How bad bot traffic hurts luxury brands: the top 5 automated threats in the luxury industry.

Credential stuffing Scraping

For a long time, luxury brands were hesitant to sell their products online. It’s easy to understand why. If you’ve carefully built a premium brand, you want to protect it. The Internet environment is difficult to control, and it’s hard to recreate the experience of buying a quality product in a shop. Many consumers were also reluctant to make high-value purchases online.

This has now all changed. At €281 billion in 2019, the market for personal luxury goods has never been bigger. Online sales account for a lot of that growth, as consumers have become comfortable spending money online. If anything, they have come to expect that they can go to your website and buy your products.

Unfortunately, the Internet still presents some real risks for luxury brands in the shape of bad bots. Left unchecked, bad bot traffic can cause serious damage to your bottom line and even to the future of your company.

In this article, we look at five of the most dangerous bot threats that luxury brands must be aware of—and how you can stop them.

1. Scalping

People buy luxury products because they’re exclusive: part of the appeal is that not many other people have them. That’s why you want to control who sells your products online. You either sell directly to the consumer, or through trusted partners. In both scenarios, you control the price and, either fully or to a degree, the user experience.

Enter scalper bots (also known as grinch bots). These are malicious bots that buy up your in-demand goods faster than any human can. When you release a new product or hold a special event, they position themselves at the front of the queue and buy as much as they can within seconds. Once acquired, the coveted products can be sold on gray markets, often with a solid markup.

Bots were buying products with very limited availability and reselling them on third-party platforms. It created a lot of frustration among our existing customers, who couldn’t acquire them through the normal route. It also created a brand issue, because these unhappy customers were complaining on social media. And it created problems for our local subsidiaries, who had to try to explain what was going on.

N.N., Technical Product Manager at an international luxury goods and jewelry brand

Your loyal customers end up not getting the products they want, and you lose control over the purchasing experience. You can protect your brand somewhat by working together with known gray markets to cancel sales of your products there, but that’s a labor-intensive, imperfect solution at best.

Instead, a much more effective countermeasure is a specialized bot detection solution that stops scalper bots before they even hit your website. Not only will this stop them from scooping up your products before real consumers; they won’t even be able to monitor your website for new releases or special events coming up.

2. Scraping

As a luxury brand, you obviously don’t want counterfeit products flooding the market. Counterfeit products cause loss of revenue, damage your brand identity and, in some cases, fund organized crime. But if you let scraper bots or ticket bots freely roam your website, you are making life easier for counterfeiters.

Scraper bots steal content from your website to create mirror sites that look nearly identical to yours. Those websites are set up to steal the consumer’s personal information (like credit card details) and/or to sell counterfeit products, all on the back of your brand’s name. Because they often offer extreme discounts, mirror sites can end up being quite popular and rank highly on search engines too.

Advanced bot mitigation software can detect which of your website visitors show signs of web scraping in real time. Once it detects such signs, it will immediately and automatically block them from access. No more content theft.

3. Credential stuffing and account takeover

People who purchase luxury goods are juicy targets for hackers. That’s why luxury brands need to take extra care to prevent credential stuffing and account takeover attacks.

In credential stuffing attacks, bots test known usernames and passwords (typically sourced from data breaches) into your login pages to find valid credentials. Credential cracking are similar, but use automated brute-force password guessing tools. The purpose is to take control over your customers’ accounts in order to make fraudulent purchases or commit identity fraud.

Account takeover attacks can lead to data breaches with very serious consequences. And even when they are unsuccessful, they can generate significant traffic spikes that will cause your website to load slowly or even crash.

Advanced account fraud protection software stops those bots from ever accessing your login pages by identifying suspicious behavior using fine-tuned signals. All this should be done automatically, so your technical team doesn’t need to spend time actively fending off malicious visitors.

4. Card cracking

Consumers lost $24.26 billion to payment card fraud globally in 2018. Scraper bots and account takeover attacks can give cybercriminals access to your customers’ payment information. Those details, even when they’re incomplete, are then sold to the highest bidder on the dark web.

Once that’s done, hackers use bots to test the stolen card data against your payment process. Using fake accounts, they will try to buy your goods with those stolen card details. Typically, this happens when many people are shopping online, in the hopes that you won’t notice any suspicious activity. They also tend to start with small purchases to test the account balance.

Suffice to say you don’t want this to happen to your buyers, and should prevent fake account creation at all costs. Efficient bot protection technology will prevent bots from collecting sensitive data in the first place. And even if they have found such stolen data elsewhere, they won’t be able to access your website to purchase products with stolen credit cards.

5. Advertising fraud

Another bot threat that’s a little harder to control is the traffic you receive from your publishing partners. Cybercriminals have created bots that specifically target your ads on various websites, clicking them without the intention of buying anything and costing you money. When done en masse, this can cost you a significant amount of money for no extra revenue.

Ad fraud is harder to control, because you might not have the final say over how your publishing partners protect themselves against bots. However, it’s in their best interest that they do. After all, while this type of bot threat might not directly impact their bottom line, protecting themselves properly against bots will keep the relationship with their advertisers (i.e. you) top-notch.

The right ad fraud protection solution should be able to identify malicious traffic and fake clicks easily, so you can ensure you’re only paying for real traffic.

How DataDome can help luxury brands

Protecting yourself against bots is vital to protect your brand and to prevent counterfeiting. DataDome blocks all the bot threats described above. The best part? You can try it for free for 30 days!

Click the button below to set up the trial at your own pace (which takes less than an hour) or to request a demo. Use it to observe your bot traffic in real time and figure out how you can keep your brand identity secure.