Bots—software applications that run scripts over the internet—make up more than half of all internet traffic. This creates a major blind spot for IT security teams, as 79% of CISOs and other security leaders said they can’t tell for certain if web traffic comes from humans or bots, according to a recent Radware report.
It’s key to understand that there are good bots and bad bots, said Reid Tatoris, vice president of product outreach and marketing at Distil Networks. “‘Good bots enable search engines to index web content, price comparison services to save consumers money, and market researchers to gauge sentiment on social media, for example,” Tatoris said. These also include chatbots, and search engine and social media bots.
Meanwhile, “‘bad bots are used to conduct a variety of harmful activities, such as denial-of-service attacks, competitive data mining, online fraud, account hijacking, data theft, stealing of intellectual property, unauthorized vulnerability scans, spam, and digital ad fraud,” Tatoris said. These include impersonators, scrapers, hackers, and spambots.
Bad bots are used by many different groups, ranging from organized crime to state actors pushing a political agenda to people trying to make money. But there are ways to tell if your website has been visited by a bot and keep it safe.
Here are five ways to spot a bot.
1. Monitor login attempts
One of the most profitable uses of bots for an attacker is via credential stuffing, the mass-scale automated testing of username and password combinations across multiple websites, according to Patrick Sullivan, Akamai director of security technology and strategy. When successful matches are discovered, attackers use these logins to take over the account for fraud or to resell the confirmed credentials.
One simple step to detect bots is to monitor macro-level success and failure rates of login attempts, Sullivan said. “Regardless of how advanced the bots are and how difficult they are to identify, credential stuffing generates high levels of failed logins,” he added. “Even if fraudsters are careful enough not to trigger account lockouts, they will generate failed logins, which are early warning signs of bot activity.”
2. Check your server logs
Most bots will visit the same website regularly, even several times a day, he said. “If you keep seeing the same IP address pop up on your logs, then the chances are they could be a bot,” he added. You can check the IP addresses, location, and hostname manually, using a website like IPAvoid. If the IP is included on a blacklist or is not a residential address, there’s a strong chance that it’s a bot.
3. Check your email outbox
4. Watch if your website slows down or crashes
“Bots move fast across websites and do so in hoards, so you get a lot of server requests per second, which can overload the system and cause a major slowdown in loading times,” said Tatoris. “The result is that you end up spending more money on server costs for traffic that doesn’t translate into any benefit for your business. In addition, any humans who try to visit your site or make a purchase at a time when the site slows down will typically leave and take their business somewhere else.”
5. Check if your site content shows up elsewhere on the internet
Bots can sometimes copy website content and post it elsewhere without permission, Tatoris said. “The site Copyscape can help you to determine whether or not any of your site information has been posted elsewhere on the internet,” he added. “If you enter in the URL of a page from your website into their search field, they will return any pages that have high percentage matches to the content on the referenced page. While this isn’t a sure fire way of telling whether your content has been copied, it can potentially give you some idea.”
For more information on how to secure your Window 10 pc, click here.