Stop Denial of Inventory and Scalping with PerimeterX

What Are Denial of Inventory and Scalping Attacks?

In denial of inventory attacks, bad actors use malicious hoarder bots to an item thousands of times to a shopping cart over the course of a few days until the item’s inventory is depleted. By hoarding a high-demand product, bots keep it out of stock, annoying customers, taxing your infrastructure and reducing conversions and revenue.

In scalping attacks, cybercriminals unleash automated scalping bots to buy sought-after products, such as limited editions of sneakers, concert tickets, designer clothing or hot toys. They set up fake accounts that browse product pages and execute checkouts to increase their chances of success. Then, after they’ve snapped up your best inventory, it is sold at inflated prices on third-party sites or the black market.

Denial of Inventory and Scalping Show No Signs of Slowing Down

The appetite for limited-edition collectibles is increasing. Today there is a $42 billion global market for selling and reselling sneakers. Unfortunately, for hot product sales, up to 90% of actual checkouts can be non-human. Attackers keep up with the latest technology, using sophisticated bots that impersonate real users and legitimate system behaviors to evade detection. Denial of inventory and scalping attacks are very common in the e-commerce and travel and hospitality industries.

How Are Companies Fighting Scalpers and Hoarder Bots?

Despite the growing sophistication of bots, many retailers still rely on traditional signature-based recognition methods that utilize a static database of known bad bots. This is ineffective because modern bots are quick to morph. Site owners have trouble keeping up with the development of bots due to outdated protection tools so their site remains exposed to these attacks. Sophisticated bots are able to evade detection from web application firewalls (WAFs) and basic bot detection tools by mimicking human behavior.

Case Study

We were very impressed with how responsive the PerimeterX and Fastly teams were to get us this protection so quickly and solve our pain before any real damage was done. Since then, the product has performed exactly as we expected, accurately screening bots but not impacting real users. We don’t worry about bots on the weekends anymore.

Denis IvanovCTO of Shiekh Shoes
Read Case Study

PerimeterX Bot Defender Protects Your Inventory

PerimeterX Bot Defender prevents automated bots from scalping or hoarding your inventory. It detects and blocks malicious bots on your web and mobile applications—in real time—with unparalleled accuracy. By leveraging machine learning to constantly update a library of attack patterns, Bot Defender improves detection accuracy by effectively keeping pace with the quickly morphic modern bots. It also uses behavioral fingerprinting driven by machine learning and predictive algorithms to identify malicious bots and catch them before they wreak havoc on your site with denial of inventory and scalping attacks.

PerimeterX Bot Defender Protects Your Inventory

Bot Defender performs detection out-of-band without adding an additional hop to your user traffic. This out-of-band mode of operations preserves page load performance. The enforcement is done inline and bots are blocked close to the edge, so the web servers can serve traffic from humans.

With Bot Defender, you can detect fake account creation attempts in real time, automatically blocking bots from tarnishing your brand reputation.

© PerimeterX, Inc. All rights reserved.