Automated Threats Account for 62% of Retail Cyber Attacks

A cyberattack can be a huge setback for a retail enterprise, and such malicious actions have turned out to be some of the biggest business risks for companies throughout 2022. Analysts at Imperva Threat Research conducted a year long review wherein they took a close look at the cyber threat landscape for retail organizations. It turns out that 62% of the threats that such companies faced were automated, and that suggests an increasing threat level that corporations need to be aware of.

Automated threats come in a lot of shapes and sizes. They include Grinch bots, web scrapers, DDoS attacks, account takeovers and many more. With all of that having been said and now out of the way, it is important to note that around 40% of all online traffic comes from bots. That can make these automated threats harder to detect than might have been the case otherwise.


Online retailers have seen a tenfold increase in the proportion of attacks that were conducted through frameworks designed to preserve anonymity. Last year the proportion was just 3.5%, but this year it jumped to just under 33% with all things having been considered and taken into account.

Other industries have also been facing an increase in automated attacks, but they still only comprise 13.6% of attacks in total. Bad bot traffic sees a huge uptick during the Christmas shopping season because of the fact that this is the sort of thing that could potentially end up catching unaware shoppers. That might be a factor that puts retailers at higher risk of automated threats.

DDoS attacks can bring a site down for the better part of a day, with some lasting upwards of 13 hours. That can be disastrous on a day like Black Friday when retailers are trying to maximize volume of sales. There has also been a huge increase in API attacks, with them going up by 35% in the span of a single month in October. The holiday season is starting to become a particular sore spot for retailers, and malicious actors using automated attacks are largely to blame for this.

Read next: New data reveals there’s been an influx of cybersquatting scams in 2022
Previous Post Next Post