Article
Network Security

Bots are advancing and driving online fraud, finds Imperva

By Tilly Kenyon
May 19, 2022
undefined mins
Share
As bots continue to evolve and become more sophisticated, they are designed to evade detection and are causing businesses damage, finds Imperva’s report

Imperva, a digital security company, has found that bad bots, software applications that run automated tasks with malicious intent, accounted for a record-setting 27.7% of all global website traffic in 2021, up from 25.6% in 2020.

This was found in the 2022 Imperva Bad Bot Report, the ninth annual analysis of bot traffic across the internet by Imperva Threat Research

According to the report, bad bots are often the first indicator of online fraud and represent a risk to digital businesses, as well as their customers. In 2021, evasive bad bots -- a grouping of moderate and advanced bad bots that elude standard security defences -- made up 65.6% of all bad bot traffic.

Implementing bot protection to prevent the growing threats 

Bad bots enable high-speed abuse, misuse, and attacks on websites, mobile apps, and APIs. Successful attacks can lead to the theft of personal information, credit card data, and loyalty points.

The three most common bot attacks were account takeover (ATO), content or price scraping, and scalping to obtain limited availability items.

In 2021, 64.1% of ATO attacks used an advanced bad bot. Financial services was the most targeted industry (34.6%), followed by travel (23.2%). The United States was the leading origin country of ATO attacks (54%) in 2021. For businesses, ATO contributes to revenue loss, risk of non-compliance with data privacy regulations, and tarnished reputations.

“Businesses cannot overlook the impact of malicious bot activity as it is contributing to more account compromise, higher infrastructure and support costs, customer churn, and degraded online services,” says Ryan Windham, Vice President, Application Security, Imperva. “With automated fraud growing in intensity and complexity, advanced bot protection is essential for preventing the growing threat digital businesses and consumers face from bad bots.”

Bot traffic can cause businesses significant damage 

In 2021, Germany (39.6%), Singapore (39.1%), and Canada (30.2%) experienced the highest volumes of bad bot traffic, while the United States (29.1%) and United Kingdom (29.7%) were also higher than the global average (27.7%) of bad bot traffic.

The volume of attacks originating from sophisticated bad bots was most notable across travel (34.2%), retail (33.8%), and financial services (8.8%) in 2021. These industries remain a prime target because of the valuable personal data they store behind user login portals on their websites and mobile apps.

Imperva Threat Research concluded that no industry was immune to bad bot activity in 2021. While examples of bots hoarding popular gaming consoles or clogging vaccine appointment scheduling sites made headlines in 2021, the report noted that any level of bot traffic on a website can cause significant downtime, degrade performance, and reduce service reliability.

cybersecuritybots
Share
Latest

Digital Magazine

Read Now
Read the latest Digital Magazine today!

Featured Articles

Cisco Talos: Tracking Ransomware’s 35 Year Evolution

Martin Lee, Technical Lead for Security Research, Cisco Talos highlights how the ransomware landscape has shifted across the last 35 years

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

Cyber Security

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI