Asger Risom
Black Friday traffic used to be defined by long lines and crowded stores. Today, the chaos has moved online — and much of it is now driven by AI.
Black Friday traffic used to be defined by long lines and crowded stores. Today, the chaos has moved online — and much of it is now driven by AI. Retailers are facing a wave of automated bots that can outmaneuver human shoppers in milliseconds, while consumers turning to AI shopping assistants may be exposing themselves to new digital risks they don’t fully understand.
AI is helping bots overwhelm retailers
For years, bad bots have scraped prices, grabbed limited-stock items, and tested stolen passwords. But researchers say the 2025 shopping season marks a turning point: those bots have become faster, more adaptable, and far better at imitating real customers.
According to Imperva’s 2025 Bad Bot Report, a third of all retail web traffic now comes from malicious bots, and more than half of all internet activity overall is machine-generated. AI-driven bots account for nearly 60% of bot traffic, overwhelming retailers with activity that is nearly impossible to distinguish from real shoppers.
Between April and September 2024, retail websites faced more than half a million automated attacks per day.
These attacks have two major effects: they wipe out inventory before human shoppers can react, and they make customer accounts more vulnerable to takeover attempts.
Grinch bots are evolving — and harder than ever to stop
The most visible threat is the “grinch bot,” software that buys up high-demand products the moment they appear online. These bots now use residential IP addresses to blend in, solve CAPTCHAs with AI, and complete full checkout flows in milliseconds.
“They solve CAPTCHAs with AI — and the result is that people can’t buy what they need,” said Shaila Rana, a cybersecurity professor at Purdue Global. Resale markets then flip the items at steep markups.
Tim Burke, CEO of Quest Technology Management, said bots are increasingly skipping webpages altogether and attacking retailers’ APIs directly. “By the time a retailer becomes aware of what’s happening, the products are already sold through resale channels,” he said.
Credential-stuffing attacks spike during shopping season
Bots aren’t just buying products — they’re breaking into customer accounts at scale.
Credential stuffing is an automated attack that tests stolen usernames and passwords from old breaches across hundreds of retail sites. Because many shoppers reuse passwords, especially during busy sales periods, attackers often get in.
Once inside, criminals can make purchases using saved cards, drain loyalty points, reroute packages, or lock victims out entirely.
Former FBI cyber agents André McGregor and Jason Truppi say credential attacks now make up more than 30% of the threats retailers face. During Black Friday, these attacks blend in with normal holiday traffic, making them harder to detect.
Burke warns that bots are increasingly mixing automated scripts with full account-takeover tactics. “Attackers use compromised customer accounts to make orders that look legitimate,” he said, then move goods through resale or return-fraud schemes.
A new problem: shoppers using AI agents to hunt for deals
A growing number of tech-savvy shoppers are trying out AI shopping agents — browsers that compare prices, apply coupons, and even make purchases automatically. But these agents introduce a new set of risks.
Researchers at DataDome say most major retailers cannot reliably distinguish between legitimate customers using AI agents and malicious bots that behave the same way. A study of 11 e-commerce sites showed 64% were unable to detect large-scale fake account creation, and one-third had no multi-factor authentication in place.
Security researcher Jerome Segura warns that this gap creates an opportunity for attackers to hide inside the same traffic patterns as AI shoppers.
And some AI browsers may already be vulnerable. David Mytton, founder of Arcjet, advised consumers not to store credit card information in these new tools. “They’re interesting to play with, but don’t add your credit card details,” he said.
Hackers are embedding hidden instructions for AI agents
One of the most concerning developments is the rise of “hidden prompt injection,” where harmful instructions are buried inside webpages — invisible to humans but readable by AI agents.
Instructions can be placed in white text on a white background, inside metadata, or even embedded in an image. If an AI shopper reads the page, it may follow the instruction automatically.
An AI agent could unknowingly:
• buy multiple items
• send purchases to an attacker’s address
• autofill and submit personal information
• leak stored passwords
• reveal email, address, and payment details
“These browsers may do things you don’t understand,” Mytton said. “It’s going to be very untrustworthy.”
How shoppers can protect themselves
Experts say that while threats are growing, most users can dramatically reduce their risks with basic digital hygiene. Recommendations include:
• using a unique password for every retailer
• enabling multi-factor authentication whenever possible
• checking for breached credentials on services like HaveIBeenPwned
• monitoring accounts closely during and after Black Friday
• manually typing URLs instead of clicking ads or links
These steps won’t stop bots from hoarding inventory, but they can prevent small security mistakes from becoming full account takeovers.
As AI continues to reshape holiday shopping — for both retailers and attackers — experts say consumers should approach new tools and too-good-to-be-true deals with the same caution they would bring to any crowded, chaotic environment. After all, Black Friday may have moved online, but the risks have only grown.
