Bot-Driven Threats During 2023 Holiday Sales: How to Protect Your Brand

Kasada Research Team
Nov 30, 2023


The holiday season is here, which means merchants need to be vigilant against the rising tide of automated attacks. Kasada provides valuable insights into the prevalence and sophistication levels of these bot-driven threats during holiday sales, underscoring the importance of proactive measures to protect your business.

Insights from the Bot Trenches

Kasada processes billions of traffic requests across various industries each month. Over the past 90 days, approximately 20% of traffic requests were identified as bad bots,. The breakdown of sophistication levels among bad bots reveals that 40% were highly sophisticated, utilizing advanced tools like Puppeteer Stealth, while 36% demonstrated a medium-level of sophistication, and 24% operated at lower levels of sophistication, employing simple cURL commands for HTTP requests to mask signs of automation. Here are the attack trends we observed in the months prior to Black Friday.

Bot Attack Trends

1. Sophisticated Scalper Bots Hit New Levels

Scalpers have emerged as the most prevalent and sophisticated threat leading up to the Cyber Five weekend. According to Kasada's findings, there has been an alarming 350% increase in scalper bot requests. This surge peaked during early to mid-October, coinciding with the onset of holiday sales.

Interestingly, the tactics employed by scalpers evolved during this period. Initially relying on methods like fake browser attacks, these bots transitioned to more advanced tools, such as Puppeteer Stealth. This shift in strategy underscores the adaptability and ingenuity of automated threats during the holiday season.

2. Fraud Attempts Spiked in November

In early November, Kasada recorded a significant spike in login abuse and fraud attempts, marking a 100% increase from the previous week. What sets these attacks apart is their relative simplicity, employing low-level sophistication to opportunistically breach defenses.

3. Increase in Gift Card Fraud

As holiday shoppers eagerly engage in virtual gift-giving, malevolent bots are unwrapping a devious gift of their own — gift card fraud. From October to November, there was a steady uptick in bot-related gift card fraud attempts, constituting 15% of traffic requests. Surprisingly, these mischievous bots prefer low-level sophistication, avoiding the elaborate methods seen in highly sophisticated attacks..

4. Fake Account Creation Peaked in October

The beginning of October saw a substantial spike in fake account creation attacks, utilizing high levels of sophistication. This peak represented a 3.4x increase from the week prior.

5. Automated Checkouts Surge

Kasada's threat intelligence team observed a significant increase in successful automated checkouts, peaking around mid-October with an over 8.5x surge over a three-day period. This spike in activity highlights the importance of robust security measures during critical shopping periods.


Retail Industry Insights

Within the retail sector, the percentage of bot traffic increased from 20% to 36.7%. The attacks on retailers, particularly those utilizing the highest level of sophistication, spiked around mid-October. These bot-driven attacks were primarily scalpers, scrapers, and groups creating fake accounts in the masses.


Keeping Your Site Safe from Automated Fraud

Bot operators are opportunistic, always seeking the path of least resistance. The allure of holiday sales serves as a powerful motivator for fraudsters, making it imperative for merchants to fortify their defenses. Implementing a robust bot mitigation tool or enhancing existing measures is crucial to deter fraudsters and protect against large-scale attacks.

Steps to Protect Your Business

  1. Invest in Advanced Bot Mitigation Tools: Upgrade your existing security infrastructure with advanced bot mitigation tools. These solutions can effectively identify and thwart sophisticated attacks, such as those orchestrated by Puppeteer Stealth. Kasada helps organizations predict & prevent bot-driven abuse and fraud through its bot defense and attack prediction services. With an unmatched understanding of the human minds behind the bots, Kasada helps customers keep their brand, customers, and business logic safe from automated threats.
  2. Monitor Unusual Activity & Traffic Spikes: Keep a close eye on traffic patterns, customer paths, and transactions, particularly during peak periods. Implement monitoring systems to detect unusual patterns or spikes in activity, enabling timely intervention against potential fraud.
  3. Anticipate Attacks and Online Fraud Before They Occur: Stay vigilant for early warning signs of attacks, including defense testing and chatter monitoring. KasadaIQ for Fraud collects millions of data points to pinpoint early warning signs and aids in analyzing previous attacks. You can get a free KasadaIQ snapshot for your company here.
  4. Educate Your Team & Work Across Departments: Automated attacks are a rising cybersecurity concern that affects many facets of a business. Educate teams across the organization on the latest threats and best practices, empowering them to recognize and respond effectively to potential security risks. Foster an environment that enables cross-departmental collaboration to identify and tackle common challenges from the outset.

Conclusion: Ensuring a Secure Holiday Season

By implementing these steps, merchants can significantly reduce vulnerability to automated attacks during the holiday sales period, ensuring a secure and seamless shopping experience for customers. Safeguarding businesses from the evolving landscape of bot-driven threats is not just a priority; it's a necessity.

Company Description: Kasada has developed a radical approach to defeating automated cyberthreats based on its unmatched understanding of the human minds behind them. The Kasada platform overcomes the shortcomings of traditional bot management to provide immediate and enduring protection for web, mobile, and API channels. Its invisible, dynamic defenses provide a seamless user experience and eliminate the need for ineffective, annoying CAPTCHAs. Our team handles the bots so clients have freedom to focus on growing their businesses, not defending it. Kasada is based in New York and Sydney, with offices in Melbourne, Boston, San Francisco, and London.

Contact Us: For more information, please visit and follow us on LinkedIn, X, and Facebook.


Blue-tinted background of a man watching a webinar

Host a Webinar with the MRC

Help the MRC community stay current on relevant fraud, payments, and law enforcement topics.
Submit a Request

Publish Your Document with the MRC

Feature your case studies, surveys, and whitepapers in the MRC Resource Center.
Submit Your Document

Related Resources

Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.