Humans and bots went head to head again this year to compete for the best deals the holiday season had to offer. Surprisingly, October emerged as the star of Kasada’s annual 2023 Holiday Bad Bot Report, as adversaries meticulously prepared for November’s Black Friday and Cyber Monday deals. Despite booming early bird sales in October, “Cyber Five” Weekend, which represents Thanksgiving in the United States through Cyber Monday, still had some interesting insights of their own.
Key findings from the 2023 Holiday Bad Bot Report
- Bots were early to holiday sales: Peak bot traffic occurred in the days leading up to Black Friday on Thanksgiving and the day before Thanksgiving due to preparation for their attacks on peak sales days.
- Humans preferred to shop on Black Friday: Black Friday saw 12% more online traffic than Cyber Monday. Peak traffic on Black Friday was 40% higher than the previous Friday, and bot traffic was 110% higher.
- Scalping and login fraud were common bot attacks during Cyber Five: Automated login requests increased by 251% from Saturday, November 25th to Sunday, November 26th, and peaked on Cyber Monday. More than half of all bot requests came from scalpers, culminating the night before Thanksgiving.
Peak Botting Activity: Wednesday, November 22
Move over, Black Friday and Cyber Monday – it turns out bots had their own favorite day during the Cyber Five shopping week. Wednesday, the day preceding Thanksgiving, emerged as the unlikely target, witnessing the peak of bot activity. A staggering 63% of bot requests had one thing in mind – scalping. Given the high levels of these Grinch bots, we suspect adversaries were attempting to take advantage of early holiday sales and exclusive member-only deals before they were available to the general public.
During the “Cyber Five” weekend, the most popular days for bots were Travel Tuesday, Black Friday, and Cyber Monday, respectively.
For humans, activity didn’t pick up much until Black Friday. Shoppers seemed to do most of their online shopping on Black Friday, then on Cyber Monday. In fact, Black Friday received 12% more human traffic than Cyber Monday.
3X Surge in Grinch Bots on Cyber Monday
After their early start before “Cyber Five” weekend, Grinch Bots continued to plague holiday sales through the weekend – favoring Cyber Monday and Black Friday sales. Scalping requests spiked by 3x on Cyber Monday as they attempted to purchase sale items before most humans were even awake.
3x Surge in Automated Login Attempts on Cyber Monday
Grinch bots weren’t the only popular attack during the “Cyber Five” weekend. After a few days of sales, adversaries increased efforts to hack into accounts. Kasada observed a 3x surge in automated login requests on Cyber Monday compared to earlier in the week. Had adversaries been successful in stealing customer accounts, orders might have been mysteriously rerouted, or fraudulent orders could have been placed. Having proper cyber defenses in place at the login to safeguard against automated login attempts helps protect more consumers against fraud and additional stress to their holiday shopping.
Adversaries Are More Sophisticated Than Ever
While we might envision bots as clunky lines of code, Kasada’s observations paint a different picture. 51% of holiday bots showcased a high level of sophistication, employing tools like Puppeteer Stealth and Playwright. This revelation eclipsed the 21% classified as medium sophistication and the remaining 28% deemed basic. In the world of cyber warfare, specific attacks often come armed with tailored tools. Scalpers, for instance, employ advanced tools to slip past detection mechanisms, while SMS and gift card fraudsters opt for less sophisticated tooling.
Preparing for Bot Traffic
If you’re in security, fraud, or digital experience for eCommerce or retail, you need to prepare for bot traffic year-round. Not only can bots hurt website performance, steal products and data from loyal customers, and commit fraud, but they can also skew your website metrics and marketing analytics. When analyzing business performance, it’s imperative to know which requests are actually human.
To do that, it’s crucial to stay one step ahead of adversaries and their evolving tactics, anticipating their relentless return each time with new methods.
Check out the 2023 Holiday Bad Bot Report for more insights and recommendations from our team. You can also request a snapshot here to see if your organization is a target of automated fraud.