A new study reports that malicious bots and human fraud farms were responsible for billions of attacks in the first half of 2023 and the third quarter. These attacks accounted for 73% of all website and app traffic measured. In other words, almost three-quarters of traffic to digital content would be malicious in nature. This alarming trend is changing the digital landscape, with the five most common categories of bot attacks being fake account creation, account takeover, web scraping, account management and product abuse.
Internet traffic associated with malicious bots has reportedly increased significantly
The report, titled “Breaking (Bad) Bots: Bot Abuse Analysis and other Fraud Benchmarks,” was published by Arkose Labs, a global leader in bot management and account security. Researchers examined billions of sessions around the world to identify the most common attacks by industry, type and region. They were attacked using three main vectors: basic bots, smart bots and click farms. Threat actors use these vectors to launch different types of attacks: SMS payment fraud, web scraping, card testing, credential stuffing, etc.
The analysis found that overall bot attacks increased by 167% in the first half of the year, with the 291% increase in intelligent bots weighing heavily. Bots, once primarily used by search engines, now have a variety of uses that can be both good and bad. Harmless bots are primarily search engine indexing bots and other similar bots used for content aggregation or monitoring. Bots marked harmless follow the site owner’s rules as set in the robots.txt file.
They publish methods to verify their identities and work to not overwhelm the websites and apps they visit. On the other hand, malicious bots are designed to carry out malicious activities. They range from simple scrapers that attempt to retrieve data from an application (and can be easily blocked) to advanced persistent bots that exhibit complex behavior and try to evade detection as much as possible. They attempt attacks ranging from website scraping, account takeover attacks, distributed denial of service (DDoS) attacks, and more.
However, attacks are not limited to bots. The analysis found that when blocked, scammers’ bots redirect their attacks to click farms, which increased by 49% between the first and second quarters of 2023. Arkose Labs states that 73% of all traffic on the internet today (Q3 2023) is comprised of malicious bots and their associated scam farm traffic. Additionally, the Arkose report states that the top five attack categories involving malicious bots are: fake account creation, account takeover, web scraping, account management, and product abuse.
These categories did not change from the second quarter, with the exception of product abuse, which replaced card testing. And the attacks that increased the most between Q2 and Q3 2023 are SMS payment fraud (+2,141%), account management (+160%) and fake account creation (+23%). Arkose researchers also report that the top five target industries are technology (malicious bots account for 76% of internet traffic); online gaming (29% of traffic); Social media (46%), e-commerce (65%) and financial services (45%).
Malicious bots are becoming more sophisticated thanks to increasing generative AI
Arkose estimates that there were over 3 billion fraud farm attacks in the first half of 2023. These scam farms appear to be located primarily in Brazil, India, Russia, Vietnam and the Philippines. However, some critics question the report and doubt that the traffic is attributed to malicious bots. Maybe 73% of requests but no traffic. The majority of traffic is primarily streaming video content. Traffic is a specific term for what is transmitted over the Internet. Maybe you have a high number of requests but low traffic. And vice versa too, wrote one reviewer.
However, other critics agree with the report and share their own experiences. One of them says: I am a system administrator for a large European content publisher. Malicious bots make up about 40% of our traffic, harmless bots (website indexers and others; Google, Bing, Pinterest and others) make up 25-30% of traffic, and real people make up 30-35% of traffic. And all this after blocking all traffic from Russia and China. The rest of the malicious bot traffic comes from South America, Africa, Europe and North America.
The report highlights that two trends are driving the increase in attacks: generative AI and cybercrime as a service (CaaS). The report emphasizes that this poses a threat to the future of the Internet. Intelligent bots use sophisticated techniques such as machine learning and AI to mimic human behavior and evade detection. This allows them to adapt by targeting vulnerabilities in IoT devices, cloud services and other emerging technologies. For example, they are often used to bypass 2FA defenses that protect against phishing, the report says.
Regardless, the rise of AI may be linked to a dramatic increase in web scraping bots that collect data and images from websites. Between the first and second trimesters, scratching increased by 432%. Scraping social media accounts collects personal data that can be used by generative AI to mass produce convincing phishing attacks. Other bots could then be used to send account takeover emails, romance scams, etc. Scraping also targets the travel and hospitality industries.
Researchers point out that web scraping remains a legally murky area. It’s not specifically illegal, but if it violates a website’s posted terms of service, it’s certainly immoral. There are services that openly offer tools for web scraping. In this case, the relationship between CaaS, AI and bots (here mainly web scraping bots) is demonstrated. CaaS, in turn, enables would-be criminals who may have the intent but not the necessary skills to engage in cybercrime. The rise of CaaS has completely changed the landscape for threat actors.
According to experts, CaaS makes it significantly cheaper to attack companies and the attacks are simply better because it is a development workshop that carries out the attacks and not individual cybercriminals. In summary, the continued increase in the number of malicious bots suggests that they continue to be profitable for criminals. And generative AI improves the performance of bad bots, while the growth of CaaS will increase the number of bad bot operators; The situation will therefore worsen. Researchers believe that the only solution currently is to detect and combat malicious bots.
Source: Arkose Labs
And you ?
What is your opinion on this topic?
What do you think about the share of malicious bots in global internet traffic?
In your opinion, do the numbers reported by Arkose Labs correspond to reality? For what ?
How can we deal with the increase in malicious bots on the Internet?
What do you think about the rise of cybercrime as a service? How can we react to that?
Why do you think the legal framework for web scraping remains unclear?
See also
Malicious bot threats pose a growing risk to businesses, with 47.4% of all internet traffic coming from bots in 2022, according to a report from Imperva
Bots are becoming increasingly prevalent on the web, accounting for more than 42% of all traffic, with malicious bots accounting for a record 27.7%, according to Imperva’s Bad Bot Report
Cybercriminals resort to Telegram bots to bypass ChatGPT restrictions. According to Check Point, bot companies currently allow up to 20 free requests