9 minutes
Q3 2023

Harmful robots in e-commerce

Have you ever tried to buy a popular product online on the day it was released, but by the time you visited the online store, all you could see was the "not available" sign? In the background, scalper bots have most likely been activated and have snatched up the entire launch stock in no time.

What are picker robots?

Buying robots are essentially malicious programs written to automate online shopping. The attackers are, in most cases, profiteering shoppers who use automated software to take a seat at the front of the virtual queue and then buy large quantities of a product or service as soon as it becomes available.

Types of purchasing robots

  • Monitor bot: the most commonly used type, whose task is to continuously monitor the offer of online shops. As soon as the desired product becomes available, the program either alerts the user or notifies another process that purchases the available stock.
  • Sneaker bot: these bots can now automate the entire purchase process. The name comes from the fact that these bots were originally used to buy limited edition sneakers.
  • Add to cart services: nowadays, picking robots can also be used as a service for less tech-savvy "users". After paying the service fee, you will be sent a link to the online shop where you will only have to enter the details necessary for the robots to purchase the product in your shopping cart and click on the "Order" button.
  • Spinner bot: are considered the next generation of sneaker sticks. These bots take the buying process all the way to the point of adding the product to the shopping cart, and then advertise the reserved goods at a higher price on a secondary website. If the desired profit cannot be realised, the original webshop simply deletes the product from the basket.
  • Account creators: some online shops try to protect themselves against the above-mentioned bots by drawing lots to decide who can buy their limited edition or collector's items. In response, the attackers automatically create thousands of fake users (fake account creation), thereby greatly increasing their chances of winning the lottery.

The targets of the picker robots

This type of profiteering has been around for a very long time, just think of the secondary trading of concert tickets or other tickets. With the rise of e-commerce, the opportunities for buyers have also expanded. Generally speaking target products that are available in limited quantities, are collectors' items or can be resold at a high price. In the USA in particular, it is profitable to trade in limited edition shoes from Nike or Adidas. Collectible toys (e.g. Pokémon playing cards) can also be bought for several times the original price. Today, the most common targets for attackers are new generation game consoles and new generation video cards. The range of products/services is widening. For example, the epidemic situation in the UK last summer led to a surge in demand for outdoor hot tubs, providing another opportunity for buyers. A similar phenomenon was observed when some people started "trading" home delivery times offered by supermarkets.

The emergence of a new industry

It is no exaggeration to say that nowadays the resale activity using sticks has reached industry proportions. More and more professional groups are being created with a high level of technological knowledge, which enables them to influence the trade of more and more products and services. As it is a highly profitable activity, members of these groups are no longer doing it as a hobby but as a full-time job. The services provided by professional groups are also becoming more modern: modular bots, free trial period, pay-per-use fees. In terms of revenue, the resale of tickets and passes reached an estimated $15.9 billion in 2020. Based on sales on E-bay in Q4 2020, it was found that sales of next-generation gaming consoles (Playstation 5, Xbox Series X), next-generation graphics cards (RTX 3000 series and RX 68xx) and AMD processors with Zen3 architecture generated $43.7 million in profit. Reseller activity in footwear has grown spectacularly in recent years, with the total value of the market estimated to reach $30 billion by 2030.

Defending against robotic pickers

In the background, the battle between supermarkets and buyers continues non-stop as the attackers keep changing their methods. In response, they are developing new defences, which they are trying to circumvent with even newer technologies, such as the "arms race" can be seen as endless. From the sellers' side, it is always recommended to have several levels of protection. It is essential to identify products that are very popular and potential targets for buyers, and to exercise increased caution when launching hit products. It is also strongly recommended to have adequate DDOS/WAF (distributed denial-of-service/web application firewall) protection in place. These protections can be complemented by dedicated bot-fighting software that uses artificial intelligence to detect malicious bots. A further layer of protection is the implementation of fraud prevention systems and order verification.

Ezek is
You may also be interested in these!

Let's work
together!

Work
with us!

Send us a message and let us know how we can help you, and our sales team will contact you as soon as possible to discuss the details!

We have an empty table that might be waiting for you! Fill in the form, tell us why you want to be the newest member of the TestIT team and let's get to know each other!

Work with us Work for us