What is

BOT DETECTION?

Bot detection can help companies in every industry save money by protecting against sophisticated bots perpetrated by cybercriminals. Learn what it is and how to get protected.
Human-Bot Detection-Header Image
Bot detection is the use of expert technology to decipher real humans from bots. Because bot traffic is so prevalent—accounting for nearly a quarter of all internet traffic, with four of five bots believed to be controlled by bad actors—using bot detection to protect against online threats has become vital for companies in any industry. Bot management ranks as a top-3 priority among cybersecurity leaders, according to Enterprise Strategy Group. Although bot detection saves companies time and money, less than half of cybersecurity leaders say they have solutions in place to properly fight back.

Why is bot
detection important?

Here’s the difference between good bots and bad bots, and why bad bots cost companies money.

Bots are not always bad; some companies use them to power things like search engines and anti-virus software, allowing the internet to flourish in its current form. While these “good bots” are generally encoded in ways that make them easy to detect, bad bots have become increasingly sophisticated and capable of skirting traditional detection methods, costing companies money.
Human-Bot Detection-Bad bots
Today’s bad bots are not created by individuals looking to do short-term damage. Rather, they’re backed by cybercriminal networks dedicated to defrauding companies. They’re built to mimic humans and are capable of swiftly evolving to evade detection. To the human eye, and even many simple bot detection software programs, today’s bot activity can be indistinguishable from human behavior.
Sophisticated bots require sophisticated bot detection, allowing organizations to not only identify and parse out human traffic from that created by bots, but to stay ahead of evolving threats. Bot detection becomes even more important within emerging ecosystems such as Connected TV (CTV) where, as the market has exploded for advertisers, ad fraud fueled by a range of advanced bots has followed the spending.
Human-Bot Detection-How does bot detection save money@2x

How does bot detection
save money?

Learn about the specific threat models fraudsters use and how detecting bad bots can keep more money in your pocket.

Cybercriminals are increasingly getting in the way of how companies conduct digital business. If allowed to prosper, malicious bots can defraud companies and impact the bottom line.

For instance, they employ sophisticated attacks on digital marketing across every stage of the funnel, mimicking human engagement in marketing to monetize fake clicks on paid ads and search results, fake site traffic and form fills, and retarget bots. Sophisticated bots also defraud companies with tactics like credential cracking and stuffing that can lead to wire transfer fraud and costly theft of sensitive data.

The result is costly for companies that don’t get serious about implementing advanced protections that go beyond CDNs and WAFs.

 

A couple of the specific threat models fraudsters use include:

  • Inventory hoarding: A cybercriminal makes a fake website that attracts an advertiser, programs bots to create impressions—i.e., clicks—on the company’s ads, and then, once on the company’s website, creates accounts to buy inventory of certain products. Those products are then resold at a higher price, meaning the fraudsters win multiple times during the scheme.
  • App spoofing: A fraudster designs a simple mobile app, such as a calendar app, but deploys a sophisticated bot to replicate another highly regarded, highly trafficked app. The app attracts advertisers who don’t know the difference and won’t get any real human impressions, only useless bot clicks.
This sort of automation software can defraud companies out of significant money, cause poor ROI on their marketing and advertising spend, and hurt their reputation among their customers. With bots eating up impressions without providing business benefit, companies have to spend more money for an equal return, as NightDragon founder and managing director Dave DeWalt explains:
Human-Bot Detection-Bot detection in action@2x

What does bot detection look like in action?

It takes sophisticated technology to detect sophisticated threats and fight back, as demonstrated by two recent and severe instances of botnets.

PARETO

The PARETO botnet accounted for an average of 650 million daily bid requests, as 29 Android apps spoofed more than 6,000 CTV apps. The botnet spread across nearly a million infected Android phones—and involved a similar operation within the Roku Channel Store—as PARETO operators spoofed Roku players, Apple TVs, Amazon Fire TV Sticks, LG Smart TVs, and Google Chromecast players.

 

Solution
HUMAN developed algorithms to protect customers and partners from PARETO attacks, worked with device manufacturers impacted by PARETO to develop new standards that will make it a lot harder to successfully run such operations in the future, and worked with Google Play Store and Roku Channel Store to get the apps taken down.

TERRACOTTA

During the final week of June 2020, a family of Android apps distributed a new ad fraud botnet that found its way to 65,000 devices, spoofing over 5,000 apps and accounting for more than 2 billion bid requests. How? By enticing downloads with a simple—and fake—offer: download the app, enter a few details, and receive a free pair of shoes.

 

Solution
HUMAN’s Satori Threat Intelligence & Research team identified the attack and has been actively defending against it, in collaboration with Google, since late last year. HUMAN customers today are fully protected against TERRACOTTA.

What is HUMAN’s approach to bot detection?

HUMAN’s bot detection technology prevents losses and improves the digital experience for real humans.

HUMAN uses a unique modern defense strategy and privacy-sensitive code to verify the humanity of sophisticated bots, working with speed and accuracy across applications, growth marketing, and digital advertising. We verify more than 15 trillion digital interactions around the world each week.

By simply installing a line of code on your website, HUMAN can show you the difference between human and bot traffic patterns. A closer look at our offerings:

MediaGuard

Prevent bots from affecting your inventory quality, harming platform reputations, and stealing from advertisers.

BotGuard for Growth Marketing

Lower costs and boost digital marketing performance by preventing bot traffic from entering ad targeting systems, CRM, and downstream marketing systems.

BotGuard for Applications

Lower fraud loss and preserve customer trust and experience by mitigating credential stuffing, credential cracking, account takeover, account creation fraud, payment fraud, and content and experience abuse.

Human-Bot Detection-What is humans approach

Read this next: