What Types of Data Do Attackers Target in a Bot Attack?
Bots are a tool used to execute attacks against web applications and APIs in order to steal or alter critical data. Common bot attack scenarios include:
Web Content Scraping
Search Bot Imposters Versus Genuine Search Engine Bots
Web scraping bots automatically gather and copy data from other websites. They can disguise themselves as innocuous search engine crawlers as they scan content, but these search bot imposters steal content without the knowledge nor permission of the website owner.
In contrast, legitimate search engine bots declare themselves using user agent strings (e.g. robots.txt, googlebot). Google or Bing use bot crawlers to index content for the primary purpose of improving search engine results for end-users.
Types of Scraped Web Content
Scraped web content is a diverse category that includes written copy, images, HTML/CSS code, metadata, and e-commerce data. The attacker repurposes this content in exploitative ways:
- Republishing copyrighted television shows or paywalled news articles
- Syndicating blog posts to steal SEO value and organic traffic
- Gathering product pricing or inventory data to gain a competitive advantage
- Compiling contact information to sell to other businesses as sales targets
- Stealing HTML code to build a fake branded website as part of a phishing scheme
Account Takeover (ATO)
Data breaches often result in large dumps of user credentials becoming available and sold on the dark web to threat actors. Then, attackers use automated bots for account takeover fraud (also called credential stuffing attacks), meaning they rapidly test usernames and passwords in the authentication flows for consumer sites.
Once valid user credentials are found, threat actors take over website accounts and lock out legitimate users. Attackers take personally identifiable information (PII) and stored payment methods from those accounts to commit all types of fraud—from setting up new credit card accounts to making purchases with the stored payment information.
Form Submission Abuse
Application programming interfaces (APIs) are the backbone of the modern web enabling organizations to provide access to sensitive data to authorized users in a programmatic manner. As a result, automated bots take advantage of these data pipelines where they are deployed to probe and extract sensitive data from APIs.
Attackers may launch credit card enumeration attacks in order to validate stolen credit cards, perform e-commerce gift card fraud, or even obtain patient healthcare records. You may also see bad actors using Tor attempt to access APIs from countries or geographies where services aren’t legitimately provided or attempt to perform transactions from OFAC countries blocked due to regulatory compliance.
Back to Top