Application-layer denial of service and other activities that adversely affect the application's users. Includes:

Account lockout. Spamming. Excessive resource consumption. Scalping. Sniping. Must involve the ecommerce application in the attack and thus excludes HTTP DoS (e.g. flood attacks, slow attacks).