A new type of bot scans websites for mispriced goods and purchases them at scale before the error is fixed, leaving retailers facing losses.
Cyber watchdog Kasada discovered at least 250 retail companies targeted by freebie bots. Members of one popular freebie community used these bots to purchase nearly 100,000 items in a single month at a combined retail price of $3.4 million.
Some individuals could earn as much as $100,000 a month using freebie bots.
“It has become very easy for anyone to purchase and utilize a bot – and increasingly difficult for retailers to identify and stop them,” Sam Crowther, founder and CEO of Kasada, said.
Off-brand sleeveless halter neck mini dresses, Apple MacBook Air laptops, and deep cleansing facial masks were among the top items purchased using freebie bots.
“Online shoppers can receive hundreds of thousands of dollars of goods for essentially nothing, realizing a massive profit after resale. Combined with the growing infrastructure costs needed to support bot-driven traffic, these attacks quickly impact a retailer’s balance sheet,” Sam Crowther added.
Many pricing errors occur due to decimal point displacements resulting in discounts as big as 99% off. Threat actors use bots to exploit retailers’ errors and resell the goods for a hefty profit.
Freebie bots put pressure on companies, impact their inventory, revenue, and brand reputation, and increase their infrastructure expenses.
“Retailers, at great cost, need to maintain a strong site architecture in order to handle this demand without crashing or becoming unavailable to regular shoppers,” Kasada said.
Bots are a major headache for companies and users during the shopping season. So-called scalper or grinch bots target merchandise in high demand or limited supply and snap it up faster than human users. The items are then sold for higher profit.
According to the cybersecurity company CHEQ, at least 46 million “shoppers” this coming Black Friday will be fake users.
Invalid traffic takes up an advertising budget to drive revenue from legitimate users. When an ad is served to bots and fake users, that portion of the budget is practically wasted.
CHEQ predicts that retailers will lose about $368 million to fraudulent clicks during this Black Friday alone.
Your email address will not be published. Required fields are markedmarked