Study finds US generated 10 times the number of bot attacks compared to China, the second highest source during the 2022 holiday season.

DataDome, the global leader in advanced bot and online fraud management, today released its inaugural “E-Commerce Holiday Bot & Online Fraud Report” which analyzes bot traffic during fraudsters’ busiest time of year—the holiday season. The study identifies and quantifies the proliferation of bots by aggregating and analyzing traffic data of more than 110 billion requests made in Q4, 2022 across a range of e-commerce sites and mobile apps protected by DataDome.

“During flash sales events such as Black Friday and Cyber Monday, e-commerce platforms typically face at least five times—and sometimes up to 30 times—more bot attacks than on normal days,” said Benjamin Fabre, CEO & Co-Founder of DataDome. “As bad bots become more sophisticated and difficult to thwart, staying ahead of them is imperative. This holds true particularly during flash sales and the busy holiday season, when the impact of these attacks is maximized.”

DataDome analyzed the website, mobile app, and API traffic of e-commerce businesses it protects across the clothing, footwear, ticket, and electronic retail verticals, among other companies located in the United States, Europe, Australia, and Asia. Key observations from the report include:

  • The United States was the #1 direct source of bot attacks. The US generated 10 times the number of bot attacks compared to China, the second country of origin for the most bot attacks against online retailers and e-commerce platforms during this period. Attackers tend to choose IP addresses/proxies located in the same country as the website they target in order to appear more human and bypass traditional geo-blocking techniques. Many of the e-commerce sites DataDome protects are in the US, which helps explain why so many attacks appear to have originated from the US. 
  • E-commerce bots are becoming increasingly sophisticated in their ability to mimic human behavior and bypass basic security tools. The availability of high-quality proxies has made it easy for attackers to leverage IPs from the home location of their target business. And attackers paid premium prices for ISP proxies, proving both the increasing ROI of online fraud, especially scalping, around Black Friday and other limited sales, and the effectiveness of ISP proxies in helping cybercriminals avoid detection by more basic bot mitigation tools and web application firewalls (WAFs).
  • 98% of the attacks were from scraping and scalping bots. Numbering in the billions, scraping bots, considered a gateway automated threat that often leads to more aggressive and damaging attacks, were used to test the availability of products and target the limited infrastructure resources during the busy holiday season. Scalping attacks followed, as fraudsters tried to snag as much inventory as possible to resell for profit later.
  • Some industries saw more impact than others. Industries that saw the most bot traffic include clothing & footwear and electronic goods—especially hot ticket items, such as gaming consoles and luxury or limited edition merchandise. The biggest attack DataDome observed in Q4 2022 targeted a large US retailer with ~66M malicious bot requests in less than two hours. 

“Fraudsters are getting easier access to more sophisticated bots and technology every day. As the ease and ROI of online fraud increase, so do the frequency and intensity of bot attacks,” said Antoine Vastel, PhD, Head of Research at DataDome. “Yesterday’s basic bot mitigation measures are no match against today’s evolving threats—especially bots that use ISP proxies and machine learning to mimic human behavior. Now more than ever, it is critical that retailers protect all endpoints from attacks, as threats target the weakest link in their infrastructures.”

DataDome’s Head of Research dives into the report’s findings in a recent webinar recording you can watch now. The full research report, “E-Commerce Holiday Bot & Online Fraud,” is available here

Follow DataDome on Twitter and LinkedIn for regular updates on threat research, customer case studies, and to ensure your bot protection is easy on humans but hard on bots.