No More Spam Bots for your Shopify Store- (And No More CAPTCHA)

The Human Presence app for Shopify is a powerful tool designed to protect Shopify stores from the pervasive threat of spam bots. In an era where online shopping is booming, store owners face the challenge of ensuring that their websites remain secure and user-friendly. Spam bots can compromise customer experiences, lead to fraudulent transactions, and distort analytics data. The Human Presence app addresses these issues by employing advanced bot detection technology.

This innovative application utilizes behavioral analysis and machine learning algorithms to distinguish between genuine human visitors and malicious bots. Unlike traditional CAPTCHAs, which can frustrate users, Human Presence operates seamlessly in the background, allowing legitimate customers to navigate the site without interruption. By analyzing user interactions—such as mouse movements, scrolling patterns, and click behavior—the app effectively identifies automated scripts and blocks them from accessing the store.

Moreover, Human Presence continuously updates its detection capabilities, adapting to new bot strategies and techniques. This means that Shopify store owners can rely on the app to provide ongoing protection against evolving threats. The result is a cleaner, more secure shopping environment that enhances user experience and boosts conversion rates.

Available to Shopify store owners, the Human Presence app is an essential tool for Shopify merchants looking to safeguard their online stores from spam bots. By ensuring that only genuine human traffic interacts with their sites, store owners can focus on what matters most—delivering exceptional products and services to their customers.

Shopify merchants can protect their checkouts from bot attacks

In the fast-paced world of e-commerce, especially during flash sales, every second counts. Shopify merchants often experience heightened interest in their products during these limited-time offers; however, this can attract not just eager customers but also automated bots designed to make bulk purchases. This is where Shop Protector Plus becomes an invaluable tool.

Shop Protector Plus offers robust cart protection tailored specifically for Shopify stores. One of the standout features is its advanced bot detection system, which helps identify and block malicious automated bots from accessing your checkout process. By ensuring that only genuine customers can complete purchases, merchants can safeguard their inventory and maintain a fair shopping experience.

During flash sales, the risk of losing products to bots is significantly heightened, as these automated systems can navigate a website faster than human shoppers, quickly grabbing limited items before they are even seen by real customers. Shop Protector Plus mitigates this risk, allowing Shopify merchants to focus on engaging with legitimate buyers rather than worrying about empty carts resulting from bot interference.

Moreover, Shop Protector Plus implements additional security measures such as rate limiting, which restricts the number of purchases a single customer can make within a designated timeframe. This not only helps to prevent bulk buyouts by bots but also ensures that more customers have the opportunity to purchase items they desire.

In conclusion, Shop Protector Plus equips Shopify merchants with the essential tools to protect their sales during high-demand events. By providing robust defenses against bots and ensuring a fair shopping experience for all customers, it allows merchants to maximize their sales potential during flash sales while minimizing the risks and frustrations associated with automated purchasing tactics. Investing in such features is vital for any merchant looking to enhance their operational efficiency and customer satisfaction. #shopifydevelopers #shopify #bots #flashsales

Shopify Store Owners-eliminate form spam now

Shopify Store Owners can now eliminate form spam. The Shop Protector app offers a comprehensive solution for Shopify store owners to effectively prevent form spam and fraudulent activity on their websites. As e-commerce continues to grow, so does the prevalence of bots and automated scripts that attack forms, leading to spam, fake registrations, fraudulent orders, and even potential data breaches. Shop Protector is designed to combat these issues seamlessly, ensuring a smooth and secure experience for both store owners and their customers.

The Problem with Form Spam

Form spam occurs when bots or malicious scripts fill out and submit forms automatically. This can impact any type of form on a Shopify store, including contact forms, customer registration, newsletter signups, and checkout pages. Form spam can clutter inboxes with irrelevant or harmful messages, create fake accounts, and place fraudulent orders, all of which can be costly for store owners to manage. Additionally, form spam often leads to data corruption, performance issues, and can skew customer analytics, making it difficult for businesses to accurately assess customer behavior.

Traditionally, methods like CAPTCHAs and reCAPTCHAs have been used to stop spam. However, these often frustrate real customers, creating a poor user experience by forcing them to prove they’re human through various challenges. Shop Protector, on the other hand, offers a more sophisticated solution that operates invisibly in the background.

How Shop Protector Works

The Shop Protector app stands out from traditional spam-prevention tools by utilizing advanced bot detection technology that works without disrupting the customer experience. The app integrates seamlessly into any Shopify store and automatically monitors all form activity, from contact forms to checkout pages. Its core strength lies in its ability to distinguish between real human interactions and bot traffic in real-time.

Shop Protector uses proprietary machine learning algorithms to analyze patterns of behavior, such as mouse movements, clicks, and typing speed, which bots typically cannot replicate. By focusing on behavioral biometrics, the app can accurately determine whether a submission is being made by a legitimate user or an automated bot.

Once a bot or suspicious activity is detected, the app automatically blocks the form submission, preventing the spam from reaching the store’s inbox, databases, or checkout system. Because it operates in the background, legitimate customers are unaware of its presence, meaning they don’t have to jump through unnecessary hoops like solving CAPTCHA puzzles or clicking on image grids. This leads to a more seamless and pleasant user experience, reducing cart abandonment rates and increasing conversions.

Protection Beyond Basic Spam Prevention

Shop Protector goes beyond just stopping spam in form submissions. It also helps protect stores from more sophisticated forms of fraud, such as carding attacks (where bots use stolen credit card information to test transactions), and account takeovers. These fraudulent activities can have a severe financial impact on businesses, including chargeback fees, lost inventory, and compromised customer data.

Additionally, Shop Protector helps safeguard sensitive customer information, reducing the risk of data breaches that can occur when malicious entities exploit vulnerable forms. By keeping the store’s form submissions secure, Shop Protector ensures that both store owners and customers are protected from a wide range of online threats.

Easy Integration and Customization

One of the app’s key benefits is its ease of use. It can be integrated into a Shopify store in just a few clicks without requiring any technical knowledge. The app’s dashboard provides real-time analytics and reporting, so store owners can monitor bot activity and adjust their security settings as needed. Shop Protector also offers customization options, allowing businesses to tailor the level of protection to their specific needs without compromising on user experience.

Conclusion

For Shopify store owners, form spam and fraudulent activity are ongoing concerns that can affect customer trust, store performance, and profitability. The Shop Protector app offers an advanced solution to these problems by using state-of-the-art bot detection technology that works invisibly in the background. Its ability to protect all forms from spam and fraud, without negatively impacting the customer experience, makes it an essential tool for any Shopify store. By implementing Shop Protector, store owners can ensure a safer, more efficient, and user-friendly environment for their business and their customers.

