• IphtashuFitz@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    4 months ago

    I know some sites have experimented with feeding bots bogus data rather than blocking them outright.

    My employer spotted a bot a year or so ago that was performing a slow speed credential stuffing attack to try to avoid detection. We set up our systems to always return a login failure no matter what credentials it supplied. The only trick was to make sure the canned failure response was 100% identical to the real one so that they wouldn’t spot any change. Something as small as an extra space could have given it away.