Good Bots vs. Bad Bots: How to Tell the Difference
“Even if you haven’t realized it yet, bots are everywhere,” wrote Chris Messina last year in an article heralding the bot revolution. “Bots have the potential to save us time, hassle, and tedium by automating mundane tasks, like gathering your team’s lunch preferences or building a travel itinerary, which could typically eat up hours of your time.”
But not all bots are created equal.
As good bots grow their powers in making our lives easier, their evil counterparts are also growing stronger — getting better and better at spamming, scraping, and faking.
Here’s what you need to know about good bots and bad bots and how to tell the difference.
The Good Bots
Copyright Bots
These bots search the web for content that’s potentially been plagiarized. Think: Illegal uploads, copying someone else’s work without proper attribution, or other improper use of proprietary content. According to the Electronic Frontier Foundation, these bots are commonly used within the realm of social media, especially where original content creation is a major part of the platform’s use. One prime example is YouTube’s Content ID, which is assigned to copyright owners on the network.
Data Bots
According to eZanga, data bots are those that provide up-to-the-minute information on things like news, weather, and currency rates. With that criteria, tools like Amazon Echo, Google Home, and Siri could be classified as data bots — especially since eZanga also calls these “media” bots. However, one technology developer, Botler, classifies one of its products as a data bot — “a new way to quickly store and access info that is important.” Its primary use, it appears, is for the academic sector, as it allows course information to be easily shared between students and faculty.
Spider Bots
Think about what a spider does — it crawls. Search engines do the same thing, by crawling the web’s content to produce query results, and using spider bots to do so. Google, for example, has its very own Googlebot, which uses the constantly-evolving Google algorithm to determine which sites to crawl.
Trader Bots
These bots might be my favorite. They’re the ones that crawl the web to help you find the best deals on something you might be looking to buy online. eZanga notes that these bots are used by consumers and retailers alike — for the latter, the biggest advantage is their ability to “help inch out the competitor by posting a better price.”
As for the consumer, these bots come to mind with tools like Honey, a browser extension that automatically presents coupons and discount codes when you’re about to initiate a site’s checkout process. Here’s how it works on Amazon, for example:
The Bad Bots
Click Bots
Each year, Incapsula publishes a Bot Traffic Report, which measures and analyzes the website traffic generated by bots. And in 2016, bad bots accounted for 28.9% of that traffic — outnumbering the good bots by 6%.
One of those bad bots is often found to be the click bot — the kind that fraudulently click on ads, causing data reported to advertisers to be skewed. But not only does that result in misinformation for marketers, but if you’re using pay-per-click (PPC) campaigns, those clicks add up to wasted dollars on fake visits that didn’t even come from humans, let alone your audience.
Download Bots
Similar to click bots, download bots also fraudulently game engagement data, but for download counts, instead of website visits. If it sounds familiar, it might be because of a 2012 incident involving Apple, in which many iPhone app developers were using “third-party advertising services guaranteeing top rankings,” according to AdWeek.
Imposter Bots
It’s easy to confuse imposter bots with click bots, since the former work by “masking themselves as legitimate visitors,” according to the Incapsula report. But the intention of imposter bots is much more malicious than generating a false clickcount. Instead, their purpose is to bypass online security measures. And of the aforementioned traffic generated in 2016 by bad bots, imposter bots accounted for over 84% of it.
Imposter bots are often the culprit behind distributed denial of service (DDoS) attacks — in fact, you might recall a day in October 2016 when it seemed like half of the internet, including Twitter, stopped working. That was a DDoS attack, and an imposter bot dubbed Mirai was responsible for it.
Scraper Bots
Web scrapers achieve the opposite effect as copyright bots. Rather than protecting proprietary content, scraper bots are designed to steal and repurpose it elsewhere, often unbeknownst to its owner.
Spam Bots
You would think that spam bots (often spelled “spambot”) have been around long enough that they would have become a thing of the past, like VCRs and the plague. But it seems that they’re just getting smarter, and finding new ways to permeate our lives.
These are the bots that basically distribute “spammy” content like unwarranted emails, or senseless comments on articles and blog posts. More recently, you’ve probably come across them on social media — one 2015 study found that nearly 8% of Instagram accounts, for example, are actually spambots.
It’s worth noting that in 2014, Instagram made efforts to purge the network of millions of spam accounts — but people were less than thrilled about it. Even if they weren’t “real,” it seems that many Instagram users were upset to see their followings drastically shrink.
Spy Bots
Have you ever received an email from a complete stranger, and wondered how that person got your contact information? Maybe the sender got it from someone you know, or is just particularly good at research. But it also might be the work of a spy bot, which is the kind that mines data about individuals (or businesses) and often sells it.
Zombie Bots
Contrary to what the name might suggest, zombie bots don’t try to eat humans. Rather, they’re the kind that find a way to permeate your computer’s security system, but then they take it a step further than imposter bots — once they gain access, they operate in the background, often using your computer to transmit viruses and other malware.
It might begin with one machine, but often this type of bot activity leads to an “army” of zombie bots — a.k.a. a “botnet” — which Cloudbric describes as “a network of zombified sites [that] receive commands from the head zombie, who is likely a spammer, a hacker, or a mercenary.” Many times, the motivation behind this is financial, as these “head zombies” have been known to sell this type of hacked computer access to others, allowing them to use it for similarly malicious distribution.
But Don’t Be Afraid
As bots get better at making our lives easier, you can be sure their evil counterparts will be working just as hard to make our lives more inconvenient.
First, be aware that the bad bots are out there, know how they work, and don’t be charmed by high numbers of spam bot followers.
Second, try to prevent bad bot attacks before they start. Always make sure your antivirus software is up-to-date, always make sure all software is up-to-date for that matter, and use good passwords.
May the good bots be with you.
Click the 💚 to help others find this article.
A version of this post was first published on the HubSpot Marketing Blog.
