Published: 10/06/2020

Inventory Holding Bots

Inventory holding bots perform the steps of purchasing goods without completing the transaction. These online bots are often used to disrupt, manipulate, and steal.

What is the goal of inventory holding bots?

Online merchants must make special considerations when selling their goods. Inventory holding bots can cause an influx of undesired traffic that is not welcomed or beneficial to your eCommerce business.

The purpose of these inventory holding bots is to prevent inventory reduction for online merchants by holding up purchases in the shopping cart until a specified date or time. This can also be known as Denial of Inventory. A variation of this malicious automated technique is making reservations, for example, hotel rooms or holiday bookings and flights.

The most common time frame for bots to be used is during holiday season shopping (Black Friday, Cyber Monday, Christmas).

How do inventory holding bots work?

Inventory holding bots are programmed to search for specific product listings that have a very limited quantity. The bot will then enter the shopping cart and not complete the transaction for the desired good. The idea is to keep those products on your store’s virtual shelf until another human shopper comes along looking to purchase them.

These bots perform this process multiple times, causing significant problems for retailers and travel organisations. Specifically, during busy periods like Black Friday sales.

Online merchants should be aware of this type of malicious activity because it can lead to lost revenue, sales, and customer satisfaction when their inventory becomes limited. Most consumers would prefer to shop at online stores with available stock in order to get what they want sooner than later.

How can you prevent inventory holding bots?

  • Have a sound customer support team in place ready to respond quickly
  • Track changes made on your site after each session/transaction
  • Frequently audit logs and records of suspicious activity
  • Enable adequate security software to monitor suspicious activity on your website such as firewalls and user authentication
  • Ensure that any password protecting directories on your server is encrypted using a single encryption key and do not share it with anyone else via email or other means

How to identify an inventory holding bot?

These automated characters are designed to mimic real customer behaviour so they can avoid detection. However, there are some telltale signs that a bot is being used which include:

  • Unusual shopping patterns for certain products over the same product range
  • Large quantity of orders on the same or similar products in one day
  • A sudden increase in traffic from foreign IP addresses

Ensuring that you protect your website and data online will help you mitigate attacks caused by inventory bots.

Schedule Your Demo

Tired of your website being exploited by malicious malware and bots?

We can help

Subscribe and stay updated

Insightful articles, data-driven research, and more cyber security focussed content to your inbox every week.


By registering, you confirm that you agree to Netacea's privacy policy.