Shopify Stores can protect their Flash Sales from bot attacks with Shop Protector Plus

Flash sales are a powerful tool for boosting sales and generating excitement for your Shopify store, but they also attract a hungry horde of bots.  Enter Shop Protector Plus, a Shopify app specifically designed to safeguard your store from these digital scavengers.

Shop Protector Plus acts as an invisible shield, using advanced technology to detect and block malicious bots that are attempting to hijack your flash sale inventory leaving real human shoppers with empty carts.  The Shop Protector Plus app is a multi-layered protection and includes:

  • No need for CAPTCHA: The unique Human Presence technology behind Shop Protector Plus identifies human site visitors invisibly while rejecting all non-human (bot) visitors.
  • The ability to implement specific checkout protection options to secure your store from bots.
  • The ability to bulk cancel suspicious orders with 1 click.
  • Allows you to various individual customization options, including rate limiting rules to stop known bots and fraudulent activity.
  • With an overall goal of protecting your inventory from bots and to improve the customer experience of real live shoppers.

By effectively deterring bots, Shop Protector Plus ensures a fairer playing field for your genuine customers. This translates to increased sales, customer loyalty, trust in your brand and return buyers for future flash sales.

Shop Protector Plus also offers insightful analytical tools allowing you to monitor bot activity and adjust your protection strategies accordingly. With Shop Protector Plus you can experience the true power of a successful flash sale without the interruption of bots.

No Bots for Shopify Merchants equals successful Flash Sales-Shop Protector Plus

ECommerce flash sales are an increasingly popular way for merchants to promote and quickly sell limited edition and limited inventory merchandise. Creating a flash sale “event” with a pre-set period of time where you sell a single item or a small selection of items is a tool for merchants to sell out of specific items instantly, produce extraordinary short term revenue and bring new customers to your site that can be marketed to for future sales.

One issue that plagues flash sellers in the eCommerce world today are bots which can inundate the checkout with complete transactions and basically deplete the already limited inventory in a matter of seconds. The bots deployed are simply an automated software process that can search the world for specific products and purchase inventory in large quantities by auto-completing the checkout process.

These bots have been in the market for over twenty years and were originally confined to bulk purchases of limited edition sneaker models and subsequently all fall under the umbrella of “sneaker bots” but have since broadened to be able to search for and purchase any product during a flash sale or limited inventory event.

These sneaker bot attacks raise a whole host of issues for flash sale merchants not least of which is that inventory is sold out in minutes only to be available at inflated prices on a third party site, leaving potential human buyers out in the cold. A constant shortage of inventory obviously cuts into repeat site visitors who, unlike bots, typically purchase more than one product. Additionally, merchant employees must sort through these purchases to cancel orders, restock inventory and a number of other painstaking tasks in the hours immediately after each flash sale.

Shopify merchants have been plagued by these bots for years but an app recently introduced by Ellipsis Technologies named Shop Protector Plus is now successfully identifying and blocking bot purchases daily with incredible success.

The Shop Protector Plus solution which is now available in the Shopify app store
(Shop Protector – Ecommerce Plugins for Online Stores) totally protects merchant checkout while providing total control of the process to the merchant.

For example, the merchant can control the level of protection they need to invisibly detect and block bot entry to the checkout system. There are configurable options for auto mitigation, bulk cancellation of bot orders, initiate bulk cancels, make refund/inventory restocking decisions, automatically sending cancellation emails while providing merchants with protection from form spam and fake account creation and providing access to a full analytics dashboard.

Different from traditional bot detection techniques such as CAPTCHA which requires a user to physically decipher difficult to read words (which causes buyer defection after each unsuccessful attempt), the Shop Protector Plus is completely invisible to human shoppers, requiring no interaction at all.

Shop Protector Plus is available here or on the Shopify app store and comes with a 14 day free trial. Ellipsis technical support is always there to assist if needed.

Breaking: Form Spam is annoying for Shopify store owners

The history of spam is quite interesting, while is may be annoying to you today, it’s been around in various forms for a number of years. 

While it’s been called spam for only a few decades, the first recorded instance of sending unsolicited messages was over a century ago.  In 1864 Western Union proudly introduced a new telegraph feature where users could send a single telegraphic message to multiple destinations on their network.  This new feature was almost immediately used by a British dentist who sent out a mass unsolicited advertising message via telegraph.  

The first email spam as we know it was sent on March 5, 1994 by lawyers Laurence Canter and Martha Siegel who used the original USENET system to broadly advertise their immigration law services.  Clearly, a certain Nigerian prince took notice.

In the early days of electronic messaging, mass solicitations quickly dominated email traffic and most inboxes.  Prior to any sort of ad filtering technology it was estimated that spam email constituted 80% or more of all emails, but it wasn’t yet called spam, although it was called many other colorful names.

The actual spam term came from a Monty Python sketch from 1970 where there was a cafe that featured a menu where every menu item featured spam, often multiple portions of spam.  When the breakfast menu was read aloud by the waitress, roughly 80% of the menu items were spam,  so it was similar to early in-boxes, you had to get past a lot of spam to actually get to bacon or sausage. Since this mirrored the experience of working through inbox submissions, it was a fairly natural jump to call unsolicited emails spam.

While spam is mainly thought of as email spam, form spam incidents are increasing daily.  A typical website has a number of forms with various functions including contact forms, newsletter sign-ups, comment forms and product review forms.  Form spammers inundate these forms with huge volumes of unwanted submissions.  The most common spam submissions include links to questionable sites and links to potential malware and phishing sites.  One of more common spam attacks include links to a spammers revenue per click site which may even include a hyperlink to other sites so that they can gain link equity and increased SEO value.

The costs of form spam to a site owner’s business include an impact on user experience as human visitors (potential customers) must scroll through these spam entries to actually get to a true product review or comment.  The user experience is further eroded by a potential increase in lag time which not only decreases user experience but also impacts search engine rankings as one key measure is response time.  Additionally, site owner staff must engage in the daily chore of manually deleting all form spam submissions which has the hard cost of devoting team members to this extremely annoying task.

The most common solutions for battling form spam fall into the category of Turing Tests which all require some form of user response to prove that the visitor is in fact a human.  Virtually everyone has by now experienced the most common Turing Test called CAPTCHA where the user must exactly retype a difficult to read word.  Most recently we have all seen reCAPTCHA where the user might have to identify specific details from a fragmented photograph such as identifying which fragments have at least some portion of a stop sign.  These are always exhausting and don’t seem to be enhancing the user experience.

While theoretically solid solutions and quite effective when first introduced, spambots have since learned to bypass these methods with high accuracy as human site visitors became increasingly frustrated with often multiple failed attempts to pass the test.

