"Bad Bots Swarm the Internet in Record Numbers in 2021"

According to researchers at Imperva, malicious bots accounted for almost 28% of global web traffic in 2021, a record high that exceeded the previous year’s figure of 26%.  The researchers stated that bots are software apps that run automated tasks.  However, while most of them perform legitimate work such as crawling and indexing the internet for search engines, an increasing number are being used for malign purposes.  The researchers claimed that the most common of these last year were account takeover (ATO), content or price scraping, and scalping to obtain limited-availability items.  The researchers found that two-thirds of this traffic could be traced to “evasive bad bots,” software that uses the latest evasion techniques to circumvent security tools.  These include cycling through random IPs, entering sites and apps through anonymous proxies, changing identities, and mimicking human behavior to evade detection.  The researchers noted that some 36% of bad bots hid as mobile web browsers in 2021, with Safari the most popular choice due to its enhanced privacy settings.  The researchers stated that due to the increase in malicious bot traffic, ATO attacks soared by 148% from 2020 to 2021, allowing scammers to access sensitive account information and potentially carry out fraudulent transactions.  Financial services was the most targeted industry (35%) in ATO attacks, followed by travel (23%), with the US the leading origin country of ATO attacks (54%) in 2021.  Overall, travel (34%), retail (34%), and financial services (9%) were the sectors most targeted by bad bots in 2021, which stands to reason given the large amounts of sensitive data stored in customer accounts and the potential for monetization.

Infosecurity reports: "Bad Bots Swarm the Internet in Record Numbers in 2021"