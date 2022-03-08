PerimeterX Annual E-Commerce Report Shows 106% Increase in Bot Attacks Plus Sharp Increases in Scraping and Carding, Fueling the Web Attack Lifecycle

PerimeterX
·4 min read
PerimeterX
PerimeterX

Automated Fraud — including Sneaker bots and Hype Sales Attacks, Credential Stuffing, and Account Takeover (ATO) Attacks — on the Rise

SAN MATEO, Calif., March 08, 2022 (GLOBE NEWSWIRE) -- PerimeterX, the leading provider of solutions that detect and stop the abuse of identity and account information on the web, today released its annual Automated Fraud Benchmark Report: E-commerce Edition. The report provides detailed analysis of e-commerce cyberattack activity over the past year, generated by unique insights and research on the web app traffic and threat patterns experienced by some of the largest and most respected brands in retail e-commerce.

The report provides a deep dive into the ways that cybercriminals use bots to scrape, validate and fraudulently use consumers’ identity and account information. Findings were taken from anonymous data collected during 2021, captured from live online interactions by millions of consumers and hundreds of millions of bots across hundreds of the world’s largest websites, mobile apps and application programming interfaces (APIs).

Analyzing billions of user interactions, key findings included:

  • Bot attacks increased 106% year over year (YoY)

  • Carding attacks increased 111% YoY

  • Scraping attacks rose 240% YoY

“Mobile apps and websites continue to be the primary way consumers discover, shop and interact with a brand, especially during popular hype sales events. Stored credit cards, gift card balances, loyalty points and personally identifiable information (PII) make e-commerce apps the ideal target of threat actors who are increasingly leveraging automated attacks,” said Kim DeCarlis, CMO, PerimeterX.

Individual attacks themselves are not the only threat. Online accounts now hold a piece of a user’s identity — which becomes more valuable than simply a stored credit card. If a cybercriminal can hide behind a legitimate user’s identity, the opportunities to commit fraud increase significantly, laying the foundation for the “web attack lifecycle” by digitally skimming PII to steal information, validating it with credential stuffing attacks, and fraudulently using it to commit ATO or create fake accounts.

The report also found:

  • Sales of limited-edition sneakers experienced up to 71% of traffic from scalping bots during hype sales events in 2021, an increase from the 2020 peak of 46%

  • Peak malicious login attempts increased from 84% in 2020 to 93% in 2021

  • The three retail e-commerce segments that saw the most bad bot traffic were Health and Wellness (36%); Hardware, Software and Electronics (33%); and Sports and Recreation (27%)

  • 74% of bot attacks came from desktop devices and the remainder from mobile devices

  • The most malicious bot traffic globally came from the US and Canada

“Attackers are increasingly diverse in their sophistication and attack methods. This includes technically adept youngsters, amateur botters, savvy professional cybercriminals and cybercrime communities, as well as a growing crime-as-a-service (CaaS) ecosystem that allows just about anyone to get in on the action,” explained Liel Strauch, PerimeterX Director of Cyber Security Research.

Automated Fraud Protection Best Practices
PerimeterX offers steps to help organizations reduce their risk and better defend against automated fraud, including:

  • Assess your risks by conducting an audit of malicious activity

  • Identify key web pages and make them harder to scrape

  • Review your security infrastructure by identifying the strengths and weaknesses of your existing tools

  • Analyze the impact of tools like CAPTCHAs and MFA on consumers

  • Utilize machine learning and behavioral analysis to detect and mitigate malicious bots

“E-commerce providers are often handicapped by limited visibility into only their own data. We’ve published this report as a service to the industry. E-commerce providers can use the report to compare themselves against their peers, discover attack trends and learn ways to more efficiently safeguard their site and customers against fraud. We also provide guidance for protecting their revenue and reputation without adding friction to the buying journey,” noted DeCarlis.

For a detailed breakdown of the types and frequency of attacks, and further recommendations, see the full Automated Fraud Benchmark Report and register for the webinar on April 13 at 10am PT.