These difficulties have a direct and obvious impact on conversions as studies show that roughly 3-5% of users depart a site immediately after being presented a CAPTCHA and a many as 30% of site visitors fail on the first attempt, with a percentage of visitor departures with each failed attempt.

A non-Turing Test methodology is the Ellipsis Human Presence Technology which is available commercially as Ellipsis Human Presence, as Shop Protector in the Shopify app store and as Human Presence in the WordPress app store.  The Ellipsis technology differs from Turing Tests in that the Human Presence technology invisibly monitors and studies human timing and movement characteristics during the normal course of a browser session with no need for any other interaction by the site visitor.  The Human Presence Technology then is able to identify if a site visitor exhibits human behavioral characteristics, or not.  The Human Presence Technology further protects individual forms throughout a site to totally protect from all types of form spam attacks.  Human Presence allows the site owner to offer an unencumbered user experience, improved response time while eliminating the need to dedicate staff to cleaning our form spam.

For more information, please visit us on the Ellipsis website, or on the Shopify or WordPress app stores.

Bot Protection for Shopify Merchants for successful Flash Sales-Shop Protector Plus-

 

By Bill West, Ellipsis Technologies

ECommerce flash sales are an increasingly popular way for merchants to promote and quickly sell limited edition and limited inventory merchandise. Creating a flash sale “event” with a pre-set period of time where you sell a single item or a small selection of items is a tool for merchants to sell out of specific items instantly, produce extraordinary short term revenue and bring new customers to your site that can be marketed to for future sales.

One issue that plagues flash sellers in the eCommerce world today are bots which can inundate the checkout with complete transactions and basically deplete the already limited inventory in a matter of seconds. The bots deployed are simply an automated software process that can search the world for specific products and purchase inventory in large quantities by auto-completing the checkout process.

These bots have been in the market for over twenty years and were originally confined to bulk purchases of limited edition sneaker models and subsequently all fall under the umbrella of “sneaker bots” but have since broadened to be able to search for and purchase any product during a flash sale or limited inventory event.

These sneaker bot attacks raise a whole host of issues for flash sale merchants not least of which is that inventory is sold out in minutes only to be available at inflated prices on a third party site, leaving potential human buyers out in the cold. A constant shortage of inventory obviously cuts into repeat site visitors who, unlike bots, typically purchase more than one product. Additionally, merchant employees must sort through these purchases to cancel orders, restock inventory and a number of other painstaking tasks in the hours immediately after each flash sale.

Shopify merchants have been plagued by these bots for years but an app recently introduced by Ellipsis Technologies named Shop Protector Plus is now successfully identifying and blocking bot purchases daily with incredible success.

The Shop Protector Plus solution which is now available in the Shopify app store
(Shop Protector – Ecommerce Plugins for Online Stores) totally protects merchant checkout while providing total control of the process to the merchant.

For example, the merchant can control the level of protection they need to invisibly detect and block bot entry to the checkout system. There are configurable options for auto mitigation, bulk cancellation of bot orders, initiate bulk cancels, make refund/inventory restocking decisions, automatically sending cancellation emails while providing merchants with protection from form spam and fake account creation and providing access to a full analytics dashboard.

Different from traditional bot detection techniques such as CAPTCHA which requires a user to physically decipher difficult to read words (which causes buyer defection after each unsuccessful attempt), the Shop Protector Plus is completely invisible to human shoppers, requiring no interaction at all.

Shop Protector Plus (Shop Protector – Ecommerce Plugins for Online Stores) is available on the Shopify app store and comes with a 14 day free trial. Ellipsis technical support is there to assist if needed,

.

eCOMMERCE FORM SPAM

In a recent Statistica study, worldwide eCommerce sales hit $3.46 trillion in 2016, up from $1.5 trillion as recently as 2015. Looking forward, eCommerce sales are forecasted to be $6.54 trillion in 2020 according to the same report. According to Statistica the top 3 online stores’ revenue amounted to almost $100 billion in 2017. Online shopping is one of the most popular online activities worldwide but the usage varies by region – in 2016, an estimated 19 percent of all retail sales in China occurred via eCommerce but in Japan the share was only 6.7 percent. Desktop PCs are still the most popular device for placing online shopping orders but mobile devices, especially smartphones, are catching up rapidly.

With this growth and visibility the eCommerce community has become a target for malicious hackers led by a host of spambots. A standard mode of attack is to bombard the contact, lead-generation, comment or product review forms of a site with an avalanche of commercial, political or other unwanted messages which prove to be a constant nuisance for true buyers and site administrators. This creates an environment where real human customers find it too unwieldy to sort through a massive stream of spam to read real buyer reviews and comments. Additionally, merchant employees need to allocate time daily removing unwanted form entries, a laborious and time consuming task.

Before a number of technological solutions came along that can protect a site from these spambot attacks, many eCommerce merchants simply disabled all forms on their site. While ending the frustration for shoppers and eliminating the employee tasks involved with removal, this proved to be a counter productive solution by eliminating the ability of shoppers to read reviews from prior purchasers. In effect this destroys the lifeblood of a successful eCommerce business, namely, soliciting user input through buyer product reviews, endorsements and product usage comments. A Power Reviews study of Amazon online sales states that even a single review (as opposed to none) can increase sales of an item by 65%. Additionally, 20% of overall sales are driven by reviews, and at least one-third of customers report that they won’t buy a product listed with no customer reviews.

Form spam encompasses the range of activities involved with the automated filling out and submission of website forms often with irrelevant, dangerous or false information. These submissions include links to questionable sites, malware sites, phishing sites, links hoping to direct visitors to the spammers revenue per click site and a wide variety of other scams. Other spam attacks are simply site scraping bots that are gathering content to include on their sites, the most common attacks in this are can be found in listing sites (autos, real estate, etc.), recruiting agencies (resumes), travel sites, price comparison sites, scraping for sales leads and in eCommerce, product data is lifted to be immediately re-listed with another vendor.

Bots are readily available for purchase on the internet which has created an invisible army of clandestine spammers infecting sites with their content hoping to get one or two visitors to take their bait.

The hard costs to the website owner are manifold. First of all, true human site visitors must sift through a number of spam submissions to actually find the true content that they are looking for while hopefully not clicking on a spam submission laden with malware. Repeated user experiences like this lower user engagement which greatly impacts sales and conversions and ultimately lowers repeat visits to the site.

Beyond these quantifiable hard costs there are a number of soft costs of form spam to website owners, and they are equally as painful. These soft costs include increased lag time on the site in general as well as in intra-site applications. Slow site response times lead to a frustrating experience for users and lower search engine rankings (loading times are a key measurement for determining search ranking). As bot traffic gains a foothold on a particular site, the volume of spammers will generally increase which could drive additional costs in site operation and ultimately infrastructure modifications. Conversely, being able to block spam bots can allow sites to operate efficiently with existing infrastructure.

