Ramadan is one of the most celebrated events in the UAE, and with it comes a surge in online shopping as people look for the best deals and discounts. However, with the increased online activity comes the risk of cyberattacks, and experts are warning of a potential rise in malicious activity during the Ramadan season.
According to recent research by Qrator Labs, a leading DDoS attack mitigation company, bot activity on e-commerce websites during holiday sales periods increases by an average of 45%, and this trend is likely to continue during Ramadan.
The study found that during the Ramadan period, bots are more likely to enter retail sites under a unified client account and register new accounts en masse for sites offering bonus programs. They also operate within a customer's basket, steal accounts with active bonus programs, and change customer details like their delivery address.
Furthermore, retailers possess a lot of consumer data, which could be leaked, traded, or sold on the dark web, causing customers and businesses to be at risk. Qrator Labs warns that bot attacks can distort key business metrics, subvert marketing campaigns across websites and mobile applications, and lead to slow site operation or unavailability.
Bots are autonomous virtual programs that operate as program or user agents or are created to simulate human activity. Malicious bots have illegal purposes and can be programmed to hack user accounts and are capable of causing vast amounts of damage.
Here are some key takeaways:
- 95% of analyzed bot traffic shows that they enter retail sites under a unified client account (a mechanism that allows them to use the same email & password). They also try to register new accounts en masse for sites offering bonus programs and will oftentimes operate within a customer’s basket.
- Accounts with an active bonus program are stolen by hackers, especially those that are used 1-2 times a year, have been recently registered, or lost.
- In the UAE, old accounts can fall into the hands of hackers, and when that data is leaked, bots leverage that information to gain account access 1-2 weeks before sales, in order to change customer details like their delivery address.
To protect against cyber threats during Ramadan, experts recommend that businesses make proactive behavioral analyses, use security services, and implement predictive algorithms to stop bots. Ordinary users can also enhance the security of their accounts by changing their passwords regularly, using different passwords for e-commerce websites, setting two-factor authentication, and regularly verifying account logins through their devices.
“High bot activity can overload websites, consumers might not be able to make purchases, and as a result, it could lead to customer churn. The problem may lie deeper than most think. A business has to mitigate risks in any season, but especially during the holiday sales period, when website traffic increases due to ordinary users and is strengthened by malicious bots. It can be avoided if businesses make proactive behavioral analysis, use security services, and implement predictive algorithms to stop bots.” - says Maxim Beloenko, Sales Global VP, Qrator Labs
In conclusion, as the UAE prepares to celebrate Ramadan, it's important to remember the potential risks associated with increased online activity. By taking the necessary precautions, businesses and individuals can protect themselves from cyberattacks and enjoy a safe and secure shopping experience during this festive season.
Qrator Labs is an acknowledged expert in Continuous Network Availability offering various Network security services to ensure safe Internet and continuous DDoS mitigation for businesses worldwide. Qrator Labs' unique anycast architecture provides a reliable geo-distributed, low latency web app protection platform across North and South America, Europe, the Middle East, and Asia with a filtering bandwidth capacity of more than 3 000 Gbps and 15 points of presence around the world.
Due to continuous R&D activities and improving filtering algorithms, Qrator Labs can detect and mitigate architecturally complex, non-standard, large-scale attacks and network anomalies.
The company offers a wide range of network security services, including Qrator Availability Network continuous availability network, Web Application Firewall (WAF), CDN, secured DNS, protection of ISP Internet infrastructure, and Bot protection. Qrator.Radar is a unique global Internet monitoring system developed by the company, which provides real-time data on over 800 BGP sessions.