Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceCybersecurity NewsRetail/Restaurants/Convenience

The cybersecurity impacts of bots on e-commerce in 2022

By Security Staff
online shopping

Image from Unsplash

November 4, 2022

A range of cybersecurity threats — including account takeover (ATO), credit card fraud, web scraping, API abuses, Grinch bots, and distributed denial of service (DDoS) attacks — were a persistent challenge for the e-commerce industry throughout 2022, threatening online sales and customer satisfaction.

The State of Security Within eCommerce 2022 report, a 12-month analysis by Imperva Threat Research, identified cyber threats facing online retailers. The attacks on retailers’ websites, applications, and APIs throughout the calendar year and during the peak holiday shopping season is a continued business risk for the retail industry.

In the past 12 months, nearly 40% of traffic on retailers’ websites didn’t come from a human, the report found. Instead, it came from a bot, software applications controlled by operators that run automated tasks, often with malicious intent. In the retail industry, the infamous Grinch bot is notorious for inventory hoarding during the holiday shopping season, scooping up high-demand items and making it challenging for consumers to purchase gifts online.

Of all the traffic on retailers’ websites, nearly one-quarter (23.7%) was attributed specifically to bad bots, malicious automation that contributes to online fraud. The proportion of advanced bots — scripts that use the latest evasion techniques to mimic human behavior and avoid detection — on retail sites grew over the prior year (from 23.4% to 31.1%). Advanced bots are a considerable challenge for organizations to stop without the right defenses in place. 

In 2021, bot-related attacks on retail sites grew 10% in October and grew another 34% in November, suggesting that bot operators increase their nefarious efforts around peak holiday shopping periods. In 2021, 64% of ATO attacks used an advanced bad bot. Of all login attempts on retail websites, 23% were malicious, nearly twice the volume of recorded on sites across other industries. Attackers used leaked credentials 95% of the time in credential stuffing attacks targeting retailers, compared to 70% of the time in other industries.

For more report information, click here.

KEYWORDS: credentials cyber security threat DDoS e-commerce fraud holiday shopping retail cyber security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Security Leadership and Management
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Career Intelligence
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Officers at an event

The 2026 FIFA World Cup Will Test Security Operations Like Never Before

Colorful laptop

Organizations Think They Know Who’s Visiting Their Sites. They Don’t.

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Glasses in front of coding on screen

5 Ways Quantum and AI Will Rewrite the Rules of Cyberattacks

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • ecommerce

    6 e-commerce cyber fraud challenges in 2022

    See More
  • cyber-security-freepik1170x658x697.jpg

    The new narrative: Cybersecurity in 2022

    See More
  • bots-freepik1170x658.jpg

    Why scalper bots will be your worst security nightmare in 2022

    See More

Related Products

See More Products
  • The Database Hacker's Handboo

  • 9780367030407.jpg

    National Security, Personal Privacy and the Law

  • Physical Security and Safety: A Field Guide for the Practitioner

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing