NEW YORK  — December 12, 2022 — Kasada, provider of the most effective and easiest way to defend against advanced bot attacks, today released new research about four major cybersecurity threats impacting the holiday shopping season: gift card fraud, fake account creation, Freebie Bots, and scraping attacks.

Key Highlights Include:

  • 50% increase in bad bot traffic
  • 6x increase in automated online gift card lookup attempts
  • 3x spike in fake account creation the week before Black Friday
  • $1.1M of products purchased by Freebie Bots for $134, within one community
  • 43% surge in web and API scraping attacks
  • 49% of holiday bot attacks originate from the United States

Kasada observed a 50% increase in bad bot activity during Black Friday week (the five days from Thanksgiving to Cyber Monday). Bot operators frequently used customized open-source development tools, headless browsers, and new Solver Services to conduct their attacks at scale.

The full 2022 Holiday Bad Bot Report for this year’s shopping season is available here.

Read the full Press Release here.

Want to learn more?

  • The AI Browser Revolution: Rethinking Web Architecture

    AI-powered browsers are making it harder to tell humans from bots. Discover why this shift could change the future of online security.

  • KasadaIQ’s Q1 Insights: How AI Became Adversary Infrastructure

    KasadaIQ’s Q1 2026 Threat Intelligence Report highlights a structural shift in automated threats: AI is now embedded across the adversary lifecycle. From large-scale account commoditization to verification bypass and AI agent exploitation, organizations face a rapidly evolving and industrialized threat environment.

Beat the bots without bothering your customers — see how.