ShieldSquare is now Radware Bot Manager

ShieldSquare is now Radware Bot Manager

E-commerce Portals Are Attacked With Distributed Multi-stage Scraping Attacks: Radware Bot Manager Research

September 21, 2018 | All Automated Threats Bot Prevention Technologies Radware Research


The hyper-competitive e-commerce industry is known for devising ingenious ways to win business wars. One of such techniques is scraping of product categories, details, and pricing information. To dig deeper into it, our research team conducted a study on a popular e-commerce portal. Download the ebook

The study revealed some insightful yet surprising results. Let’s take a brief look at it:

  • Scrapers plan attacks in various stages to exploit the vulnerabilities of existing systems such as WAFs, Intrusion Detection Systems/Intrusion Prevention Systems (IPS/IDS), and other in-house measures that lack the historical look-back, deep learning capabilities, and the ability to sniff automated behavior in syntactically-correct HTTP requests.
  • Attackers use an exploit kit that comprises a combination of tools (such as proxy IPs, multiple UAs, programmatic/sequential requests) to evade detection and perform large-scale and sophisticated scraping attacks. Websites are then hit by bots from tens of thousands of new IPs that are used once, and never again. For instance, in the case that we examined, attackers scraped product information and pricing details of 651,999 products from 11,795 categories using a combination of exploit tools and fake user accounts.
  • The ebook underlines that organized and sophisticated scraping attacks are fueled by the growing demand for data, pricing information, and market intelligence as many e-commerce firms either employ an in-house team or leverage the expertise of professional web scrapers to pull ahead of competitors.

The ebook also recommends an action plan for E-commerce players to combat scraping attacks.To download a copy of the ebook,
click here

Tags: , , ,

Subscribe to Radware Research and Blog
Thank you for subscribing
Thanks. Sent confirmation email.

Related Content

November 24, 2021
Hacker Uses Bots Emulating Android Devices to Scrape 178 Million Facebook Profiles
July 2, 2021
The LinkedIn User Data Leak Shows Why Bot Management Tools Are Essential for Data Security
May 24, 2021
Why Bot Mitigation for APIs is Crucial for Enterprises

Step Up and Take Action

Powered by Think201