ShieldSquare is now Radware Bot Manager

ShieldSquare is now Radware Bot Manager

What is Scalping?

Scalping is an age-old practice that used to be carried out by touts and resellers buying event tickets and certain goods that were in high-demand, and later selling them for a considerable profit. Today, scalping has mostly moved online, where millions of consumers buy products and services every single day, and transactions are often completed in minutes. Scalpers today leverage sophisticated “All-in-one” bots that are sold online and programmed to regularly scan e-commerce, ticketing, and other websites and applications to find and quickly buy large quantities of desired products (such as certain brands of sneakers and gaming consoles, for example) before regular consumers even get a chance to log in to make their purchases. The scalped products are then quickly resold through sites like eBay and other portals that serve the secondary market.


An Overview of Automated Scalping Attacks

Scalper bots are deployed to regularly visit popular e-commerce portals at frequent intervals to scan for product “drops” ─ launches of highly-anticipated products such as fashion sneakers or gaming systems). Before that, the scalpers behind these bots create user accounts at online stores under various identities, using different IP addresses, payment cards, and shipping addresses, and combinations thereof, to evade fraud detection systems. Many products launches are advertised well in advance of the drop date, and the bots ramp up their visits in anticipation of the launch. As soon as the products are made available for consumers to buy, scalper bots swoop in and snatch up as many items as they can, using the previously created user accounts, along with online accomplices such as “CAPTCHA Farms”, teams of outsourced workers who work for shady agencies that specialize in solving such anti-bot measures in real time.

Scalping is illegal in many countries, but is not always prosecuted by legal authorities, as scalpers’ identities are difficult to ascertain because of the anonymity that the Internet provides. In the past year after the Covid pandemic started, scalpers were reported to have bought out large supplies of essential products that had suddenly come into high demand such as face masks, hand sanitizer, as well as entertainment systems such as PlayStation 5 game consoles and high-end Nvidia graphics cards.

Types of Scalping Attacks

Scalping has always been about being among the first buyers of products and tickets in limited supply, and bot technology has made it easy for scalpers to find items as soon as they are posted for sale, quickly buy them before the average consumer can even log in to the online sales portal, and then resell them at whatever prices buyers are willing to offer. Products such as certain brands of fashion sneakers and apparel produced in limited volumes, as well as those made in large quantities and have high consumer demand, such as the latest gaming consoles, high-end graphic chips (used not only for gaming and video production but also to mine cryptocurrencies) have in recent years become some of the most-scalped goods.

Just as in the pre-Internet era, concert and sports event tickets continue to be bought and sold by scalpers. Even as many online sellers have taken steps to mitigating scalping, such as for example requiring buyers to pick up their orders from retail stores rather than getting them home delivered, scalping is not likely to go away. There is a lot of profit to be made from scalping due to mismatches between supply and demand, and scalpers keep finding ways to get to the head of the line.

Step Up and Take Action

Powered by Think201