The online retail industry is one of the prime targets for cybercrime, as detailed in our annual analysis of the cybersecurity threats targeting eCommerce websites and applications.
As the 2023 holiday shopping season continues, Imperva Threat Research is closely monitoring how cybercriminals are trying to disrupt and cause chaos for online retailers and shoppers.
Below are five key takeaways based on our observation of attacks during the early holiday shopping period.
Takeaway #1: Web traffic rises steadily throughout October and November as Cyber Monday dethrones Black Friday as the online holiday shopping event of the season
The holiday shopping season is starting earlier than ever, evidenced by the steady rise in web traffic across retail sites in October and November.
Unlike prior years when Black Friday was the milestone sales event of the holiday shopping season, shoppers took advantage of promotions and sales in early November. In 2023, the peak in online traffic was recorded on November 19, with a second notable peak occurring on Cyber Monday (November 27). In fact, there was 42% more web traffic on retail sites on Cyber Monday than on Black Friday.
Takeaway #2: The volume of bad bots rises during the holiday shopping season
Bad bots account for 26.3% of all web traffic to online retail websites, higher than the annual average of 22.7%. Human traffic on retail sites dropped by nearly 3%, while the proportion of good bot traffic remained similar to the yearly average.
Takeaway #3: Account takeover (ATO) attacks are rampant throughout the holiday shopping season
The number of ATO attacks has risen since September, with a spike in attack activity recorded on November 8, 14, and 24 (Black Friday).
The number of attacks spiked by an astonishing 85% on Black Friday. For comparison, ATO attacks on Black Friday 2022 increased by 66%.
The intensity of these attacks is also increasing. The number of malicious login requests soared 82% between October and November.
We’ve also monitored frequent spikes in account takeover attacks targeting online retailers’ APIs this holiday shopping season, with a notable peak in late October.
Takeaway #4: Attacks targeting retailers’ APIs increase as the holiday season progresses
API traffic accounts for 45.8% of all traffic to online retailers, up from 41.6% last year. With that in mind, the rise in attacks targeting online retailers’ APIs becomes notable. Attacks increased by 6% in October and another 9% in November.
These attacks could be designed to expose a business logic vulnerability, an exploit of an application’s intended functionality and processes. In retail, attackers can exploit business logic to manipulate pricing or access restricted products.
Takeaway #5: Imperva mitigates downtime from persistent DDoS attacks
Distributed denial-of-service (DDoS) attacks are a constant threat, with attackers trying to overwhelm a retailer’s network or servers with a flood of traffic. When an attack occurs, the retailer may be unable to handle the traffic which can lead to a critical disruption in service.
On average, Imperva prevented 30 hours of downtime per retail site this holiday season. During Cyber Week alone, Imperva prevented 10 hours of downtime per retail site.
Try Imperva for Free
Protect your business for 30 days on Imperva.
