Seattle Coffee Gear is an omnichannel retailer with a simple mission: helping consumers find the right coffee and equipment to make coffee they love at home. Intensive web scraping and card cracking attacks were hitting the online store, slowing it down for real customers and generating excessive payment and infrastructure costs. By automatically blocking attacks before they hit Seattle Coffee Gear’s servers, DataDome helps the IT team save time, reduce costs, and deliver a stellar user experience.

We’re really happy with DataDome. Most of the time, we don't even have to think about it. But in the rare instances when something has come up, support has been timely and extremely helpful. I genuinely recommend it.

Chris Moses, IT Manager, Seattle Coffee Gear

The Problem: Bot Traffic Inflates Costs & Degrades the User Experience

Seattle Coffee Gear’s IT Manager Chris Moses is in charge of website direction, project management, and all things security. When he joined the company in May 2021, one of the first issues he faced was load on their main websites.

“We were using Cloudflare to mitigate some security risks, but occasionally we’d still see very high transfer rates and excessive bandwidth use that Cloudflare was sometimes detecting, sometimes not,” he says. “While we never have actual downtime, customers could get timeouts, or would be unable to place items in their carts, for example. For an e-commerce platform, it just wasn’t a great user experience.”

Bots were causing other serious worries too: the e-store was regularly hit by carding attacks. Fraudsters were testing credit card data stolen elsewhere against Seattle Coffee Gear’s payment funnel, often in distributed attacks using thousands of different IP addresses from multiple countries. These attacks would result in a large number of declined transactions, generating extra billing from Seattle Coffee Gear’s payment partners.

“Our mitigation efforts were very manual and time-consuming,” says Chris. “We’d have to go through Cloudflare and do the usual whack-a-mole of trying to block individual IP addresses. We did have a couple of region blocks for the worst offenders, but people obviously use geo proxies these days, so that defense can only do so much.”

After a particularly tiresome week of constant bot attacks, Chris and his colleagues decided that enough was enough. They started to look for a third-party solution that could help them put an end to their bot issues. In their search, they had three key priorities:

“We wanted something automated that we wouldn’t have to micromanage every day ourselves,” Chris comments. “We also wanted a good support structure, which could come in and help us leverage other companies’ experience, instead of us having to design our own protection environment. Finally, it had to be affordable for us; some tools are so expensive that we wouldn’t have saved anything compared to mitigating things ourselves.”

The Solution: Automated Scraping & Card Cracking Protection

DataDome seemed to check all the boxes, and the team decided to run a proof of concept. Setting up the solution was extremely simple.

“It was done in minutes,” Chris confirms. “It wasn’t a project, it was a task.”

In free trial mode, the DataDome solution doesn’t block or otherwise interact with the website’s traffic, but it analyzes every request and displays the results in a detailed dashboard. 

The trial confirmed that DataDome detected bots that Cloudflare missed, including a carding attack that spurred the team to quickly turn the switch from monitoring-only to mitigation.

Seattle Coffee Gear Carding Attacks During Free Trial

Multiple carding attacks were observed during the free trial.

“We already knew that we had bots, of course, but in the DataDome dashboard we were able to see a lot more clearly what was going on,” says Chris. “It’s also a great tool for managing traffic. As a company, we do a lot of things that look like bots to our own servers. Being able to see those and manage that traffic, not just at an IP level but at a process level, is really cool.”

The Results: Higher Performance, Lower Costs

Since they activated the DataDome protection, frustrating slowdowns and excessive transaction fees are no longer issues for Seattle Coffee Gear.

“The best part is that it’s automatically managed,” Chris attests. “I’ll get emails saying ‘Hey, there’s a scraping attack going on, but don’t worry, it’s being mitigated.’ I’ll do a quick check just to confirm that everything looks good, and then we can move on.”

Another benefit is the useful insights into many aspects of the company’s web traffic provided by DataDome’s dashboard. 

“We actually use it all the time, even to analyze our legitimate traffic,” says Chris. “For example, we recently re-hosted from one infrastructure to another, and one of the things we did was to look at the information in DataDome to get a sense of what normal traffic looks like so that we could scale correctly.”

Around Black Friday last year, the online store was hit by a DDoS attack. Fortunately, both Cloudflare and DataDome correctly flagged it, but the IT team still decided to commission a security assessment to ensure there were no lingering issues.

“We gave the assessors access to DataDome, so they could go in and look directly at what kind of traffic we received. In their report, they applauded our security standards. Having DataDome in particular had really helped determine exactly what happened during that event, and probably reduced their investigative time by half. So it actually saved us some money there,” he smiles.

Summing up the experience, he concludes: “We’re really happy with DataDome. Most of the time, we don’t even have to think about it, but in the rare instances when something has come up, support has been timely and extremely helpful. I genuinely recommend it.”