The most common current solutions are predominantly in the Turing Test category and require a human interaction and response which are in themselves annoying to site visitors who simply came to an
eCommerce site for information and to buy a product. CAPTCHA is the most popular Turing Test and the one which most eCommerce site owners are familiar with. Research has shown however that a large percentage of prospective buyers depart a site immediately upon being presented with a CAPTCHA and as many as 40% fail on the first attempt decreasing customer experience and stopping prospective customers before they can complete a transaction. This has led to the advent of form spam prevention solutions that require no interaction with the site visitor and therefore eliminating the loss of buyers due to Turing Test related issues.

Beyond form spam, there are new bot attacks emerging daily, a rapidly evolving area of attack falls under the overall term of “sneaker bots” which are highly sophisticated bots that search the web for a specific make and model of a newly released sneaker, primarily for resale by the bot owner. When a new model of sneaker is released and it is generally in limited quantity, the sneaker bots can find the item anywhere in the world and fully execute thousands of transactions in a matter of minutes. These days “sneaker bot” is a bit of a misnomer as these bots now search for any limited inventory product including all lines of streetwear, collectibles, limited production jewelry and more.

The leading eCommerce platform, Shopify, offers a number of security related apps through their app development partners, the number one rated Shopify app in this category is Shop Protector. According to a recent study which reviewed Shopify apps in this category, their ranking shows the best Shopify security apps available today. The bot attacks are real and there are many current technological solutions available to eCommerce merchants, but you do need to protect your store and your investment.

Bill West is the Founder and CEO of Ellipsis Technologies. Ellipsis has developed an eCommerce security technology which allows a website owner to invisibly detect human traffic while quarantining all suspicious visitors. The Ellipsis technology utilizes user timing and movement data coupled with a historical human behavior database and proprietary machine learning algorithms to allow human site visitors to avoid CAPTCHA or other turing tests with a focus. Ellipsis also protects against form spam by identifying and blocking all spam bot attacks. Available on the Shopify app store (Shop Protector), as a Drupal module and a WordPress plug-in (Human Presence), it is also integrated into the Convesio WordPress hosting platform. Mr. West was previously COO of Carolina Phone, COO of Dial Page and President of USTelecenters.

Form Spam and what you can do about it

The history of spam is interesting.  While it’s been called spam for only a few decades, the first recorded instance of sending unsolicited messages was over a century ago.  In 1864 Western Union proudly introduced a new telegraph feature where users could send a single telegraphic message to multiple destinations on their network.  This new feature was almost immediately used by a British dentist who sent out a mass unsolicited advertising message via telegraph.  

The first email spam as we know it was sent on March 5, 1994 by lawyers Laurence Canter and Martha Siegel who used the original USENET system to broadly advertise their immigration law services.  Clearly, a certain Nigerian prince took notice.

In the early days of electronic messaging, mass solicitations quickly dominated email traffic and most inboxes.  Prior to any sort of ad filtering technology it was estimated that spam email constituted 80% or more of all emails, but it wasn’t yet called spam, although it was called many other colorful names.

The actual spam term came from a Monty Python sketch from 1970 where there was a cafe that featured a menu where every menu item featured spam, often multiple portions of spam.  When the breakfast menu was read aloud by the waitress, roughly 80% of the menu items were spam,  so it was similar to early in-boxes, you had to get past a lot of spam to actually get to bacon or sausage. Since this mirrored the experience of working through inbox submissions, it was a fairly natural jump to call unsolicited emails spam.

While spam is mainly thought of as email spam, form spam incidents are increasing daily.  A typical website has a number of forms with various functions including contact forms, newsletter sign-ups, comment forms and product review forms.  Form spammers inundate these forms with huge volumes of unwanted submissions.  The most common spam submissions include links to questionable sites and links to potential malware and phishing sites.  One of more common spam attacks include links to a spammers revenue per click site which may even include a hyperlink to other sites so that they can gain link equity and increased SEO value.

The costs of form spam to a site owner’s business include an impact on user experience as human visitors (potential customers) must scroll through these spam entries to actually get to a true product review or comment.  The user experience is further eroded by a potential increase in lag time which not only decreases user experience but also impacts search engine rankings as one key measure is response time.  Additionally, site owner staff must engage in the daily chore of manually deleting all form spam submissions which has the hard cost of devoting team members to this extremely annoying task.

The most common solutions for battling form spam fall into the category of Turing Tests which all require some form of user response to prove that the visitor is in fact a human.  Virtually everyone has by now experienced the most common Turing Test called CAPTCHA where the user must exactly retype a difficult to read word.  Most recently we have all seen reCAPTCHA where the user might have to identify specific details from a fragmented photograph such as identifying which fragments have at least some portion of a stop sign.  These are always exhausting and don’t seem to be enhancing the user experience.

While theoretically solid solutions and quite effective when first introduced, spambots have since learned to bypass these methods with high accuracy as human site visitors became increasingly frustrated with often multiple failed attempts to pass the test.

These difficulties have a direct and obvious impact on conversions as studies show that roughly 3-5% of users depart a site immediately after being presented a CAPTCHA and a many as 30% of site visitors fail on the first attempt, with a percentage of visitor departures with each failed attempt.

A non-Turing Test methodology is the Ellipsis Human Presence Technology which is available commercially as Ellipsis Human Presence, as Shop Protector in the Shopify app store and as Human Presence in the WordPress app store.  The Ellipsis technology differs from Turing Tests in that the Human Presence technology invisibly monitors and studies human timing and movement characteristics during the normal course of a browser session to identify if a site visitor exhibits human behavioral characteristics, or not.  The Human Presence technology further protects individual forms throughout a site to totally protect from all types form spam attacks.  Human Presence allows the site owner to offer an unencumbered user experience, improved response time while eliminating the need to dedicate staff to cleaning our form spam.

For more information, please visit us on the Ellipsis website, or on the Shopify or WordPress app stores.

The origin of calling junk email spam

While unsolicited email advertisements have been around for decades, it wasn’t until a few years later that it was commonly called “spam”.  The story on how it came to be called “spam” is an interesting one.

The actual spam term came from a Monty Python sketch from 1970 where there was a cafe that featured a menu (shown left) where every menu item featured spam, often multiple portions of spam.  When the breakfast menu was read aloud by the waitress, roughly 80% of the menu items were spam,  so it was similar to early in-boxes, you had to get past a lot of spam to actually get to bacon or sausage, or a real email. Since this mirrored the experience of working through inbox submissions, it was a fairly natural jump to call unsolicited emails spam.

