Fraudulent login attempts exceeded a million per day and made up over 90% of the login traffic to a top US retailer.
Traditional defenses, like web application firewalls, intrusion detection and prevention services, and fraud analytics, failed to prevent these ongoing automated attacks.
The Fortune 500 retailer deployed the Shape solution and completely eliminated account hijackings.
Criminals acquire large volumes of stolen user names and passwords, and then use sophisticated bots to try them at scale across many different consumer businesses, bypassing traditional security controls. Attackers take over accounts to make purchases or transfer reward points.
Criminal groups use bots to try stolen credit card numbers against online payment pages and identify active cards. Attackers use the validated cards to purchase goods which they resell for profit.
Scalpers use bots to quickly buy up inventory as soon as it's available and then sell it on the secondary market, denying real customers value and online brand interactions.
Criminals use bots to test many different account numbers against gift card redemption sites, depleting legitimate accounts and incurring fraud expenses.
Competitors use bots to collect product, inventory and pricing data from sites, eroding merchant advantages and slowing site performance.
Fake accounts can be used to post fraudulent product reviews and links to spam, degrading the customer experience.