What You Need to Know
E-commerce brands are accustomed to spikes in volume—whether it’s the holiday shopping season, a promotional campaign, or a new must-have product. However, panic-buying and everyone moving their lives and work online during the lockdown has generated sustained levels of high traffic. Hiding in this traffic are cybercriminals, putting your APIs at greater risk of attack than ever. Protecting your APIs from attack is not optional, it’s imperative. Here’s a quick update on how you can protect your brand, revenue, and valuable data from attack while providing a safe and enjoyable shopping experience for your customers.
A Look at the Trends
People are spending 10-30% (1) more online and the number of unique digital shoppers has risen 40% year over year. (2) Increased web traffic is leading the way for a surge in account fraud as fraudsters take advantage of the lockdown that forced more people online.
Even before the global pandemic, APIs were a preferred attack point. Cybercriminals attack APIs because they know they are vulnerable.
45% of companies do not feel confident in their ability to detect malicious use of their APIs and 51% of companies are not confident that their security team is even aware of all the APIs that exist in their organization. (3)
The Business Impact
- Poor customer experience as fake shoppers jam the site and degrade performance, forcing genuine shoppers to give up or go elsewhere
- Tied-up inventory, making stock unavailable to legitimate customers
- Corporate espionage by competitors who then offer price-sensitive deals to win customers
- Takeover of customer accounts, loyalty points theft, and credit card and gift card fraud
- Ad fraud where bots deliberately use links in ads to access a website
Malicious actors have four primary goals with account takeovers:

