Home Featured Bots: How to Distinguish the Good from the Harmful Bots

Bots: How to Distinguish the Good from the Harmful Bots

Get started on your cybersecurity degree at American Military University.

By Susan Hoffman
Contributor, InCyberDefense

Bots – also known as robots or programs built to perform automated tasks online — serve a host of different purposes. For example, they help determine your site’s ranking on Google or other search engines. Other bots fetch data for digital marketing tools or provide interactive messaging when you visit a website.

In addition, some bots are used to communicate with customers. Rob Mathison of Hootsuite notes that Facebook messenger bots are commonly used to provide helpful information about travel, news and weather.

But other bots are not so harmless. For example, a hacker may create a bot for a Distributed Denial of Service (DDoS) attack to force a website to crash. According to Russell Brandon of The Verge, bots have also appeared on social media sites like Twitter to interfere with the appearance of news stories and influence politics by promoting false stories.

In addition, some malicious bots act as malware. For example, they can record keystrokes, collect private passwords and relay spam.

According to a 2016 article by SiteLock’s Lauren Papagalos, bots can also scrape content from your website and publish it on another site without your permission. Search engines such as Google don’t like duplicated content and could penalize your website for it. That hurts your website’s ranking on a search engine results page and makes it more difficult for customers to find your site.

How to Detect Bots and What to Do about Them

Some bots are fairly easy to detect. When you tweet to another Twitter account that is a bot, for example, that account sends an automated message to you. If that Twitter account only talks about one topic or doesn’t communicate with other Twitter users in a conversation, that lack of social interaction indicates that the account uses a bot.

Other bots are more challenging to detect. To help Twitter users, Northeastern University and Indiana University researchers created Botometer. This tool analyzes Twitter users and calculates the possibility of whether or not a human operates that account.

Web analytics tools can also differentiate between bots and actual visitors. French bot detection company Datadome notes that a tool such as Google Analytics can exclude bots to increase the accuracy of its analytics data.

There are three useful ways to protect yourself from harmful bots. First, closely monitor your website traffic for unusual activity such as slower performance. Second, watch for bots that ask for private information such as credit card numbers or try to direct you to a link that leads to a malware site. Third, ensure that your security software receives regular patches so it remains as up to date as possible.