About PerimeterX
PerimeterX is the leading provider of solutions that detect and stop the abuse of identity and account information on the web. Its cloud-native solutions detect risks to your web applications and proactively manage them, freeing you to focus on growth and innovation. The world’s largest and most reputable websites and mobile applications count on PerimeterX to safeguard their consumers’ digital experience while disrupting the lifecycle of web attacks. PerimeterX is headquartered in San Mateo, California, and at www.perimeterx.com.

CONTACT: Media contact: Tila Pacheco Eskenzi PR tila@eskenzipr.com 714/256-8452


Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting

Latest Stories

  • Team Sonnet dominates Team Scotiabank to win championship at PWHPA Dream Gap Tour women's hockey showcase

    Team Sonnet (Toronto) exploded for a seven-goal third period against Team Scotiabank (Calgary) to claim a 10-2 victory in the championship game at the Professional Women's Hockey Players Association (PWHPA) Dream Gap Tour showcase hosted by the Washington Capitals. Madison Field of Oakville, Ont., scored a hat trick, while Jessie Eldridge and Victoria Bach each scored twice to help lift the Toronto club to its first title of the season on Sunday at the MedStar Capitals Iceplex in Arlington, Va.

  • Flames-Avalanche is the West Final we deserve

    In a showcase of the conference's division leaders, the Avalanche and Flames put on quite the performance on Saturday night.

  • Dalano Banton on the first time he met Masai Ujiri

    Dalano Banton reveals what his draft workout was like for the Raptors in Tampa and how the organization gave draftees the full Toronto experience. Listen to ‘Hustle Play’ wherever you get your podcasts and watch the full episode on our Yahoo Sports Canada YouTube.

  • Many unmasked hockey fans jam into Saddledome as restrictions drop

    A mostly unmasked sea of red and white jerseys filled the Saddledome for the Calgary Flames vs. Montreal Canadiens game Thursday night. The arena, which can seat over 19,000 people, can now operate at full capacity, and fans can choose whether or not to wear a mask now that the province has entered Step 2 in its three-step plan to lift pandemic restrictions. "It's just great to go back to having some sense of normalcy," hockey fan James Benford said before entering the arena. Josh Benford echoed

  • ‘I’m really on the Toronto Raptors’: Dalano Banton

    Chris Boucher discusses his role as a veteran to the many young players on the Raptors while Dalano Banton still can’t believe he’s playing for his hometown team. Listen to ‘Hustle Play’ wherever you get your podcasts and watch the full episode on our Yahoo Sports Canada YouTube.

  • Colorado Avalanche still the class of the NHL

    Justin Cuthbert counts down the top five teams in the NHL this week, with the Avs comfortably leading the pack.

  • Esport star donates to Ukrainian army

    CS:GO pro-gamer Aleksandr 'S1imple' Kostliev is donating $33K to the Ukrainian army.

  • Canucks' Thatcher Demko recalls being roasted by Patrick Roy: 'What the f– is wrong with you?'

    Patrick Roy was not a fan of "Dancing Demko."

  • 'Holy, this is different': Dalano Banton on 'Welcome to the NBA' moment

    Dalano Banton reveals the moment he realized he was in the NBA and why it's important for him to give back to his community. Listen to ‘Hustle Play’ wherever you get your podcasts and watch the full episode on our Yahoo Sports Canada YouTube.

  • Skier Mollie Jepsen speeds to Canada's 1st gold medal of Beijing Paralympics

    Alpine skier Mollie Jepsen sped to Canada's first gold medal of the Beijing Paralympics on Saturday in China. The 22-year-old from West Vancouver, B.C., won the women's standing downhill with a time of one minute 21.75 seconds, upgrading from the bronze she won in the event four years ago in Pyeongchang. China's Zhang Mengqiu fell just one-tenth of a second behind Jepsen to take silver, while Sweden's Ebba Aarsjoe earned bronze at 1:23.20. "Usually, we ski courses a million times before racing i

  • Stingers lose 2nd straight to Cangrejeros at FIBA Basketball Champions League Americas

    The Edmonton Stingers' last two games away from home haven't gone to plan, losing by a combined 59 points to Puerto Rico's Cangrejeros. After falling 89-68 to the Cangrejeros in December, the Stingers followed it up with an even more lopsided defeat on Sunday night in Nicaragua, dropping the game 93-55 to their counterpart in Group A of the FIBA Basketball Champions League Americas (BCLA) competition. While the logo on the Edmonton jersey was the same for both losses, the names on the back were

  • Chris Boucher is really proud of Malachi Flynn

    The Raptors sophomore has struggled to find consistent minutes this season but never showed his frustration. Chris Boucher appreciated that. Listen to ‘Hustle Play’ wherever you get your podcasts and watch the full episode on our Yahoo Sports Canada YouTube.

