Attack of the bots
How can you get protected against DDoS and spare your advertising budget?
An uprising of evil machines
Today, according to various studies, live humans account for up to half of all global Internet traffic. Meanwhile, the second half is generated by machines. Specially designed programs scan the network day and night, visit various sites and perform certain actions over there.
Some of them are “good bots”, which include, for example, site indexing programs, such as those used by Google. Such software performs routine tasks and does not affect the operation of your website — nothing for your business to fear.
But there is also a breed of “bad bots”, which are used to cause certain calculated damage. Whereas the good bots account for about 20% of Internet traffic, the malicious programs take almost 30%.
Bots can copy some content from your site that sometimes adversely affects the site’s position in search engines, or leave anywhere from dozens to thousands of spam comments and fake reviews.
Bots may intentionally “drain” the advertising budget of competitors. It is often a specially created program that “clicks” on advertisement banners and ads.
Attackers constantly improve the algorithms that power their programs, so that it becomes increasingly more difficult to figure out a bot — it is not that they just visit a site, they can browse it and even add products to carts in online stores.
As a result, site owners are left to wonder why the advertising budget was spent, the traffic increased significantly, active users were seen on the site, but sales did not grow.
Then it takes an enormous amount of efforts and resources to search for problems which do not exist in reality, — for example, the team in charge of a project compromised by bots may think that the sales did not grow because of an unfriendly website interface.
But they won’t be able to conduct tests and make good conclusions as to what needs to be changed, because a large portion of the traffic could again turn out to be fake.
How to identify bots
1) By an increased number of requests for your website’s pages, which does not affect the conversion, but only slows down the server.
2) If there is a sudden sharp increase in your site traffic by the feeds that are of interest to you, but the visitors browse very few pages, and the statistics shows a high bounce rate, then those are almost certainly bots.
3) If an English language page gets a large number of visitors from Angola or whatever, — there is a reason to become suspicious.
Why bots are harmful and what you can do about it
1. Bots diminish the effectiveness of a campaign. They cause sharp reduction in the number of hits per visitor, time spent on the site, causing decrease in the conversion rate. Good bots can be filtered using Google Analytics — this service has a special option that excludes from analysis all robot systems known to Google.
It is virtually impossible to block the traffic from bad bots, though, because your website can inherently be accessed by computers and programs from anywhere in the world. Tracking and blocking every address is not feasible either. Specialized tools are required to fight them depending on the type of “bad bots” attacking your site.
2. A large number of requests sent by bots slow down the site significantly. You need to have DDoS protection. There are companies that develop special protective filters that screen out bots while granting access to normal people. Products of this type are available from Kaspersky Lab, yet another popular tool is Qrator. There are also companies specializing in providing this type of services. Finally, it is your hosting provider that may sometimes assist you in combating DDoS.
3. Bots affect the platform’s predictive mechanisms. Not all advertising services and platforms invest in continuous development of antifraud technologies, although this affects the end result and the effectiveness of advertising campaigns. As a result, the predictive mechanisms of these campaigns begin to focus on bots as a cheaper source of traffic. This problem can be avoided in two ways: by introducing antifraud technologies and adding performance indicators to the predictive mechanisms, such as orders, settings, etc.
To avoid buying bot traffic, you need to ensure that the affiliate DSP (Demand Side Platform) uses a third-party service dedicated to blocking bots when displaying your promo content, or has its proprietary mechanism, like Exebid.DCA.
Solutions of this type block suspicious “visitors” based on a number of traits in their behavior. For example, the lifespan of most bots is often less than a day, they make many clicks and frequently update the page to achieve the greatest possible number of banner impressions. Ads will be automatically stopped for users with such traits, and the respective traffic sources blocked.
In addition, the system analyzes the data pertaining to past visitor activity and singles out those visitors whose behavior does not match that of a typical Internet user.
It is not enough to just attract traffic to your site, you must make sure it’s not fake. Bots can pump up beautiful numbers in analytical tool reports, while diverting you from the main business objectives — increase in conversion rates and growth of sales.