Threat Use Case: Cart Fraud

Learn all you need to know about email best practices, deliverability, and tools with email whitepapers and ebooks.

Issue link: https://hub.dyn.com/i/1092211

Contents of this Issue


Page 0 of 2

@dyn dyn.com page 1 @dyn dyn.com page 1 Threat Use Case: Cart Fraud Cart fraud is a type of cyberattack where bots make online products and services unavailable in an attempt to increase prices or otherwise drive customers away. Cart fraud, also known as cart stuffing, is a serious problem in the travel industry, but it can affect any online retailer. Competitors may commit cart fraud to gain an advantage, or, less frequently, cybercriminals may launch cart stuffing attacks simply to hurt a company's bottom line. The bots used in cart fraud are examples of impersonator bots— machines whose behavior closely resembles that of humans. For that reason, they are difficult to identify and defend against. Retailers, travel companies, and other potential victims need advanced web application security capabilities to protect themselves from this threat. How Cart Fraud Works Nearly all e-commerce websites rely on some sort of shopping cart system. Customers browse the products and services for sale and click on those that they want to buy, which adds them to their cart. Once they are done shopping, they check out and pay for the items in the cart. But most websites take items out of their inventory when they are added to a cart, not when they are actually purchased. This opens the door to cart fraud. By using bots to add items to carts en masse—but not actually purchasing any of those items—attackers can artificially deplete a site's inventory, leaving customers looking elsewhere. The airline industry is one of the most frequent victims of denial- of-inventory attacks. Why? Because the prices of plane tickets automatically rise and fall according to the principles of supply and demand, so a significant drop in supply—regardless of whether it's real or not—can have major consequences on pricing. When an airline falls victim to cart fraud, flights may appear to be sold out when they really aren't, and the tickets that are still available will be priced abnormally high. Customers who visit the airline's site looking to book flights will likely leave for a competitor's site instead.

Articles in this issue

view archives of eBooks - Threat Use Case: Cart Fraud