Don’t Let Digital Grinches Hijack Your Holiday Shoppers
Retailers have plenty of questions on their minds during the holiday shopping season. What will post-pandemic consumer spending look like? What effect will inventory levels and inflation have on profit margins? Will flagging consumer confidence impact brand loyalty? But there’s another crucial question you should be asking: What are the chances that “digital Grinches” will try to hijack your customer’s online shopping journey?
The numbers are concerning. Our research at Akamai has shown that, since 2020, up to 15 percent of e-commerce customers have had their shopping experience disrupted — or worse, diverted to malicious websites — through audience hijacking. In a recent study by studioID, 82 percent of online retail executives said audience hijacking presents a major challenge for their organization, resulting in lost revenue, reduced marketing return on investment, diminished customer loyalty, among other potential impacts.
The Multiple Threats Posed by Audience Hijacking
In a growing trend, third parties are injecting JavaScript into e-commerce sites through browser extensions and plug-ins to cause a variety of unwanted actions that can impact revenue, including:
- Affiliate fraud: Abusers of an affiliate program inject an inline frame (iframe) onto an e-commerce site while a visitor is shopping. The iframe loads a fraudulent referral ID into the URL and a third party takes credit for affiliate sales they didn’t generate. This can cost a targeted website millions in fraudulent payments. Affiliate fraud has become a major issue. In the StudioID study, 49 percent of respondents stated affiliate fraud posed a significant problem at their organization, while 18 percent called it a severe problem.
- Malicious and unauthorized ad injection: Unauthorized ads or notifications injected onto a site page entice the visitor to click on the ad, diverting the visitor to another site. These ads may present adult content and can also be malicious, designed to skim sensitive information when a user navigates to the linked site. Whether merely disruptive or malicious, unauthorized ads can harm site visitors and severely damage brand reputation and customer trust.
- Price comparison: These are extensions purpose-built to distract and then divert shoppers away from a brand over to its competition based on the lowest cost for an item. The extensions scan other online retailer sites for lower prices on similar products or services the shopper is viewing. With fierce competition and heavy discounting, this could have a devastating impact on established brands vying for the attention of budget-conscious holiday shoppers.
- Coupon extensions: Extensions that scan for coupon or discount codes to offer consumers on a retailer’s site can be beneficial for converting browsing shoppers into buyers. However, these extensions can make a discount more widely available than the retailer intended — e.g., offering a discount intended for students to nonstudents. That can increase the discount burden and erode revenue. While coupon extension providers like Honey, Amazon Assistant, and Ibotta can help drive website traffic, many retailers desire the ability to control the user’s end-to-end journey once they've landed on a particular product page.
Retailers Need More Client-Side Visibility to Stay Ahead
One reason audience hijacking continues to grow is that many retailers lack visibility into how these extensions, plug-ins and pop-ups are impacting their customers’ online sessions and conversion funnels. In a hypercompetitive retail environment, it’s critical for retailers to gain visibility and control over in-browser behaviors in real time. Using purpose-built technologies designed to combat audience hijacking tactics can enable retailers to set granular policies for identifying and blocking suspicious behavior at the extension level. Retailers can also leverage A/B testing capabilities to improve conversion rates — while blocking malicious or unwanted extension activity.
To be clear, no one is suggesting that brands try to control what extensions their visitors choose to enable on their browsers. In fact, brands can control their own site experience by managing extensions and other distractions directly, without even knowing what extensions consumers have installed. Consumers can shop freely with their chosen extensions while being protected from malicious ads and skimming, and retailers can protect their brands and customer experience.
With the bottom line on the line this holiday season, retailers can't afford to lose consumers mid-funnel due to audience hijacking tactics. With the right technology strategy, you can send the digital Grinches packing before they have a chance to steal your customers.
Patrick Sullivan is chief technology officer, security strategy, at Akamai, the leading content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.
Related story: Audience Hijacking: How to Prevent Your Online Customers From Being Shoplifted
In his 12 years at Akamai, Patrick Sullivan has held a number of leadership positions including leading the Enterprise Security Architect team. Sullivan and his team work with customers when they come under attack and designs security architectures to protect them from threats. In the course of helping to fend off attacks, he has gained visibility into attacks targeting many of the top Enterprises. With his ability to see Security issues as a critical component of a client’s business strategy, Sullivan often speaks at security events and with clients around the world. Prior to Akamai, Sullivan held various leadership positions at DISA, AT&T, Savvis, and Cable and Wireless.