.

"A lot of it is bot vs bot," said Eric R., a 20-year-old computer science student, who requested his last name be withheld for privacy reasons. He uses bots to quickly buy scarce sneakers and resell them for a profit. He plans to use the money to help pay for school.

"If you're 50 milliseconds faster, then you can get all of the stuff," he said.

This year he's gearing up his bots to try to purchase limited edition all-black Yeezy sneakers sold by Adidas in collaboration with rapper-designer Kanye West. They retail for $220, but he hopes to sell them for as much as $400 on a third-party site.

Despite the technological advantages, he says even human shoppers can still beat bots.

"Be persistent. A lot of times stores will crash if a lot of bots attack. You just have to get lucky."

Tags

jrDiscussion - desc
smarty_function_ntUser_is_admin: user_id parameter required
Find text within the comments Find 
 
Enoch
1  Enoch    one week ago

"Not everything that is good is new.

Not everything that is new is good" (Rabbi Dr. Gershon Weiner).

Digitalization of anything doesn't necessarily make it better.

It may also be the case that it becomes better for some, and tragic for others.

I buy nothing on-line.

I want a flesh and blood sales person earning a paycheck who lives where I do to yell at if something goes wrong.

P&AB.

Enoch.

 
 
 
MUVA
2  MUVA    one week ago

I always think it’s funny  people think they are saving money while sending it.

 
 
 
Paula Bartholomew
3  Paula Bartholomew    one week ago

The only on line shopping I do is for a special dry food my cats need and sometimes grocery delivery.  I doubt I need to worry about the bots.

 
 
Loading...
Loading...

Who is online

Texan1211
Dismayed Patriot
MUVA
Sunshine
JohnRussell
Nerm_L
jungkonservativ111
Old Hermit
Krishna


29 visitors