Humans and bots went head to head again this year to compete for the best deals the holiday season had to offer. Surprisingly, October emerged as the star of Kasada’s annual 2023 Holiday Bad Bot Report, as adversaries meticulously prepared for November’s Black Friday and Cyber Monday deals. Despite booming early bird sales in October, “Cyber Five” Weekend, which represents Thanksgiving in the United States through Cyber Monday, still had some interesting insights of their own.

Key findings from the 2023 Holiday Bad Bot Report

  • Bots were early to holiday sales: Peak bot traffic occurred in the days leading up to Black Friday on Thanksgiving and the day before Thanksgiving due to preparation for their attacks on peak sales days.
  • Humans preferred to shop on Black Friday: Black Friday saw 12% more online traffic than Cyber Monday. Peak traffic on Black Friday was 40% higher than the previous Friday, and bot traffic was 110% higher.
  • Scalping and login fraud were common bot attacks during Cyber Five: Automated login requests increased by 251% from Saturday, November 25th to Sunday, November 26th, and peaked on Cyber Monday. More than half of all bot requests came from scalpers, culminating the night before Thanksgiving. 

Peak Botting Activity: Wednesday, November 22

Move over, Black Friday and Cyber Monday – it turns out bots had their own favorite day during the Cyber Five shopping week. Wednesday, the day preceding Thanksgiving, emerged as the unlikely target, witnessing the peak of bot activity. A staggering 63% of bot requests had one thing in mind – scalping. Given the high levels of these Grinch bots, we suspect adversaries were attempting to take advantage of early holiday sales and exclusive member-only deals before they were available to the general public.  

During the “Cyber Five” weekend, the most popular days for bots were Travel Tuesday, Black Friday, and Cyber Monday, respectively. 

Cyber Five Week Graph showing bot requests from Kasada

For humans, activity didn’t pick up much until Black Friday. Shoppers seemed to do most of their online shopping on Black Friday, then on Cyber Monday. In fact, Black Friday received 12% more human traffic than Cyber Monday. 

Cyber Five Week Graph showing consumer traffic requests from Kasada

3X Surge in Grinch Bots on Cyber Monday

After their early start before “Cyber Five” weekend, Grinch Bots continued to plague holiday sales through the weekend – favoring Cyber Monday and Black Friday sales. Scalping requests spiked by 3x on Cyber Monday as they attempted to purchase sale items before most humans were even awake. 

Chart showing 2023 Cyber Five Grinch Bots from Kasada

3x Surge in Automated Login Attempts on Cyber Monday

Grinch bots weren’t the only popular attack during the “Cyber Five” weekend. After a few days of sales, adversaries increased efforts to hack into accounts. Kasada observed a 3x surge in automated login requests on Cyber Monday compared to earlier in the week. Had adversaries been successful in stealing customer accounts, orders might have been mysteriously rerouted, or fraudulent orders could have been placed. Having proper cyber defenses in place at the login to safeguard against automated login attempts helps protect more consumers against fraud and additional stress to their holiday shopping. 

Cyber Five Automated Login Fraud

Adversaries Are More Sophisticated Than Ever

While we might envision bots as clunky lines of code, Kasada’s observations paint a different picture. 51% of holiday bots showcased a high level of sophistication, employing tools like Puppeteer Stealth and Playwright. This revelation eclipsed the 21% classified as medium sophistication and the remaining 28% deemed basic. In the world of cyber warfare, specific attacks often come armed with tailored tools. Scalpers, for instance, employ advanced tools to slip past detection mechanisms, while SMS and gift card fraudsters opt for less sophisticated tooling.

Pie chart showing how sophisticated bots were during cyber Five weekend

Preparing for Bot Traffic

If you’re in security, fraud, or digital experience for eCommerce or retail, you need to prepare for bot traffic year-round. Not only can bots hurt website performance, steal products and data from loyal customers, and commit fraud, but they can also skew your website metrics and marketing analytics. When analyzing business performance, it’s imperative to know which requests are actually human. 

To do that, it’s crucial to stay one step ahead of adversaries and their evolving tactics, anticipating their relentless return each time with new methods.

Check out the 2023 Holiday Bad Bot Report for more insights and recommendations from our team. You can also request a snapshot here to see if your organization is a target of automated fraud.

Want to learn more?

  • A blue and white background emphasizing data authenticity.

    The New Mandate for Bot Detection – Ensuring Data Authenticity

    Can the data collected by an anti-bot system be trusted? Kasada's latest platform enhancements include securing the authenticity of web traffic data.

  • Picture of code on a laptop to show web scraping

    The Future of Web Scraping

    If data is the new oil, then web scraping is the new oil rig. The potential impact of web scraping is escalating as the twin forces of alternative data and AI training both rapidly increase in size and complexity.

A blue and white background emphasizing data authenticity.

The New Mandate for Bot Detection – Ensuring Data Authenticity

Can the data collected by an anti-bot system be trusted? Kasada's latest platform enhancements include securing the authenticity of web traffic data.

Picture of code on a laptop to show web scraping

The Future of Web Scraping

If data is the new oil, then web scraping is the new oil rig. The potential impact of web scraping is escalating as the twin forces of alternative data and AI training both rapidly increase in size and complexity.

Dj mixing tracks on a club dj console with vibrant lighting, avoiding scalpers outside.

How Scalpers Scored Thousands of Fred again.. Tickets

See how scalpers and sneakerbots, typically used for limited-edition releases, exploited ticket sales for Fred again..'s latest tour announcement in Australia.

Beat the bots without bothering your customers — see how.