Login Contact Us
My cart

Why do Bots attack eStores, and how Google Invisible reCaptcha can help

Jan 25, 2018
by Sveta Oksen
Magento Tutorials

Ecommerce websites can suffer a lot from bot attacks.

Brute force Bots – how do they work?

There are bots that use the brute force technique in an attempt of cracking the admin or the customer accounts.
The brute force technique works by making a lot of login attempts of different usernames and passwords, until there is a successful login.
Since the bots are using common and easy passwords for the login attempts – the successful logins usually occur when the passwords are weak.
This is why it’s so important to use strong passwords for your accounts.

Spam Bots – why do they attack?

There is another type of bots – the spam bots. Those register to the website services that send emails, eg: newsletter, customer registration,
forgot password form etc. Their purpose can be to hide a hackers’ activity on the compromised user accounts.
For example, the person has his credentials cracked in some shopping website, and the hackers purchase something using those credentials.
Since the user has so much spam emails in his mail box, he will probably miss the order confirmation email from the hacked account purchase,
consequently not noticing that his account was cracked.

Another possible reason why spam bots exist is to harm your website activity. Sending a lot of spammy emails might make email providers
to blacklist your email address. Big amount of spammy customer registrations can slow down your website, as well as harm your BI statistics
when analizyng your customer behaviour. All those negative effects can be benefitial for parties who want harm your website.

How Google Invisible reCaptcha can help

One of the possible solutions to a bot problem is an integration of Google reCaptcha in your website.
The Google reCaptcha comes in 2 variations – the regulrar reCaptcha – the famous “I’m not a robot” checkbox, and the invisible reCaptcha.
The later is invisible to the user until that Google suspects that the user is a bot. If so, it displays questions to the user.
If the user fails to answer the question, the form is not getting submitted.

The questions designed to be easy for humans and hard for bots. They ususally come as series of pictures where the user needs to mark the pictures
that contain a desired object.

The Captcha invisibility is essential for eShops

The biggest benefit of the invisible reCaptcha is that since it is invisible, it prevents website abandonemt, which can occur when the user
faces a Catpcha question.

To sum up, if your website is under a bot attack, the Google Invisible reCaptcha can be a right solution for you. And if your website happened to be on
Magento 2, you might want to use our Google Invisible reCaptcha extension to integrate the reCaptcha in your website!

References:

https://webmasters.stackexchange.com/questions/61291/why-do-registration-bots-exist-what-do-they-gain-from-registering-on-my-site
https://www.incapsula.com/blog/amazon-account-hack-registration-bots.html