Distil Networks’ Sixth Annual Bad Bot Report Finds Bad Bot Arms Race Rages On

April 16, 2019

Industry Breakdown Reveals Financial Services Organizations Suffer Highest Proportion of Bad Bot Traffic

ARLINGTON, VA – April 17, 2019 – Distil Networks, the global leader in bot mitigation, today released its annual Bad Bot Report titled, “Bad Bot Report 2019: The Bot Arms Race Continues.” The report investigates hundreds of billions of bad bot requests from 2018 over thousands of domains to provide deeper insight into the daily automated attacks wreaking havoc on websites, mobile apps and APIs. The findings suggest that bot attack sophistication continues to evolve, as advanced attackers learn to adapt their techniques in order to invalidate existing defense tactics.

“Bot operators and bot defenders are playing an incessant game of cat and mouse, and techniques used today, such as mimicking mouse movements, are more human-like than ever before,” said Tiffany Olson Kleemann, CEO of Distil Networks. “As sophistication strengthens, so too does the breadth of industries impacted by bad bots. While bot activity on industries like airlines and ticketing are well-documented, no organization – large or small, public or private – is immune. When critical online activity, like voter registration, can be compromised as a result of bad bot activity, it no longer becomes a challenge to tackle tomorrow. Now is the time to understand what bots are capable of and now is the time to act.”

Bad bots are used by competitors, hackers and fraudsters and are the key culprits behind account takeovers or hijacking, web scraping, brute-force attacks, competitive data mining, transaction fraud, data theft, spam, digital ad fraud and downtime. Produced by the Distil Research Lab, a team of dedicated analysts who examine the most sophisticated automated threats for some of the world’s most attacked websites, this report underscores the increasing pervasiveness of bad bots, revealing that no industry is safe from malicious bot activity.

Key Findings from the 2019 Bad Bot Report:

  • In 2018, bad bots accounted for 1 in 5 website requests (20.4 percent of web traffic). Good bots decreased slightly to make up 17.5 percent of traffic.
  • 73.6 percent of bad bots are classified as Advanced Persistent Bots (APBs), which are characterized by their ability to cycle through random IP addresses, enter through anonymous proxies, change their identities, and mimic human behavior.
  • Nearly 50 percent (49.9 percent) of bad bots report their user agent as Chrome. Mobile browsers, such as Safari Mobile, Android and Opera increased from 10.4 percent last year to 13.9 percent.
  • Amazon is the leading ISP for originating bad bot traffic. In 2018, 18 percent of bad bot traffic originated from Amazon compared with 10.62 percent the previous year.
  • Despite the fact that 53.4 percent of bot traffic originates from the United States, Russia and Ukraine combined make up nearly half (48.2 percent) of country-specific IP block requests.

This year’s report provides a comprehensive breakdown of some of the top industries impacted by bots and the specific challenges they face. Key findings include:

 
Industry Percentage of Bad Bot Traffic Type of Attacks
Financial Services 42.2 percent Credential stuffing to access or take over user accounts
Ticketing 39.3 percent Scalping bots, seat inventory checkers, credential stuffing
Education 37.9 percent Scraping for research papers, class inventory and user account access
Government 29.9 percent Voter registration account interference, scraping business registration listings
Gambling and Gaming 25.9 percent Scraping ever-changing betting lines, account takeover seeking loyalty points
Airlines 25.9 percent Scraping pricing information, account takeover to empty airline mile balances
Ecommerce 18 percent Price scraping, content scraping, account takeovers, credit card fraud and gift card abuse

To download a full copy of Distil Networks’ report, visit: https://resources.distilnetworks.com/white-paper-reports/bad-bot-report-2019

To ask questions and learn more, register for our upcoming webinar taking place on Wednesday, May 8, at 10:00 a.m. PT/1:00 p.m. ET: https://info.distilnetworks.com/industry-report-bad-bots-of-2019

 

About Distil Networks
Distil Networks, the global leader in bot mitigation, protects websites, mobile apps, and APIs from automated threats. Fraudsters, hackers, and competitors use bots to commit online fraud, break into customer accounts, and gain an unfair competitive advantage. As the sheer volume, sophistication, and business damage of these attacks grow, bots put a costly strain on IT staff and resources. Only Distil’s unique, more holistic approach provides the vigilant service, superior technology, and industry expertise needed for full visibility and control over this abusive traffic. The Distil team pioneered bot mitigation in 2011, and has been leading the way ever since. With Distil, there is finally a defense against automated attacks that is as adaptable and vigilant as the threat itself.

For more information on Distil, visit https://www.distilnetworks.com/block-bot-detection/ or follow @DISTIL on Twitter.

Previous Article
Distil Networks Strengthens Bot Management Solution with Significant Product Enhancements
Distil Networks Strengthens Bot Management Solution with Significant Product Enhancements

New Deployment Options Integrate Bot Defense into AWS, Cloudflare, F5 Networks and NGINX while Granular Web...

Next Article
New Report Shows Ticketing Industry Suffers From Continuous Automated Abuse, With 39.9 Percent of all Traffic Originating from Bots
New Report Shows Ticketing Industry Suffers From Continuous Automated Abuse, With 39.9 Percent of all Traffic Originating from Bots

New Report from the Distil Research Lab shows ticketing industry suffers from continuous automated abuse an...