Cyberattacks are expected to be more prevalent than usual during the holiday shopping season.
Artificial intelligence-driven risks pose serious threats to retailers as well as consumers. According to a recent report from Imperva Threat ResearchRetail websites face 569,884 AI attacks on average each day.
One of the most persistent problems is the increase in bad bot traffic. It has risen by 58% over the last year. Imperva’s study reveals that evasive bots account for 70% harmful traffic to retail websites, which is much higher than the other 51%.
These bad bots employ sophisticated tactics including changing IP addresses randomly, using anonymous or resident proxies, imitating the behavior of humans, delaying requests and even bypassing Captchas. They can fly under the radar with their “low and slowly” approach, which allows them to execute damaging attacks using minimal requests.
“This approach minimizes the ‘noise’ typically generated by bad bot campaigns, making them harder to detect,” Gabriella Sharadin, content manager for Imperva’s Threat Research Unit, told the E-Commerce Times.
AI-Powered Bots Increase Cyber Risks During the Holiday Season
Cybercriminals use AI-driven tools to intensify their attacks and increase the sophistication of their attacks. Online retailers must be prepared for AI-driven threats such as bots, DDoS attacks, API violations and business logic abuse.
Nanhi Singh is the GM for application security at Imperva. She told the E-Commerce Times that while cybersecurity threats are an issue all year round, they are even more prevalent during the holiday season when retailers experience record-breaking sale.
She said that cybercriminals use generative AI tools, large language models, and limited-time promotional offers, as well as gift cards and loyalty point stored in customer accounts, to take advantage of the increased volume digital transactions.
Retailers Need Comprehensive Defense Strategies
Singh suggested that retailers adopt a defensive approach to address these threats and allow them to respond quickly, without disrupting customers’ shopping experiences. If retailers don’t have robust defenses in place, they risk being subjected to a storm of AI-driven threats that can disrupt operations, compromise data, and harm their reputation.
Imperva’s research reveals that these attacks are primarily originating from general-purpose AI programs like ChatGPT and Gemini as well as specialized bots created to scrape website data for LLM training. According to an analysis of the attacks, cybercriminals are primarily using AI tools for specific types of threats. These include business logic abuse (43% of attacks), DDoS attacks, bad bot attacks, API violations, and DDoS attacks.
Sharadin warned that successful attacks could lead to identity theft and financial loss. Fraudulent charges and unauthorised account access can negatively affect the shopping experience of consumers.
Preparing for Peak Bot and DDoS Attacks
Bot management solutions are a great way to filter out the bad ones. An anomaly detection software can identify non-human activity in real time, minimizing disruption.
Sharadin said that regular audits can be used to identify vulnerabilities and protect retailers’ online presence.
Retailers need to ensure that their infrastructure is ready to handle the increased traffic, without compromising performance. They can do this by using servers with scalable capacity.
A content delivery network can be used to better distribute traffic and implement a queueing system in the waiting room during high-traffic periods. This can help to create a seamless experience for consumers.
“A waiting room controls traffic flow to a site or app using a first-come-first-served approach, which prompts a fair experience for legitimate users during high-profile events and sale times,” she said.
Preventive Measures
Sharadin recommends that online retailers set a baseline of expected API behavior including traffic rates, user geography, and API abuse to be able to defend themselves against automated applications.
“This helps detect anomalies like unusual spikes in traffic on rarely used APIs, like ‘write’ APIs, which push updates to systems,” she explained.
Retailers must also know how users are accessing their APIs. Rate limits should be applied by IP address and session in order to prevent abuse. This strategy is particularly prudent when API Keys (a unique code to authenticate an user) are concerned.
Sharadin continued, “Retailers must maintain a log of all user activities to allow their developers and security team to monitor traffic logs. This makes it easier to identify and investigate malicious bot activity.”
Learn the Signs of Safety
Cyber security is not just the responsibility of the retailer. Cybercriminals use AI to steal sensitive information from shoppers, including credit card numbers, addresses and account details.
Users must be able to identify abnormal behavior on their online accounts and websites. Accounts that are compromised will show the following signs:
- Unusual Devices or Activities: Be cautious of transactions that seem unfamiliar, such as messages, purchases or posts made from unauthorised devices.
- If you have a locked account or a password change, please contact us. If you are unable to log in with your password or have it changed by an unauthorized person, this could be a sign of trouble.
- Security Alerts and Unusual Messaging Review the company’s security procedures in case of a breach. Many businesses don’t share security alerts with their customers. Know if receiving alerts about security is a typical practice. Beware of warnings claiming your service provider is announcing suspicious account activity.
- New Account Links You did not create.
Sharadin says that generative AI has become a double-edged blade in cybersecurity. It is a powerful tool for threat defence, but also assists cybercriminals to launch more sophisticated threats.
She summarized that “AI-powered threat can automate phishing campaign, create convincing fake identity, and adapt in the real world to bypass security defences.”
It means ecommerce businesses will face more persistent and advanced attacks that target vulnerabilities precisely and enable fraud without detection.