The actual dialog from that sketch drives the word spam into your head, the scene is set in a cafe, incredibly one table is occupied by Vikings wearing horned helmets.  Whenever the word “spam” is mentioned (and it is uttered 132 times in the sketch), they break into spam songs and chants.  A couple enters the restaurant to inquire about breakfast and the dialog is as follows: 

Man: You sit here, dear.
Wife: All right.
Man: Morning!
Waitress: Morning!
Man: Well, what’ve you got?
Waitress: Well, there’s egg and bacon; egg sausage and bacon; egg and spam; egg bacon and spam; egg bacon sausage and spam; spam bacon sausage and spam; spam egg spam spam bacon and spam; spam sausage spam spam bacon spam tomato and spam;
Vikings: Spam spam spam spam…
Waitress: …spam spam spam egg and spam; spam spam spam spam spam spam baked beans spam spam spam…
Vikings: Spam! Lovely spam! Lovely spam!
Waitress: …or Lobster Thermidor a Crevette with a mornay sauce served in a Provencale manner with shallots and aubergines garnished with truffle pate, brandy and with a fried egg on top and spam.
Wife: Have you got anything without spam?
Waitress: Well, there’s spam egg sausage and spam, that’s not got much spam in it.
Wife: I don’t want ANY spam!
Man: Why can’t she have egg bacon spam and sausage?
Wife: THAT’S got spam in it!
Man: Hasn’t got as much spam in it as spam egg sausage and spam, has it?
Vikings: Spam spam spam spam… (Crescendo through next few lines…)
Wife: Could you do the egg bacon spam and sausage without the spam then?
Waitress: Urgghh!
Wife: What do you mean ‘Urgghh’? I don’t like spam!
Vikings: Lovely spam! Wonderful spam!
Waitress: Shut up!
Vikings: Lovely spam! Wonderful spam!
Waitress: Shut up! (Vikings stop) Bloody Vikings! You can’t have egg bacon spam and sausage without the spam.
Wife: I don’t like spam!
Man: Sshh, dear, don’t cause a fuss. I’ll have your spam. I love it. I’m having spam spam spam spam spam spam spam beaked beans spam spam spam and spam!
Vikings: Spam spam spam spam. Lovely spam! Wonderful spam!
Waitress: Shut up!! Baked beans are off.
Man: Well could I have her spam instead of the baked beans then?
Waitress: You mean spam spam spam spam spam spam… (but it is too late and the Vikings drown her words)
Vikings: (Singing) Spam spam spam spam. Lovely spam! Wonderful spam! Spam spa-a-a-a-a-am spam spa-a-a-a-a-am spam. Lovely spam! Lovely spam! Lovely spam! Lovely spam! Lovely spam! Spam spam spam spam!

 

Top 10 Trust and Security Apps for your shopify store

Technically, Shopify apps play an important and integral role in the Shopify platform. It would be impossible to imagine this platform without the applications. With the applications, developers and businesses will be able to offer better products and services to their customers. This is an important stage in boosting the performance of your retail store. Of course, this is also an effective technique for hosting many additional functionalities. When it comes to Shopify applications, you have innumerable options to choose from. Every functionality and every need has a unique application to choose from. Some of these apps are absolutely free of cost. And, others will expect you to pay a nominal fee. When you are looking for an application to support your business in Shopify, there are few things you should focus on.

First of all, you must appreciate the fact that Shopify apps are not only meant to attract more traffic to your website. Instead, these apps can be integrated into your daily business processes. With the help of these applications, you will be able to offer specialized assistance to your customers. Indeed, this plays an important role in building the credibility of your business.

When you decide to host your security application in Shopify, here are few benefits you are bound to witness:

  1. With the help of Shopify applications, you will be able to access a variety of information about eCommerce.
  2. You will be able to control your website like a true professional. You will be given an admin panel, which makes you the owner of it all!
  3. The entire application will be designed with analytics and other add-on facilities.
  4. You can access your applications using desktop and smart devices. The user experience offered by Shopify security apps is remarkable.
  5. You can make use of an array of advertisement and customization options from Shopify.

Top Trust and Security Applications in Shopify

With this being said, let us understand more about a few interesting security applications in Shopify.

#1 Shop Protector by Ellipsis Technologies

Image source

First things first, if you own an eCommerce website, it needs to be protected. Just like how you would protect your physical store, your online venture has to be safeguarded. This is when apps like “Shop Protector” are an absolute necessity.. The ultimate purpose of Shop Protector is to protect your investment, your store and your customers. The application offers users a 14-day free trial, after which you pay an attractive $4.99 USD each month.

With the help of a Shop protector, you will be able to safeguard your Shopify store from bot attacks, specifically form spam and fake account creation attacks. Not only is your entire Shopify store protected from invisible bots but Shop Protector is the best solution for preventing the impact of annoying spam messages that clog up your forms and require your staff to purge on a daily basis. With Shop Protector you can ensure that bots are not filling the forms in your Shopify store. . Shop Protector effectively fights against two of the most commonly found issues in eCommerce world, general bot attacks and form spam..

Shop protector runs quietly and invisibly within your Shopify store while analyzing your store visitors behaviors and protecting the store completely.

App URL: https://apps.shopify.com/ellipsis-human-presence-technology

#2 EU Cookie Bar ‑ Cookie GDPR by Booster Apps

Image Source

As suggested by its name, this application is customized for EU customers. It ensures that a cookie banner is offered to all EU customers. This falls in line with the GDPR consent. The application is completely free. Three important aspects of this application are: the cookie consent bar is designed in compliance with the EU. It will be shown to all customers visiting your eCommerce store. Secondly, this is a one-click, customizable bar. When the customer agrees to the terms and conditions, the bar would be hidden automatically. This is important when all customers from the EU need to comply with your store, before making a purchase.

App URL: https://apps.shopify.com/eu-cookie-bar

#3 Shop Secure by Eggflow

Image Source

When you want to filter frauds and keep them away from your website – Shop Secure will be extremely useful. Once again, this application offers an immediate consent banner. Customers who fail to agree will not be allowed to shop from your website. Above all, they may be asked to pay a big fine. The application keeps track of customers who keep visiting your website. With this data, you will be able to improve the overall functionality of your store by leaps and bounds.

App URL: https://apps.shopify.com/shop-secure

#4 Google Customer Reviews by AdNabu

Image Source

It would be impossible to run a successful online business without the help of Google reviews. This is why this application proves to be useful. As suggested by its name, this application focuses on showing Google reviews of your business. It captures reviews and badge ratings for your business. These details can be improved and positioned to suit your business. Google Customer Reviews is an absolutely free service. This is where the search engine allows customers to provide feedback about a business. These reviews help potential customers decide if they should buy from a site or not!

