2024 Australian Account Take Over Security Survey
Download our comprehensive 2024 Australian Account Takeover Security Survey for insights on account protection strategies and emerging threats.
User agent spoofing is a technique used by bots and other automated scripts to disguise themselves as legitimate web browsers or devices. By changing the user agent string in the HTTP headers, bots can masquerade as different browsers, operating systems, or even search engine crawlers, making it more difficult for websites to identify and block them.
Bots use user agent spoofing for several reasons:
There can be legal implications for user agent spoofing. Depending on the jurisdiction and the specific use case, user agent spoofing can be considered a violation of the website's terms of service or even be classified as unauthorised access. For example, the Computer Fraud and Abuse Act (CFAA) in the United States can be used to prosecute individuals or entities that engage in unauthorised access to computer systems, which can include spoofing user agents to bypass access controls.
User agent spoofing involves changing the user agent string that is sent in the HTTP headers of a web request. The user agent string provides information about the browser, operating system, and device making the request. Bots can modify this string to impersonate different browsers or devices. Here is an example of a typical user agent string for Google Chrome:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Download our comprehensive 2024 Australian Account Takeover Security Survey for insights on account protection strategies and emerging threats.
Learn about the types of attacks malicious bots carry out.
Discover what Bot Management is all about.
Comprehensive bot security assessment for modern applications. Evaluate your protection against sophisticated automated threats including anti-detect browsers, credential stuffing, and API attacks.
Just how much of the internet's traffic is generated by bots?
© PEAKHOUR.IO PTY LTD 2025 ABN 76 619 930 826 All rights reserved.