  • Hustle Play: Raptors' Dalano Banton on making the NBA, meeting Masai, rookie hazing

    Dalano Banton joins the show to talk about being drafted by his hometown team, his "welcome to the league" moment, and the advice he would give to kids who want to make the NBA.

  • Justin Champagnie on beating his dad in 1-on-1, silencing the doubters

    Toronto Raptors forward Justin Champagnie on the first time he beat his dad in 1-on-1 and the twisted ankle that followed, along with silencing critics in college and the NBA. Follow Yahoo Sports Canada for all your Raptors coverage.

  • Explaining impairment classification and factored times at the Winter Paralympics

    Canada flew out of the gates at the Beijing Paralympics, with three medals on Day 1 alone. Mollie Jepsen, an LW6/8-2 athlete, won gold in the women's standing downhill. Mac Marcoux, a B3 athlete, scored silver in the men's visually impaired downhill. And Mark Arendz, an LW6 athlete, collected biathlon bronze in the men's standing sprint. You may have watched some of these events and wondered what those letter-number combinations mean, or why there were oddly specific percentages next to athletes

  • Gavrilova sparks Team Scotiabank's comeback win over Team Adidas in semifinal at PWHPA women's hockey showcase

    Ilya Gavrilova potted three goals, including the game-winner, to help propel Team Scotiabank (Calgary) to a 6-2 semifinal win over Team Adidas (Minnesota) on Saturday at the Professional Women's Hockey Players Association (PWHPA) Dream Gap Tour showcase hosted by the Washington Capitals. The victory sets up a championship game against Team Sonnet (Toronto) on Sunday at 1:30 p.m. ET at the MedStar Capitals Iceplex in Arlington, Va. Team Adidas will face Team Bauer (Boston) in the consolation game

  • FIFA lets foreign players, coaches leave Russian clubs until June

    FIFA intervened to allow foreign players and coaches based in Russia to leave their clubs on Monday, although only for the rest of the season. Clubs in other countries will be allowed to sign up to two players who had been at clubs in Russia or Ukraine outside of the normal transfer window periods. Ukraine's league has been suspended since war engulfed the country, and its players are also allowed to temporarily leave until June 30. FIFPRO and the organization representing the world's soccer lea

  • Defending champion Fernandez roars back to punch ticket to semis at Monterrey Open

    Leylah Fernandez is off to the semifinals at the Monterrey Open after defeating China's Qiang Wang in straight sets on Saturday, keeping her title defence alive. The Laval, Que., teen won her sets 7-6 and 6-4, after falling behind Wang 3-0 in the first of the two. Fernandez, 19, is scheduled to take the court at 8:15 p.m. ET against Brazil's Beatriz Haddad Maia on Saturday. The Brazilian dispatched Czech Republic native Marie Bouzkova in her quarter-final match. Colombia's Camila Osorio and Spai

  • History favours Igor Shesterkin in Hart Trophy debate

    Justin Cuthbert reveals the historical element to the New York Rangers netminder's MVP campaign.

  • Marble Mountain skiers stranded for hours following lift malfunction

    As many as 250 people were left stranded after a malfunction shut down a ski lift at Marble Mountain Saturday. Firefighters, search and rescue groups from around the region, and ski patrol trainees all worked together to evacuate the lift, a process which took between two and a half to three hours. Some skiers spent that time suspended in the air as high as 60 feet, or three stories. "Everyone was very cold," says Marble Mountain operations manager Richard Wells. "Anyone on a four pack, they wer