Tips How to Prevent, Detect, and Resolve Bot Attacks

Unfortunately, it’s common these days to hear about cyber-attacks at large corporations; however, bot attacks are also just as likely to affect smaller organizations. Bot attacks are automated scripts created by bad actors to mimic human behavior with the intent to make fraudulent purchases, disrupt web sites, or damage reputations. In 2023, bad bots accounted for 30% of automated internet traffic¹ and the travel industry is not immune to them.

To help you stay vigilant in preventing a bot attack from disrupting your operation, costing you money, or negatively impacting your deliverability metrics, we put together a list of what to look for and actions you can take.

If you use Inntopia Marketing Cloud…

Detect Bot Attacks

A bot attack can be difficult to identify at first. Keep your eyes out for the following signs to help you identify one:

• Large spike in sign-ups through welcome email or newsletter links. These sign-ups tend to be from campaigns initiated through your webform, so if you notice a significant number of sign-ups occurring over a very short time, dig into the data and look for additional signs.
• Similar names are used. Often, bots will repeat the same first and/or last names, so look for patterns of repetitive information.
• Illegible info is used. If the names or email addresses entered into the form are filled with gibberish, this is a sign they might be fake.
• Guest geographics are out of the ordinary. If you suddenly see a lot of sign-ups from a region that isn’t typical for your customer base, it could indicate a bot attack.
• High engagement rates. Some bots actually engage, so if there are a lot of clicks in the email, it’s worth investigating.

Prevent Bot Attacks

Preventing a bot attack before it hits will save you time, money, and your sending reputation.

• Implement reCAPTCHA. Make sure that your Acoustic webform has Google reCAPTCHA® enabled. This technology helps determine if a website visitor is human or not.
  Note: If you use Acoustic’s API, reCAPTCHA will need to be set up on your website.
• IP Identification. When Google reCAPTCHA is enabled, it also monitors IP traffic. If it recognizes unusual activity, it will block the IP address.

Resolve Bot Attacks

Recovering from a bot attack can be timely and difficult. Depending on the extent of the attack, the amount of time needed to resolve it will vary.

1. Identify the pattern. Before you can remove fake accounts, you must identify them. Fake accounts often follow a pattern, but the pattern can be hard to identify. Export a report from Acoustic to a spreadsheet that includes names and email addresses, along with additional data points to help identify real guests (such as RFM score, lodging dates, etc.).
2. Create a query using the pattern. Once you’ve identified the pattern, create a new query to capture as many of the fake accounts as possible. (You may need to create multiple queries to accomplish this.)
3. Purge the fake accounts. The last step involves purging the fake accounts from the database. This should be done carefully so you don’t accidentally remove real guests in this process.

If you use Inntopia Commerce…

Detect Bot Attacks

A bot attack in Inntopia Commerce will look different from one in Inntopia Marketing Cloud. Pay attention to the following signs to help catch abnormalities:

• Spike in sales for low-cost items. Bad actors will try to purchase low-cost items to test the validity of various credit card numbers to remain undetected. Be on the lookout for a spike in sales for items such as gift cards, carbon offset fees, or other items that you don’t commonly sell or sell individually as it could be sign of a bot attack.
• Similar names are used. Often, bots will repeat the same first and/or last names, so look for patterns of repetitive information.
• Illegible info is used. If the names or email addresses entered into a guest’s account are filled with gibberish, this is a sign they might be fake.

Prevent Bot Attacks

Preventing a future attack is paramount to avoiding operational disruptions or costs:

• Implement reCAPTCHA. Google reCAPTCHA can be implemented per sales channel and will appear during the check-out process.
  While some people may think a CAPTCHA is a deterrent to completing a sale, Inntopia has not seen evidence of this and believes the presence of a CAPTCHA may actually provide additional confidence to the guest about purchasing. If you are still unsure, reCAPTCHA can be implemented with a low tolerance, but it’s still important to put additional layers in place to reduce the risk of a bot attack.
• Inntopia also monitors activity. Inntopia has tools in place that alert our technical team when questionable activity is suspected. Our team investigates all alerts to determine if flagged transactions are real or fake and will contact you if additional action is needed.

Resolve Bot Attacks

The following steps can help resolve problems resulting from a bot attack:

1. Implement reCAPTCHA. We cannot reiterate enough the importance of reCAPTCHA. If a bot attack is currently taking place, implementing reCAPTCHA can immediately help. Inntopia’s recommendation, however, is to enable it preventatively to allow the technology time to learn how guests use your site.
2. Cancel fraudulent transactions. If fraudulent transactions have occurred, cancel them in Inntopia.
3. Contact your payment gateway. Once you’ve cancelled the fraudulent transactions in Inntopia, contact your payment gateway to determine the next steps regarding the fraudulent charges.

If you have any questions about these tactics or need help implementing reCAPTCHA, contact Inntopia Partner Services or your Strategic Account Manager.

1 Imperva 2023 Bad Bot Report