Obsessed with B2B marketing? You should be a PRO member! Join now at 25% off (or 50% off for teams).
Listen
NEW! Listen to article

As a product chief information security officer (CISO), I am often plotting with our digital marketing leaders against a common enemy: bot traffic.

Not long ago, bots were something that only the security team worried about. But the growth of e-commerce and digital experiences has resulted in bots' stealing revenue and scrambling the data analytics that marketers rely on. Today, we're fighting the same fight.

Marketers shouldn't have to be bot experts. But bots' impact on customer acquisition, retention, loyalty, and revenue means marketers can't sit on the sidelines either.

Bots aren't just a consumer app problem. As a software-as-a-service (SaaS) company ourselves, we've experienced firsthand how bots can affect free trials and form fills.

I'd like to give B2B marketers three practical tips for working with Security on a bot detection strategy aimed at SaaS companies. They revolve around a discipline called customer identity, wherein anonymous users become identified customers—the perfect place to sniff out a bot. Marketers might call it their login box.

1. Understand how bots affect marketing

Bots are pieces of software programmed to automatically execute a specific task. In relation to the marketing funnel, attackers use bots (often arrayed into networks known as "botnets") to create fake accounts or take over existing ones.

Bots are responsible for around 23% of all sign-up attempts—up from 15% in 2021, according to Okta's 2022 State of Secure Identity report. There were another 10 billion attempts to take over existing accounts using a method called "credential stuffing," wherein bots automatically inject stolen credentials into login forms.

The motivations for bot attacks are typically financial. In other words, bots go where the money is. Marketing tactics such as sign-up promotions, limited-edition product launches, loyalty programs that accumulate points in an account, and even free trials of SaaS products can all attract unwanted bot traffic.

Malicious bots can be deployed for DDoS attacks, credit card fraud, credential stuffing, and Web/data scraping. They can also scan and crawl through social media, forums, and websites to find personal information about users in a process called intelligence harvesting. Bots can be used to send spam messages, and they can use ads or hyperlinks on websites to track users.

Despite all that, marketers still need to run their marketing campaigns. But if they don't filter out bot traffic, it can artificially inflate subscriber numbers and skew other customer data. The last thing you want as a marketing leader is to waste budget on customers that don't exist—or frustrate legitimate ones that expect a more personalized experience.

Bots aren't scary in and of themselves. There are legitimate use cases for bots—content aggregation, trawling for SEO purposes, etc.—and the security community has developed tools to detect and block suspicious bot activity in the sign-up and sign-in flows.

Enter your email address to continue reading

The Fight Against Bot Traffic: Three Ways Marketing and Security Can Partner

Don't worry...it's free!

Already a member? Sign in now.

Sign in with your preferred account, below.

Did you like this article?
Know someone who would enjoy it too? Share with your friends, free of charge, no sign up required! Simply share this link, and they will get instant access…
  • Copy Link

  • Email

  • Twitter

  • Facebook

  • Pinterest

  • Linkedin

  • AI


ABOUT THE AUTHOR

image of Jameeka Green Aaron

Jameeka Green Aaron is the chief information security officer of customer identity at Okta. She is responsible for the holistic security and compliance of Okta Customer Identity Cloud.

LinkedIn: Jameeka Green Aaron, CISSP