A global online dating company that serves 35 million members in over 50 countries. The company is a market leader and its mobile app is one of the App Store’s top 50 grossing apps.
The company was facing large-scale credential stuffing attacks in 2016. Credential stuffing is an attack in which bad actors take credentials that have been stolen from third parties and test them en masse via automation on the target site. Because users reuse passwords across online services, on average, 0.5%–2% of a credential list will be valid on a target site.
Bad actors were launching sophisticated credential stuffing attacks on both the website and mobile app, leading to numerous account takeovers. Once accounts were successfully taken over, attackers would conduct catfishing and spamming schemes. Not only did these attacks degrade user trust, but they also incurred a substantial cost for the customer service team.
In 2016, the company evaluated a tool offered by its CDN provider to mitigate the unwanted automation against its web and mobile platforms. After two months of testing the tool, the security and fraud teams were left frustrated. The tool required internal resources to actively deal with every single automated attack, including researching and writing rules for individual activities. The amount of time and resources required to operate the tool was unsustainable and cost ineffective. Moreover, the tool only identified 20% of the automated credential stuffing activity on the dating website, rendering it inadequate.
When it was clear that the CDN-provided tool was not the right solution, the company contacted F5. It was specifically looking for a solution that could fulfill four critical requirements:
Once the company selected F5 Distributed Cloud Bot Defense, F5 began deployment within weeks. In monitoring mode, Distributed Cloud Bot Defense observed that, on average, 80% of all web traffic was automated. As soon as F5 initiated mitigation mode, the attacks were immediately blocked and prevented from reaching the origin server.
By successfully mitigating automated attacks, F5 has delivered value across the enterprise:
As depicted in the traffic chart below, attackers behaved in typical fashion: