Navigating the web these days can make a person feel like Dorothy from The Wizard of Oz.
There’s so much to be seen here that — until somewhat recently — was fairly unheard of. And we don’t know what’s good or bad. It’s as if we’re constantly coming across a new cast of characters and are forced to ask, “Are you a good witch, or a bad witch?”
Replace the word “witch” with “bot,” and you might be summing up the modern digital landscape. There’s a lot of talk about AI, but it can be confusing. Is it helpful, or harmful? Is it going to make us better at our jobs, or take them away from us? And these bots of which we’re constantly speaking — which are good, and which are bad?
As it turns out, there are ways of distinguishing them. It requires a bit of a discerning eye, but you certainly don’t need to be an expert — you just need the right information. So, without further ado, allow us to present our tips for distinguishing good bots from bad bots.
Good Bots vs. Bad Bots
The Good Bots
These bots search the web for content that’s potentially been plagiarized. Think: Illegal uploads, copying someone else’s work without proper attribution, or other improper use of proprietary content. According to the Electronic Frontier Foundation, these bots are commonly used within the realm of social media, especially where original content creation is a major part of the platform’s use. One prime example is YouTube’s Content ID, which is assigned to copyright owners on the network.
According to eZanga, data bots are those that provide up-to-the-minute information on things like news, weather, and currency rates. With that criteria, tools like Amazon Echo, Google Home, and Siri could be classified as data bots — especially since eZanga also calls these “media” bots. However, one technology developer, Botler, classifies one of its products as a data bot — “a new way to quickly store and access info that is important.” Its primary use, it appears, is for the academic sector, as it allows course information to be easily shared between students and faculty.
Think about what a spider does — it crawls. Search engines do the same thing, by crawling the web’s content to produce query results, and using spider bots to do so. Google, for example, has its very own Googlebot, which uses the constantly-evolving Google algorithm to determine which sites to crawl.
These days, spider bots aren’t limited to search engines. The Siemens Robotics Lab, for example, has developed spider-shaped robots that combine the ability to autonomously perform physical tasks with information-crawling capabilities. How does that work, exactly? Siemens Research Scientist Hasan Sinan Bank explains:
The robots use onboard cameras as well as a laser scanner to interpret their immediate environment. Knowing the range of its 3D-printer arm, each robot autonomously works out which part of an area – regardless of whether the area is flat or curved – it can cover, while other robots use the same technique to cover adjacent areas.”
These bots might be my favorite. They’re the ones that crawl the web to help you find the best deals on something you might be looking to buy online. eZanga notes that these bots are used by consumers and retailers alike — for the latter, the biggest advantage is their ability to “help inch out the competitor by posting a better price.”
As for the consumer, these bots come to mind with tools like Honey: A browser extension that automatically presents coupons and discount codes when you’re about to initiate a site’s checkout process. Here’s how it works on Amazon, for example:
The Bad Bots
Each year, Incapsula publishes a Bot Traffic Report, which measures and analyzes the website traffic generated by bots. And in 2016, bad bots accounted for 28.9% of that traffic — outnumbering the good bots by 6%.
One of those bad bots is often found to be the click bot — the kind that fraudulently click on ads, causing data reported to advertisers to be skewed. But not only does that result in misinformation for marketers, but if you’re using pay-per-click (PPC) campaigns, those clicks add up to wasted dollars on fake visits that didn’t even come from humans, let alone your audience.
Similar to click bots, download bots also fraudulently game engagement data, but for download counts, instead of website visits. If it sounds familiar, it might be because of a 2012 incident involving Apple, in which many iPhone app developers were using “third-party advertising services guaranteeing top rankings,” according to AdWeek.
It’s easy to confuse imposter bots with click bots, since the former work by “masking themselves as legitimate visitors,” according to the Incapsula report. But the intention of imposter bots is much more malicious than generating a false clickcount. Instead, their purpose is to bypass online security measures. And of the aforementioned traffic generated in 2016 by bad bots, imposter bots accounted for over 84% of it. They’re often the culprit behind distributed denial of service (DDoS) attacks — in fact, you might recall a day in October 2016 when it seemed like half of the internet, including Twitter, stopped working. That was a DDoS attack, and an imposter bot dubbed Mirai was responsible for it.
Web scrapers achieve the opposite effect as copyright bots. Rather than protecting proprietary content, scraper bots are designed to steal and repurpose it elsewhere, often unbeknownst to its owner.
You would think that spam bots (often spelled “spambot”) have been around long enough that they would have become a thing of the past, like VCRs and the plague. But it seems that they’re just getting smarter, and finding new ways to permeate our lives.
These are the bots that basically distribute “spammy” content like unwarranted emails, or senseless comments on articles and blog posts. More recently, you’ve probably come across them on social media — one 2015 study found that nearly 8% of Instagram accounts, for example, are actually spambots.
It’s worth noting that in 2014, Instagram made efforts to purge the network of millions of spam accounts — but people were less than thrilled about it. Even if they weren’t “real,” it seems that many Instagram users were upset to see their followings drastically shrink.
Have you ever received an email from a complete stranger, and wondered how that person got your contact information? Maybe the sender got it from someone you know, or is just particularly good at research.
But it also might be the work of a spy bot, which is the kind that mines data about individuals (or businesses) and often sells it. There’s a reason, after all, why the HubSpot Email Marketing Software prohibits the use of purchased or third-party lists. Emailing people who didn’t ask or expect to be contacted by you completely contradicts the inbound methodology.
Contrary to what the name might suggest, zombie bots don’t try to eat humans. Rather, they’re the kind that find a way to permeate your computer’s security system, but take it a step further than imposter bots — once they gain access, they operate in the background, often using your computer to transmit viruses and other malware.
It might begin with one machine, but often this type of bot activity leads to an “army” of zombie bots — a.k.a. a “botnet” — which Cloudbric describes as “a network of zombified sites [that] receive commands from the head zombie, who is likely a spammer, a hacker, or a mercenary.” Many times, the motivation behind this is financial, as these “head zombies” have been known to sell this type of hacked computer access to others, allowing them to use it for similarly malicious distribution.
But Don’t Be Afraid
As terrifying as some of these bad bots might sound, don’t let them scare you — there are ways to prevent them from encroaching on your content and technology.
First, awareness is a good first step. Now that you’ve reviewed the different types of bots out there, you might be able to more easily recognize any potentially harmful activity. It’s always better to be safe than sorry, and if you suspect any malicious bot activity, let your network administrator know as soon as possible.
But try to prevent these attacks before they can even start. Always make sure your antivirus software is up-to-date, and learn more about the security protocols available for your iOS, web hosting platform, or internet service provider.
What other bots should marketers be aware of? Let us know in the comments.