Global E-commerce Retailer Prevents Account Takeover, Carding Attacks and Review Fraud

The retailer was experiencing a high volume of malicious bot traffic on their e-commerce portal, including account takeover (ATO), credential stuffing, and carding attacks. The company’s security team was working around the clock to respond in real time. 

Additionally, fraudsters were also using bots to post fake reviews and 'like' the reviews in order to take advantage of monetary incentives. Not only did this mean that attackers were rewarded for fake reviews, but it also compromised the authenticity of the website’s reviews.

• Protection against ATO and carding attacks: With its sophisticated machine learning, Application Protection detects malicious behavior on websites in real time, stopping the most advanced bot attacks. 
• Product review monitoring: Application Protection applies the same learning techniques to predict when a product review or rating is likely to have been submitted by a bot and challenges the review before it is published.

• Flexible architecture with easy integration: Application Protection’s open architecture allows it to easily interface with any existing technology stack, including Amazon Web Services (AWS). Application Protection sits in front of the retailer’s AWS instances and blocks malicious bot attacks before they reach the servers, without adding an additional layer of in-line traffic processing. This maintains performance and ensures low latency by reducing overall server load. Application Protection also seamlessly integrates with industry-leading CDNs, including Amazon CloudFront with AWS Lambda, to protect services hosted on AWS.