By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
TechgoonduTechgoondu
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Search
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Reading: Q&A: Businesses need to ward off bots that mimic humans, says Imperva
Share
Aa
TechgoonduTechgoondu
Aa
  • Audio-visual
  • Enterprise
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
  • PC
  • Telecom
Search
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Follow US
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Techgoondu > Blog > Cybersecurity > Q&A: Businesses need to ward off bots that mimic humans, says Imperva
CybersecurityEnterpriseSoftware

Q&A: Businesses need to ward off bots that mimic humans, says Imperva

Alfred Siew
Last updated: August 16, 2022 at 11:29 AM
Alfred Siew Published August 16, 2022
7 Min Read
SHARE
Reinhart Hansen, the director of technology at Imperva. PHOTO: Handout

Ever wanted to buy a new pair of sneakers online but found them always unavailable? Or got locked out of elusive concert tickets, limited-edition watches or computer graphics cards?

While some items may genuinely be popular, sometimes bots run by unscrupulous scalpers may be behind the problem. These programs continually spam a website to register or buy these exclusive items, depriving real users a chance to do so.

Bad bots, or automated software applications with malicious intent, also are involved in taking over accounts or scraping content or prices from other websites, according to cybersecurity firm Imperva.

In a report released in May, it revealed that more than a third of all Internet traffic in Singapore was down to bad bots. This was the second highest in the world, just behind Germany.

As more businesses make their processes digital, the number of targets grow for such bots, said Reinhart Hansen, the director of technology at Imperva.

And bots are becoming harder to detect because they now mimic human behaviour to overcome traditional defences set up to ward them off, he told Techgoondu, in this month’s Q&A.

NOTE: Responses have been edited for brevity and style.

Q: Why has Singapore faced many bad bots and what does that mean for consumers and businesses here?

A: Singapore has ranked high in the most attacked countries list for several years. During the pandemic, as digital transformation accelerated, more business in Singapore was conducted online.

When more digital services are available and more business is transacted online, there are more targets and more incentives for bot operators to target.

Every online business needs to care about bad bot traffic because it is likely to be the first indicator of online fraud activities. Failing to manage this growing problem is a business risk.

Successful bot attacks lead to account compromise, higher infrastructure and support costs, customer churn, and degraded online services. Organisations should invest in advanced bot protection to safeguard their customers’ interests, minimise the costs associated with fraud, and reduce compliance risk.

At the same time, consumers need to be aware that their data is at risk, especially in regards to account takeover (ATO) attacks where cybercriminals gain access to personal and financial information within online accounts using stolen passwords and usernames.

Consumers can mitigate the risk by practicing good security hygiene such as setting unique passwords in all their online accounts and being mindful of where they store any financial information.

Q: Briefly, how are these bots doing harm to victims? Are they taking over accounts or used to buy up scarce collectibles like sneakers?

A: Bots are a persistent, 24/7 threat to a business’ websites, mobile apps, and their frontend APIs (application programming interfaces). Bot operators use bots to automate tasks at scale in a number of ways – spreading misinformation, scraping data, hoarding inventory, and conducting fraud.

The three most common bot attacks in 2021 were ATO, content or price scraping, and scalping to obtain limited-availability items. 

As mentioned above, ATO attacks are where cybercriminals compromise online accounts using stolen passwords and usernames.

If successful, the implications of an ATO are extensive. For customers, ATO attacks can lock them out of their account, while fraudsters gain access to their sensitive information such as credit card data, account funds, and health records.

For a business, they must handle the high costs associated with ATO including increased customer support costs, revenue loss, tarnished reputation, and potential penalties for regulatory non-compliance.

Content or price scraping attacks use bots to extract content and data from a website. A scraping attack can have impactful effects, especially when competitors scrape your prices to beat you in the marketplace and/or damage your search rankings. 

Scalping bots such as Grinch bots essentially go out and buy all the available inventory of a very popular or newly launched item, with the intent to resell it at a substantially higher price.

For example, bots are frequently used to buy popular concert tickets as well as scarce collectibles or gaming systems that are then resold on another site for a much higher price.