Indeed, this application is necessary when you want to improve conversion rates and establish customer trust.

App URL: https://apps.shopify.com/google-customer-review-and-badge

#5 Cozy AntiTheft by Cozy eCommerce Addons

Image Source

Cozy Anti-Theft solves a very interesting problem. In this modern era, search engines like Google pay close attention to the originality of content. If your content is fake, the overall ranking of your website will drop. Just like content, the images and links in your website should be genuine. Cozy Anti-Theft ensures that the content and images in your site are never stolen. This way, you will be able to ensure that all the data mentioned in your website is authentic. You can disable right-click, and copy using this Shopify App.

App URL: https://apps.shopify.com/cozy-antitheft-for-images-and-more

#6 Rewind Backups by Rewind

Image Source

The ultimate aim of this application is to secure all your backups, created for Shopify stores. The backups are secured automatically. Unlike many other platforms, Shopify is not coded to help you recover lost content. If you are not relying on applications like Rewind Backups, you will lose all your data without any second thoughts. Fortunately, with Rewind Backups, such issues will not be faced. This application gives developers and business owners great peace of mind. Any unwanted changes in your Shopify site can be resolved with just a few clicks of a button. The app is capable of handling millions and millions of images, texts and contents seamlessly.

App URL: https://apps.shopify.com/backup

#7 TrustedSite by TrustedSite

Image Source

Just like how Google Reviews work, TrustedSite is all about increasing conversion rates and boosting trust. This application works with McAfee Secure. And, the application is absolutely free. When a customer lands on your website, they will look for factors that make your venture appear trustworthy. It is important to portray your website as a genuine platform. You can do this with the help of TrustedSite. This application issues a certificate that guarantees to every customer that your business and website are reliable. The app begins by focusing on security issues, and it also verifies important contact details.

App URL: https://apps.shopify.com/mcafee-secure

#8 Vault ‑ Premier AntiTheft by Electric Apps

Image Source

If you are aiming for another application that can prevent people from copying your content and images – consider Vault Anti-Theft. Most of the time, your rivals will want to steal information from your website. And, if you have built a stunning site with one-of-a-kind details, anyone would want to get hold of it. Images, text and content are precious to any business. After all, SEO strongly claims that content is king. However, you cannot invest all your time and effort in fixing these issues. That is why you need a professional application like Vault Anti-Theft to protect your Shopify store.

App URL: https://apps.shopify.com/vault-antitheft-protection-app

#9  B2B Verify Customers by Singleton software

Image Source

Before your customer can see the prices of your products, and consider adding items to the cart – do you wish to verify and authorize them? If yes, B2B Verify Customers is a great choice for you. With the help of this application, you will be able to design your very own B2B store. The store will be visible only to authorized customers. And, only these authorized customers will be able to place orders. The decision of approving and rejecting customers will be made by the admins. And, if a visitor tries to access your website, they will be allowed to view the content, but never make a purchase.

App URL: https://apps.shopify.com/b2b-verify-customers

#10 Locksmith by Lightward

Image Source

Last but certainly not least, you have Locksmith! This application is all about offering access control to your website. In fact, anything and everything on your website can be protected. With the help of this application, you can create locks for various customers. And, the keys will be shared with customers who can unlock the specific content! For instance, if only certain customers can receive your newsletter, you can lock it using this app. When customers with the “correct key” access your site, their option to receive newsletters will be enabled. Using this application is useful when you have different types of customers, with various levels of expertise and requirements. Of course, you can customize the locks and keys based on your business.

App URL: https://apps.shopify.com/locksmith

Conclusion

These are ten Shopify Trust and Security Applications for your business. This list doesn’t end here! You have so many other applications to help you with a well-protected and an efficient site.

When you design a Shopify website or application, you must acknowledge the fact that it has to be protected and managed safely. Trying to incorporate all of the above-mentioned features into your application or website using first-hand code – is equivalent to reinventing the wheel. Thus, save your time and effort by using these pre-designed and tested Shopify Security apps.

Additional resources on Shopify Success

  1. Ultimate Guide to Selling on Shopify
  2. How to create your first Shopify Store?
  3. How to get more traffic to your Shopify store?
  4. How to get more loyal customers to your Shopify store?
  5. How to do Conversion Rate Optimization to your shopify store?

Guest Post by AdNabu

AdNabu helps improve sales in Google Ads for eCommerce companies. If you are running search, shopping or display campaigns in Google Ads, Their software will be able to increase your sales. Sign up today for a 14-day free trial from here.

 

Shop Protector drives higher conversion rates for merchants and is the leading alternative to CAPTCHA for Shopify merchants

The Shop Protector app available on the Shopify app store is now protecting thousands of Shopify merchants from unwanted form spam while also protecting from fake account creation. With the Shop Protector solution, Shopify merchants can improve the user experience for human visitors and increase their conversion rate while taking action to prevent form spam. Additionally, Shop Protector includes a full analytics dashboard which shows site owners the level of human and suspicious traffic on their site.

Unwanted site traffic from bots is a constant source of threat and irritation for Shopify merchants. Beyond the annoyance of form spambots, competitors and other parties can use these automated programs to gather data from websites which is extremely irritating to shoppers and annoying to merchant staff that must be in a never ending battle to cleanse store forms from these spam entries which include newsletter signups, product reviews, comments, etc. Many merchants today combat this problem by forcing users to solve various Turing Tests, such as puzzles or tests where users are required to type in difficult-to-read characters–the most common method is the use of CAPTCHA—in order to prove they are human.

While partially effective, CAPTCHA-type solutions are extremely intrusive, frustrating to customers, driving lower user satisfaction and frequently becoming a barrier to completing online sales–at a real and significant cost to Shopify merchants. Shop Protector solves this problem with proprietary algorithmic models that invisibly monitors and measures user behavior patterns in the background to determine in real-time whether the behavioral characteristics of each site visitor matches historical human patterns, while specifically creating barriers for bots to post entries on any store form.

The Shop Protector solution is completely transparent and frictionless to the human store visitors. Shop Protector identifies the non-human behavior within milliseconds and goes into action to protect all store forms.  Moreover, using proprietary techniques, Shop Protector identifies non-browser spambots that are making automated HTTP requests to a form’s action and stops spam submissions from going through, allowing human customers to have an unencumbered user experience.

In short, the Shop Protector solution enables website owners to improve the user experience for legitimate human users while identifying and defending against spam bots and other malicious traffic.

The Shop Protecor technology is based on a set of proprietary algorithms, human behavior analysis, advanced risk detection and machine learning techniques. The machine learning tools allow the model to evolve and improve over time, providing highly sensitive discrimination.

