Security guide
Agent Spoofing: Verify Bots Before You Trust Them
A claimed crawler or AI agent identity is a starting point for verification, not an authorization decision.
What is agent spoofing?
Agent spoofing is a malicious bot that impersonates an AI agent, a search engine crawler, a price-comparison tool, or any other trusted client in order to bypass the security of an online retail site.
By gaining unrestricted access, a bot may scrape content, probe an application, consume inventory, or distort traffic data. The risk is not unique to AI agents: any identity inferred from a request header alone can be forged.
The cost to retailers
Treat bot classification as a risk signal. A verified crawler may be legitimate, but it still should not receive access to an authenticated, administrative, or transactional route.
The technical reality
Use layers of evidence rather than one signal:
- The User-Agent header, a text string indicating the client's name and version, is simply a self-declaration. Any malicious bot can present itself as a known AI agent with a single line of code.
- The IP range can support verification when its owner publishes and maintains a documented range or reverse-DNS process. It is not proof by itself, and generic cloud ranges are not a bot identity.
- Behavior and route context help distinguish normal crawling from scraping, credential abuse, and inventory or checkout automation.
- Cryptographic verification can prove that a request was signed by a key the sender controls when the sender publishes a complete, verifiable scheme.
The emerging response: cryptographic signatures
HTTP Message Signatures (RFC 9421) standardize a way to sign selected HTTP message components. They do not define a universal bot identity, public-key directory, or authorization policy.
When a provider supports signed requests, validate its documented key-discovery and trust model, signed components, expiry, replay protection, and allowed routes. Do not treat a valid signature as an unrestricted allow rule.
Audit Bot Management and WAF policy by route. Start in observe mode, verify claimed Google crawlers using Google's documented process, then apply a graduated response: allow authorized access, throttle suspicious behavior, or block high-confidence abuse. Record the evidence, owner, review date, and rollback condition for every exception.
Authoritative references
- OWASP Bot Management and Anti-Automation Cheat Sheet
- RFC 9421: HTTP Message Signatures
- Cloudflare: Web Bot Auth
Verify bots without blocking legitimate access
Talk to our team about Bot Management, WAF configuration, and verifying signed agents across your retail estate.
Get Started