And yes, while the retailer still generates a sale in the short-term, the long-term value of a bot does not  equate to the same value as a satisfied customer who regularly returns to buy additional products.

Bots degrade the customer experience by slowing down a website and making products unavailable for purchase, forcing customers to go elsewhere. Once they’ve made the switch, they may never return.

Q: What has made these bad bots proliferate today?

A: Organisations have rushed to improve their online operations to stay in business since the beginning of the global pandemic in 2020.

It meant the creation of more digital services, new online functionality, and the development of expansive API ecosystems.

Unfortunately, this array of new endpoints is a ripe target for automated abuse. Whenever a new way of transacting online emerges, cybercriminals will look for ways to exploit this using bot-based automation.

Q: What are businesses in Asia-Pacific doing to counter the threat and what more can they do?

A: Traditionally, organizations could protect their site with a few tweaks and configurations to block bad bots. However, the 2022 Imperva Bad Bot Report found that this approach no longer works.

Bot operators are constantly evolving their tactics, and bots are increasingly hard to detect and stop – often because they closely mimic human behavior.

Without an advanced bot protection solution, it’s almost impossible to keep up with the evolving and continued threat of bad bots.

Organisations should invest in advanced bot protection to safeguard their customers’ interests, minimise the costs associated with fraud, and reduce compliance risk.

You Might Also Like

As TikTok faces a possible ban in the US, should users elsewhere be worried?

Foodpanda to use Gogoro electric scooters in battery swapping trial with Cycle & Carriage

RedCap: A new cellular IoT technology for the 5G era

Debate on computational photography misses what’s real, what’s lived outside a frame

Q&A: Delivering movies digitally and securely from around the world

TAGGED: account takeover, API, bad bots, bots, Imperva, Q&A

Sign up for the TG newsletter

Never miss anything again. Get the latest news and analysis in your inbox.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Alfred Siew August 16, 2022
Share this Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Copy Link Print
Share
Avatar photo
By Alfred Siew
Follow:
Alfred is a writer, speaker and media instructor who has covered the telecom, media and technology scene for more than 20 years. Previously the technology correspondent for The Straits Times, he now edits the Techgoondu.com blog and runs his own technology and media consultancy.
Previous Article Why Korean content is making waves overseas
Next Article Samsung Odyssey Ark, an eye-catching curved gaming screen, is out for S$4,999 in Singapore
Leave a comment

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

Facebook Like
Twitter Follow

Latest News

Oppo Find N2 Flip review: A worthy flip phone alternative to Samsung
Cellphones Mobile March 26, 2023
As TikTok faces a possible ban in the US, should users elsewhere be worried?
Cybersecurity Internet March 24, 2023
Foodpanda to use Gogoro electric scooters in battery swapping trial with Cycle & Carriage
Enterprise Internet March 23, 2023
RedCap: A new cellular IoT technology for the 5G era
Enterprise Software Telecom March 23, 2023
//

Techgoondu.com is published by Goondu Media Pte Ltd, a company registered and based in Singapore.

.

Started in June 2008 by technology journalists and ex-journalists in Singapore who share a common love for all things geeky and digital, the site now includes segments on personal computing, enterprise IT and Internet culture.

banner banner
Everyday DIY
PC needs fixing? Get your hands on with the latest tech tips
READ ON
banner banner
Leaders Q&A
What tomorrow looks like to those at the leading edge today
FIND OUT
banner banner
Advertise with us
Discover unique access and impact with TG custom content
SHOW ME

 

 

POWERED BY READYSPACE
The Techgoondu website is powered by and managed by Readyspace Web Hosting.

TechgoonduTechgoondu
Follow US

© 2023 Goondu Media Pte Ltd. All Rights Reserved | Privacy | Terms of Use | Advertise | About Us | Contact

Join Us!

Never miss anything again. Get the latest news and analysis in your inbox.

Zero spam, Unsubscribe at any time.
 

Loading Comments...
 

    Welcome Back!

    Sign in to your account

    Lost your password?