The Shop Protector form protection technology was developed to solve the problems personally witnessed working with Shopify merchants that were using traditional techniques to detect bot traffic. The Shop Protector approach is unique in that it focuses on modeling human behaviors, rather than just spotting bot markers to clearly identify a human presence on the site. With the Shop Protector solution, Shopify merchants can greatly improve the user experience for human on-line shoppers by invisibly detecting spam bots and other malicious bots while eliminating the need to subject human site visitors to validation testing of any kind, which dramatically increases conversions. Shopify merchants have seen increases as high as 300% after removing CAPTCHA from their checkout using Shop Protector Plus as their sole deterrent.

Shop Protector and Shop Protector Plus can be found on the Shopify app store at https://apps.shopify.com/ellipsis-human-presence-technology

Ellipsis Technologies is beating bots at their own game in the Shopify environment

For the last few years Ellipsis Technologies has been focused on identifying and eliminating the many bot attacks in the eCommerce industry.  From simple site scraping bots to form spam to more insidious fake account creation and fraud through bot-based checkouts, each with their own method of penetration.  The bulk of the research focused on and was conducted with the extraordinary help of Shopify merchants. For the last year Ellipsis has been protecting thousands of Shopify merchants from all areas of attack with our Shop Protector suite of apps and have been humbled by the acceptance of our solutions in the Shopify community.

As anyone in the eCommerce world has experienced, bots today are increasingly being built to be more intelligent and designed to employ mechanisms that can circumnavigate many security and platform protocols. All of these attacks with all levels of sophistication cause costly problems for merchants who must deal with each attack individually.

Simple form spam attacks for example can create hundreds of posts within Comment Forms, Product Review Forms and Email Submission Forms creating havoc for real customers who must navigate through these fake submissions or more often, just give up.   These submissions also cost merchants in the form of merchant staff spending countless hours eliminating these submissions on a daily basis. Ellipsis dealt with this issue first and is now successfully protecting thousands of Shopify stores worldwide.

Most recently, Ellipsis has been focused on protecting merchants from bot-based checkouts which most commonly occur during flash sales and limited inventory events. The bots in this arena are extremely sophisticated and have developed a number of workarounds and exploits to game the system.  While some solutions have attempted to solve this issue, the more sophisticated bots can actually skip the store and checkout protocols altogether, effectively bypassing these solutions together and giving them an overwhelming advantage over true human customers during the limited window of inventory availability.  These tactics are extremely effective and frustrate your loyal human customers at every turn which greatly affects return buyers. The Ellipsis Shop Protector Plus app is the only available Shopify option which allows Shopify merchants to control the playing field by completely protecting their checkout.  Additionally. Shop Protector Plus allows the merchant to have total control as to the level of protection they need through a number of optional features.  Some of the critical configurable options are:

 

  • Checkout Protection
  • Reduce Bot-based Fraud
  • Configurable Rules for Auto-mitigation
  • Bulk Cancel Orders
  • Better Order Insights

 

Both the Shop Protector and Shop Protector Plus solutions are available in the Shopify app store( https://apps.shopify.com/ellipsis-human-presence-technology ) with our technical service team available to assist if needed.   All Shop Protector apps come up with a free 14 day trial.

Using human behavior analysis to help e-commerce sites fight form spam

By Bill West
Worldwide e-commerce sales were estimated to exceed $2.842 trillion in 2018, which is over double the amount as recently as 2015, and it will continue to grow as e-commerce sales are forecasted to be $4.87 trillion in 2021, according to industry reports. With this growth comes increased visibility. Subsequently, the e-commerce community has become a common target for malicious hackers, led in large part by a host of spambots.
Today, bots constitute almost half of all web traffic. A good portion of bot traffic, however, is in the category of “good bots,” which include search engine bots as well as bots that perform monitoring functions and other essential tasks. That leaves more than 20 percent of web traffic belonging to “bad bots.” Bad bots can do malicious harm to a web business through distributed denial of service (DDoS) attacks, data theft, site scraping, or just annoying spam attacks.
These bots are designed to bypass and evade even the most advanced detection techniques, and their rapid evolution puts most traditional web security solutions at a disadvantage. Simply put, they are outpacing the technology used to protect against them.
There are several ways bots can have damaging effects on an e-commerce business:
  • Site scraping of product listing details and pricing
  • Click fraud to increase digital ad spending
  • Fake account creation where these accounts inundate the site with new user registrations
  • Form spam, which are bot submissions both in and out of a browser to your contact form, newsletter signup, and other forms on your site.

 

Form spam is often considered one of the most frustrating issues web owners deal with on a daily basis and it’s a drain on time and resources. Form spam bots submit unwanted information over and over again, continually gaining traction until it breaches your security measures. They are often very difficult to eradicate.
Some of the unwanted data submissions involve advertisements, links to product offers, phishing URLs used to steal your information, and other types of links. Spammers work diligently to create bots that automatically seek out web forms for the purpose of transmitting unwanted and often malicious information. These form spam submissions proliferate throughout a company’s email system in order to generate traffic and ad revenue or direct people to phishing sites that collect personal information for criminal use.
In order to combat these form spam bots, websites often employ a series of textual or picture quizzes to the user submitting the form such as a CAPTCHA. These tests may require a user to type in a set of letters and numbers or click on a set of pictures that are of a specific thing, like a storefront or a street sign. CAPTCHAs are somewhat effective for standard bots, but they are annoying to website visitors and often lead to abandoned shopping experiences and decreased site sales.
Research has shown that a large percentage of prospective buyers depart a site immediately upon being presented with a CAPTCHA, and as many as 40 percent fail on the first attempt. This degrades the customer experience, stopping prospective customers before they can complete a transaction. In addition, bots are evolving to the point where these measures are becoming obsolete and ineffective.
Unlike other bot security detection and mitigation services, my firm, Ellipsis Technologies, utilizes an approach that maps natural, organic movements and applies that logic to all future site visits to determine if a site visitor is exhibiting human behavioral characteristics or not. We call it The Human Presence™, and it’s based on human behavior analysis, proprietary algorithms, and machine learning techniques. The machine learning tools allow our application to evolve and improve over time, providing highly sensitive discrimination between human and bot behaviors.
Unlike a CAPTCHA, The Human Presence works in the background, is totally invisible to site visitors, and requires no interaction or response at all, allowing site visitors to shop without encumbrance.
Our technology identifies non-human behavior within milliseconds, allowing the site operator to choose how to respond to suspicious traffic. For instance, the site operator can let human visitors continue on the site without interference, while choosing to automatically test the suspected non-human site visitors with additional verification steps such as a CAPTCHA or routing the bots elsewhere.
In short, the goal is to improve the user experience for legitimate human site visitors while identifying and defending against spambots and other malicious traffic.

