Not all cyberattacks are about capturing private information. Instead, in the case of scraping attacks, the target can often be public data, like product categories, prices, and availability, from an e-commerce portal. Writing for Security Boulevard, Rakesh Thatha, CTO of ShieldSquare, offers a brief primer on how scraping attacks work, and what actions a platform can take to recognize and block these attacks.
With scraping attacks, Thatha discusses three stages, from account creation, to scraping of product categories, and finally the scraping of price and product data. These stages are all supported through exploit kits, intended to assist in evading detection by the e-platform’s security tools.
For protection against these attacks, Thahta suggests tracking highly active users who aren’t making purchases, unusual amounts of traffic on specific product pages, monitoring competitors for price and product matching, and development of tools for identification of bots.
