Content scrapers are automated bots that steal your content from websites and mobile apps for their own use without permission, usually for malicious purposes. Content scrapers typically copy all the content from a webpage and portray it as their own content. Bots can scrape all of the content on a website in a matter of seconds, even for large websites such as eCommerce sites with thousands of product pages. These bots can scrape public website information such as text, images, HTML and CSS code.

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is designed to prevent bots or spam attacks from accessing a webpage. Traditionally users were tasked with typing text from a simple image, but over time CAPTCHA has evolved into more complex images and voice recognition in response to the increasing sophistication of attacks.

In our previous blog, we discussed scalper bots, what they are, what they do and the impact they’ve had on the latest PS5 launch. We are now looking into the industry surrounding these bots, and delving into who exactly uses scalper bots and why.

Scalper bots are designed to automatically purchase online goods. Generally, they do this by adding a product to a cart and completing the checkout process far faster than any human could hope to do so. They exploit vulnerabilities in websites to purchase goods before they are even listed as available to the usual human users of a website. Those using scalper bots have a huge advantage over non-bot users when it comes to purchasing limited-quantity items.

Scraper bots are commonly used to acquire prices and content from websites for competitive advantage. Aggressive scraper bot activity slows down websites for customers, resulting in a bad user experience that costs the retailer revenue as frustrated customers are driven to competitors, while exposing vital pricing data.

Client-side technology (such as JavaScript) can be used to create a unique “fingerprint” for a specific device/browser combination, which can be used to modify functionality or detect returning users. Some fraud prevention tools will use fingerprinting to block transactions from browsers that have been previously identified as insecure or involved in fraudulent activity.

It’s PS5 launch day and dedicated fans have been queuing all morning to get their hands on the limited number of consoles available. So far, we’ve seen John Lewis, Tesco, Currys PC World, Game and Argos struggle under the enormity of tens of thousands of visitors. John Lewis was offline entirely while those with a queuing system in place found that slowing the flow of traffic alone was not enough to protect retailers from over selling stock.

In our webinar Bad Bots 101: Credential Stuffing Action, we discuss why these attacks are so difficult for businesses to detect and stop. In today’s blog, we cover some of the salient points explored in the webinar by Netacea’s Head of eCommerce Tom Platt, including the common techniques used by sophisticated bad bots to evade traditional methods of detection.

Scalper bots, also known as inventory hoarding bots, are the bots that thrive on supply and demand. These malicious bots are used to target merchandise that is typically in high demand or limited supply, buying it and selling it on for a tidy profit. The key thing here, is that scalper bots can make purchases extraordinarily quickly, much faster than any genuine user can.