Bad bot traffic has increased again compared to previous years and now accounts for almost a quarter of all web traffic. Financial service providers are most affected.
Every Industry Has Its Own Bot Problems
From account takeover attacks to credential stuffing to content and price scraping. The sectors with the most bad bot traffic include financial service providers, the education and government organizations.
Moderate to demanding bad bots make up almost three quarters of bad bot traffic. Advanced persistent bots often elude recognition. They go through random IP addresses, penetrate through anonymous proxies, change their identity and imitate human behavior.
Bad Bots Interact With Applications In The Same Way As A Legitimate User
This makes them more difficult to identify and prevent. They attack websites, mobile applications and APIs at high speed and enable bot operators, hackers, competitors to carry out a variety of malicious attacks. This includes competitive data mining, collecting personal and financial data, spam and much more.
Released Tuesday, Imperva’s “2020 Bad Bot Report: The Bad Bots Strike Back” looks at how bad bots play a role in website activity and how website owners can protect themselves against these threats.
Criminals Are Extremely Creative In Spreading Bad Bots
Simply accessing a website or clicking on a fake or hijacked advertising banner can trigger a drive by download of malware, which takes place unnoticed in the background. Cybercriminals mainly use security gaps in the web browser, often the vulnerabilities are not known to anyone at the time of the attack. Emails are also a common gateway. For example, a link in a phishing email takes you to a prepared page. A hidden download starts automatically. The bot nests unnoticed in the system of a tablet or smartphone and does the job for which it was programmed. In the worst case, further issues follow. A bot can download a keylogger that uses keystrokes. Other spies specialize in screenshots, which they automatically pick up and transmit for evaluation.