What are Bots Costing eCommerce Companies?
Published: 07/09/2021

What are Bots Costing eCommerce Companies?

  • Yasmin Duggal, Cybersecurity Content Specialist, Netacea

4 minutes read

Netacea recently surveyed 440 businesses from across the USA and UK to understand how much financial impact bot attacks are having across different industries. Read the full results in our report: The Bot Management Review: What Are Bots Costing Your Business?

Analyzing the results, it’s clear that those in the retail industry are keenly aware of the financial harm caused by eCommerce bots. The survey revealed that 72% of eCommerce websites, and 83% of eCommerce mobile apps, were attacked by bots in the past year. More significantly, 89% of these said it took two to six months to realize there had been a scalper bot attack – the costliest to retailers in 2020 by far.

Over half of eCommerce businesses surveyed ran special promotions based on data that turned out to be incorrect due to bot activity, and the same ordered new stock as sales were exaggerated by bots.

So, let’s find out how much bots are really costing retailers in dollars, infrastructure and reputation.

What are the top bot threats to eCommerce businesses?

Scalper bots affect 82% of ecommerce companies

scalper bot is used to automate part of, or the entirety of, the purchasing journey of goods or services through non-human means on a website.

Scalper bots often target highly anticipated ‘hype’ products, and place products in shopping carts faster than any human user is capable, ready to proceed straight to purchase or resell for a high profit.

78% of eCommerce businesses surveyed said scalper bots had a known financial impact on their company in 2020, with over a third saying scalpers had cost them 3% of online revenue.

After the success of scalper bots in November 2020 during the launch of Sony’s PS5, users who previously were not involved in scalping realized they could make a significant profit by reselling in-demand items such as the PS5 for more than double their retail value. In fact, 59% of eCommerce businesses agreed that consumers are increasingly renting bots to buy products.

Over a quarter of online retailers targeted by sniper bots

Sniper bots are automated bots that monitor time-based activity online and submit information at the very last moment, removing the opportunity for other people to respond to that action.

A common problem on online retail websites, over half of eCommerce businesses said sniper bots have had a known financial impact on their company over the last year.

The most common example of sniper bots is last-second bidding on auction items on sites such as eBay. Sniper bot activity is most common on the last day of an auction or sale, but there have been cases where automated bidding has caused problems for retailers after the item has been sold, by forcing a flood of customers to use the ‘Buy it now’ button.

36% of eCommerce companies we surveyed said sniper bots had cost them 4% of their online revenue in 2020.

Account checker bots cause lost revenue for 21% of ecommerce businesses

An account checker bot is an attack tool that takes lists of leaked username and password pairs and tests them against a website login page. With one click of the button, attackers can find out whether an account exists on any number of websites or not.

Many websites can’t distinguish bot interactions from normal human interactions and consequently they accept this type of bot traffic. As a result, attackers try combinations of credentials until they find one that works. Attackers can then go back to this website and start using the newly found login details for whatever purpose they require – including email spamidentity theft and fraud.

Account checker bots are popular amongst cybercriminals and over a third of retailers surveyed said account checker bots had cost them 4% of their online revenue over the last 12 months.

As these bots affect the integrity of held customer data, almost one out five eCommerce sites said that customer satisfaction dropped by 5% because of account checker bots.

How can eCommerce businesses stay protected?

92% of retailers surveyed said bot management represents 10% or less of their total security budget. With this in mind, and considering the growing awareness of sophisticated bot attacks, the challenge businesses now face is turning this awareness into action.

The first step in minimizing the impact of bots is to recognize they are happening and put a plan in place to stop them – in other words, investing in a real-time detection and mitigation solution to stop bots at the point of entry to your online store.

Protecting retailers with sophisticated bot management

By monitoring web log data on the server side of your eCommerce website, Netacea Bot Management gains a full picture of website, mobile and API traffic and uses advanced AI and machine learning to analyze users’ intent in real time.

This allows us to mark out malicious eCommerce bots and block their access, reducing the risk of attacks being carried out by bad actors.

Learn more about the financial impact of bots on businesses in our full report, or register to watch our upcoming live webinar: What Are Bots Costing Your Business?

Schedule Your Demo

Tired of your website being exploited by malicious malware and bots?

We can help

Subscribe and stay updated

Insightful articles, data-driven research, and more cyber security focussed content to your inbox every week.


By registering, you confirm that you agree to Netacea's privacy policy.