How to Beat Sneaker Bots with Netacea

Alex McConnell
Alex McConnell
11/07/19
3 Minute read
yeezy banner image

Article Contents

    In part four of our sneaker bot series, we explore a real-world example of how we’ve spotted these badly-behaved bot-teenagers, and what we’ve done to put them on the naughty step.

    In earlier parts of this series, we’ve discussed just why the sneaker bot operators are so motivated, and also some of the strategies that you can employ to attempt to stop them. In this edition, we’ll run through a couple of examples of behaviour we’ve identified and then mitigated for one of our bot management customers.

    How to beat sneaker bots: a real world example

    Customer Profile:

    A major luxury department store with a strong online presence:

    • £700m annual turnover
    • Four UK stores, global online presence

    Client Challenge: Identifying Previously Unknown Attack Vectors

    Our customer wasn’t actually aware they had a problem with retail sneaker bots. We had engaged with them for entirely different reasons; however, once our algorithms got to work it quickly became apparent that there was more than one threat to their site.

    Solution: Extending Mitigation Strategies to Include Sneaker Bots

    In related blogs, we spoke a little bit about how we measure intent, as well as behaviour itself. It’s this combination that allows us to start monitoring the activities of certain undesirables.

    For most retail sneaker bots, the behaviour is fairly easy to spot – rarely are they subtle in their actions. The same was true with this particular customer, and we were able to quickly identify and then protect against them. The sneaker bots followed the standard modus operandi: to first monitor the site for a specific shoe (or designer bag, shirt or indeed anything else that has been deemed the sine qua non on any given day – sneaker bots don’t confine themselves to sneakers!).

    Once the path became live, they sprang into action. The below plot shows the initial monitoring stage, and then the immediate ramp-up to BUY BUY BUY (or at least, attempt to BUY BUY BUY – we were blocking them at this stage):

    Identifying Sneaker Bot Traffic and Attacks
    Sneaker Bot Activity Graph

    Intent is Everything when beating sneaker bots

    The intent in cases like this is also fairly easy to understand. In this instance, the requests were almost exclusively referencing the Yeezy Triple Black, but in all cases, the bot will have been pre-programmed to look for a specific product. This sort of thing is what sets the traffic apart from that of a normal shopper eager for the latest pair of kicks.

    The trick is being able to configure your bot management tool to look for the right red flags and to then take appropriate defensive action. In our case, we’ve found that our custom advanced mitigations including Captcha, showing alternate content, adding challenges to the user journey or cancelling orders, pretty much cover all the bases.

    Its a team sport to Beat sneaker bots

    One final thing: Netacea employ a team of data scientists, analysts and bot ops staff to protect our customers against this sort of thing. From writing the initial algorithms to tuning them to our customers’ specific sites, to liaising over appropriate action to take – all of this is done in a collaborative fashion. No two customers are the same, and we understand that and want to work with you to ensure that your site is available to REAL team players, and not just the cyber-bullies.

    Why client side solutions are ineffective at beating sneaker bot attacks

    Legacy controls rely on agents, SDKs and Javascript that are visible to sneaker bot operators. This visibility allows for reverse engineering of code and are susceptible to bypass.

    Sneaker bots represent one of the more complex attack vectors and challenges for cyber defences. Due to the nature of their sophistication and ability to evolve at pace. Client side detection methods fail to detect these more complex attacks beyond the first block, as the bots evolve by retooling and reconfiguring their attack static rules based defences quickly become ineffective.

    Read our in depth article covering the dangers of client side bot detection methods.

    Demo Netacea bot protection and discover how to beat sneaker bots effortlessly

    Trying to beat sneaker bots manually is tough. Trying to do it with legacy controls is even harder. Netacea’s application of defensive AI and real-time threat intelligence allows InfoSec and Fraud teams to identify, stop and prevent sneaker bot attacks without any manual intervention.

    Put a stop to your sneaker bot challenges demo Netacea bot protection today.

    Block Bots Effortlessly with Netacea

    Book a demo and see how Netacea autonomously prevents sophisticated automated attacks.
    Book

    Related Blogs

    Blog
    Alex McConnell
    |
    18/12/24

    Scalper Bot Targets Christmas 2024: Criminal Groups Cash in on Low-Value Items

    Learn about the changing landscape of scalping. From hobbyists to professional criminal groups, uncover the dangerous evolution of scalping in the digital age.
    Blog
    Alex McConnell
    |
    13/12/24

    How Bots Exploit Seasonal Bot Traffic to Bypass Defenses

    Uncover the strategies used by bot operators to outsmart defenses, and how anti-bot tools are combating seasonal bot traffic.
    genesis market banner image
    Blog
    Alex McConnell
    |
    03/12/24

    Protecting Your Business from Web Scraping as a Service

    Protect your business from Web Scraping as a Service threats. Learn how advanced scrapers challenge websites and how intent-based detection can help safeguard your online assets.

    Block Bots Effortlessly with Netacea

    Demo Netacea and see how our bot protection software autonomously prevents the most sophisticated and dynamic automated attacks across websites, apps and APIs.
    • Agentless, self managing spots up to 33x more threats
    • Automated, trusted defensive AI. Real-time detection and response
    • Invisible to attackers. Operates at the edge, deters persistent threats

    Book a Demo

    Address(Required)
    Privacy Policy(Required)