Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Spybots. Show all posts

Bad Bot Traffic is Significantly Contributing to Rise of Online Scam

 

Recently, many organizations have been left wrestling with the challenge of overcoming the rise in bot traffic, which is also sometimes referred to as non-human traffic. According to an Imperva analysis, bad bots, or software applications that conduct automated operations with malicious intent, accounted for a record-breaking 27.7% of all global internet traffic in 2021, up from 25.6 percent in 2020. Account takeover (ATO), content or price scraping, and scalping to purchase limited-availability items were the three most typical bot attacks. 

Bot traffic has the potential to damage organisations if they do not learn how to recognise, control, and filter it. Sites that rely on advertising in addition to sites that sell limited-quantity products and merchandise are particularly vulnerable. Bad bots are frequently the first sign of online fraud, posing a threat to both digital enterprises and their customers. 

Evasive bad bots accounted for 65.6 percent of all bad bot traffic in 2021, a grouping of moderate and advanced bad bots that circumvent ordinary security protections. This type of bot employs the most advanced evasion strategies, such as cycling through several IP addresses, using anonymous proxies, changing identities, and imitating human behaviour. 

Bad bots make it possible to exploit, misuse, and assault websites, mobile apps, and APIs at high speed. Personal information, credit card details, and loyalty points can all be stolen if an attack is successful. Organizations' non-compliance with data privacy and transaction requirements is exacerbated by automated misuse and online fraud. 

Bad bot traffic is increasing at a time when businesses are making investments to improve online customer experiences. More digital services, greater online functionality, and the creation of broad API ecosystems have all emerged.

Unfortunately, evil bot operators will use this slew of new endpoints to launch automated assaults. The key findings of the research are:
  • Account takeover grew148% in 2021: In 2021, 64.1% of ATO attacks used an advanced bad bot. Financial Services was the most targeted industry (34.6%), followed by Travel (23.2%). The United States was the leading origin country of ATO attacks (54%) in 2021. The implications of account takeover are extensive; successful attacks lock customers out of their accounts, while fraudsters gain access to sensitive information that can be stolen and abused. For businesses, ATO contributes to revenue loss, risk of non-compliance with data privacy regulations, and tarnished reputations.
  • Travel, retail, and financial services targeted by bad bots: The volume of attacks originating from sophisticated bad bots was most notable across Travel (34.2%), Retail (33.8%), and Financial Services (8.8%) in 2021. These industries remain a prime target because of the valuable personal data they store behind user login portals on their websites and mobile apps.
  • The proportion of bad bot traffic differs by country: In 2021, Germany (39.6%), Singapore (39.1%), and Canada (30.2%) experienced the highest volumes of bad bot traffic, while the United States (29.1%) and the United Kingdom (29.7%) were also higher than the global average (27.7%) of bad bot traffic.
  • 35.6% of bad bots disguise as mobile web browsers: Mobile user agents were a popular disguise for bad bot traffic in 2021, accounting for more than one-third of all internet traffic, increasing from 28.1% in 2020. Mobile Safari was a popular agent in 2021 because bots exploited the browser’s improved user privacy settings to mask their behaviour, making them harder to detect.
According to the findings, no industry will be immune to negative bot activity in 2021. Bots hoarding popular gaming consoles and clogging vaccine appointment scheduling sites gained attention in 2021, but any degree of bot activity on a website can create considerable downtime, degrade performance, and reduce service reliability.