Ellipsis Technologies Announces Solution for Shopify Form Spam

Greenville, SC, May 1, 2017–Ellipsis Technologies announces today the release of their Shopify app focused on combating form spam in the Shopify eCommerce environment. The Ellipsis Technologies Human Presence™ app is now available on the Shopify app store: https://apps.shopify.com/ellipsis-human-presence-technology. The app is a web security software technology that enables website owners to validate the presence of human visitors to their sites while flagging and deflecting traffic from automated, and often malicious, “bots.” With the Human Presence™ solution, Shopify users can improve the user experience for human visitors while taking action to prevent form spam and can optionally use the Human Presence API to also prevent site scraping, click fraud and other malicious activity from bots as well.

Unwanted site traffic from bots is a constant source of threat and irritation for eCommerce site owners and operators. Beyond the annoyance of form spambots, competitors and other parties can use these automated programs to gather data from websites, often overwhelming servers with non-human traffic. Many websites today combat this problem by forcing users to solve various Turing Tests, such as puzzles or tests where users are required to type in difficult-to-read characters–collectively referred to as CAPTCHAs–in order to prove they are human.

While partially effective, CAPTCHA-type solutions are intrusive, frustrating customers, decreasing user satisfaction and frequently becoming a barrier to completing online sales–at a real and significant cost to website owners. Human Presence™ solves this problem with proprietary algorithmic models that monitor and measure user behavior patterns in the background to determine in real-time whether the behavioral characteristics of each site visitor matches historical human patterns.

The Human Presence™ solution is completely transparent and frictionless to the site visitor. Human Presence™ identifies the non-human behavior within milliseconds, providing a tool which allows the site operator to choose how to respond to suspicious traffic. For instance, the site operator can allow human visitors to proceed without interference, while choosing to automatically test the suspected non-human site visitors with additional verification steps such as a CAPTCHA. Moreover, using proprietary Ellipsis techniques, Human Presence™ identifies non-browser spambots that are making automated HTTP requests to a form’s action, providing customers of Shopify site owners to have an unencumbered user experience.

In short, The Human Presence™ solution enables website owners to improve the user experience for legitimate human users while identifying and defending against spambots and other malicious traffic.

The Human Presence™ technology is based on a set of proprietary algorithms, human behavior analysis, advanced risk detection and machine learning techniques. The machine learning tools allow the Human Presence™ model to evolve and improve over time, providing highly sensitive discrimination between human and bot behaviors and visitors.

As Ellipsis CEO Bill West explains: “We developed the Human Presence™ technology to solve the problems we had personally experienced in our other businesses using traditional techniques to detect bot traffic. Our approach is unique in that it focuses on modeling human behaviors, rather than just spotting bot markers, to clearly identify a human presence on the site. With the Human Presence™ solution, we can greatly improve the user experience for human on-line shoppers by invisibly detecting spambots and other malicious bots while eliminating the need to subject human site visitors to validation testing of any kind.”

For more information please contact Ellipsis at info@ellipsistech.io or visit the Ellipsis website at www.ellipsistech.io.

About Ellipsis Technologies:

Ellipsis is a software technology company headquartered in Greenville, South Carolina that has developed a proprietary web security technology, Human Presence™, which allows a website owner to invisibly detect human site visitors while quarantining all suspicious visitors or bots.

Ellipsis is also in development of individual human identification technology with use cases in access management and control, seat license compliance and as a data source for academic and military projects involving cognitive aging and traumatic brain injury studies.

About Shopify:

Shopify is a Canadian eCommerce company headquartered in Ottawa, Ontario that develops computer software for online stores and retail point-of-sale systems. Shopify was founded in 2004.

Ellipsis Case Study by Kopis

 

CAPTCHA-like tests are annoying, frustrating and costly to online businesses. At Ellipsis, we’re changing the game with our proprietary web security technology that invisibly verifies human site visitors while protecting against harmful bots.

Ellipsis Case Study: http://www.kopisusa.com/case-studies/ellipsis/

ReBreakCaptcha: Hacking Google’s reCAPTCHA

East-EE, a security researcher, has discovered that Google’s reCAPTCHA is susceptible to a robot attack that leverages its own speech recognition service.

In 2016, another team of security researchers from Columbia University, identified flaws in the technology that would enable hackers to influence the risk analysis, bypass restrictions, and deploy large-scale attacks. Source.

East-EE posted a proof-of-concept script of the hack on GitHub. Using the Python programming language which enables an attacker to automatically bypass reCAPTCHA fields used to protect websites from spam and bot traffic. ReBreakCaptcha works in three stages, which you can find on East-EE’s blog.

 

19% of shoppers would abandon a retailer that’s been hacked

Survey also shows majority of retailers haven’t invested in cybersecurity in the past year

By

Nearly a fifth of shoppers would avoid at a retailer that has been a victim of a cybersecurity hack, according to a survey.

The 2016 KPMG Consumer Loss Barometer report surveyed 448 consumers in the U.S. and found that 19% would abandon a retailer entirely over a hack. Another 33% said that fears their personal information would be exposed would keep them from shopping at the breached retailer for more than three months.

The study also looked at 100 cybersecurity executives and found that 55% said they haven’t spent money on cybersecurity in the past yearand 42% said their company didn’t have a leader in charge of information security.

Those responses confirmed worries that retailers are falling behind other industries like financial services and technology on cybersecurity issues.

“There is a lot at stake here for retailers,” Mark Larson, KPMG business leader for consumer markets, said in a statement. “Retailers that don’t make cybersecurity a strategic imperative are taking a big gamble.”

Tony Buffomante, cybersecurity leader for KPMG, said many retailers are not doing enough to protect their businesses from cyberattacks or react to them when they do occur. Paying more attention to cybersecurity could help their businesses, he added.

The survey results, posted Tuesday online, found that retail and automotive industries were laggards in appointing leaders to assess cyberthreats and opportunities. The financial services and tech industries were leaders.

Cyberattacks were also called “rampant” in the survey, showing that retail executives reported the most malware and internal and botnet attacks of the four industries (financial services, tech, retail and automotive).

KPMG advised companies to think about cybersecurity less as an IT-managed risk and more as a strategy issue. “Branding, loyalty, sales, overall customer relationships and business agility all hang in the balance,” KPMG said.

The survey findings and KPMG’s conclusions echo other surveys and comments by analysts who have called on businesses generally to focus more squarely on cybersecurity protections.

Original: www.computerworld.com/article/3111447/cybercrime-hacking/19-shoppers-would-abandon-a-retailer-thats-been-hacked.html