First Look: The Big Bad Bot Problem 2020 ─ Part-3
The ‘Big Bad Bot Problem 2020’ report summarizes our findings from bot traffic on our customers’ networks along with research and analysis of bot trends, attack methods, and targets of attempted bad bot attacks. Here, we lay out detailed statistics on bot traffic to heavily targeted industries, along with the types of bot attacks and the respective types of Web pages that attracted the most malicious traffic.
The e-commerce industry, which grew 15% from 2018, was most targeted by bad bots in 2019, followed by travel and social media. This is consistent with the trends we have observed in previous years, and in line with the gains that criminals, competitors, and other malicious entities hope to achieve by deploying bots and botnets.
Figure 1: Traffic distribution by industry — 2018 vs. 2019
E-commerce sites are targeted by bad bots for a variety of reasons such as content and price scraping, denial of inventory, card fraud, and account takeover. Though scraping is a common practice between competitors and new players, it is usually carried out using simple bots, unlike account takeover and denial of inventory, which require the use of sophisticated bots that can emulate human behavior. We have also observed bot attacks across several types of pages, correlating between the types of attempted attacks such as payment fraud, content scraping, account takeover, and denial of inventory.
Figure 2: Overall traffic breakdown on e-commerce websites (2019)
Media and Publishing
Though media and publishing businesses are among the biggest users of good bots in their advertising and affiliate programs, they are also among the largest targets of scraper bots and spambots. Bot traffic also significantly skews traffic analytics and is a major hindrance to marketers and planners who need untainted data to forecast trends and develop marketing plans.
Figure 3: Overall traffic breakdown on media and publishing websites (2019)
Online Marketplaces and Classifieds
Portals such as marketplaces and classifieds sites have consistently been amongst the most widespread targets of scraper bots (often deployed by competitors and fraudsters). Bots also spam the forms on these types of sites with fake information and links to shady and malware-ridden sites.
Figure 4: Overall traffic breakdown on marketplaces and classifieds websites (2019)
Travel and Hospitality
Airlines, hotels, cruise lines, and other operators in the travel and hospitality industry have largely transitioned to online sales, which makes them a big target for bad bots. Our research found that the most prevalent type of bot attack on this industry is a denial of inventory. Bad bots comprised 29% of all traffic to booking pages across this industry, and they make large numbers of queries to the GDS (Global Distribution System) which end up adding to operators’ costs. Bots also make fake reservations that prevent real consumers from being able to make bookings and cause financial losses for operators.
Figure 5: Overall traffic breakdown on travel and hospitality websites (2019)
As we have seen, bad bots attack online industries to commit a range of activities ranging from the unethical to the outright criminal. With the ongoing Covid-19 pandemic, we are witnessing a dramatic escalation of malicious bot activity online, which security experts must confront and prevent. For a detailed summation and analysis of bad bots and their activities, download our Big Bad Bot Problem 2020 report, which also includes our specialists’ recommendations on bot mitigation.
Originally published at https://www.shieldsquare.com on April 17, 2020.