Bad Bots Drive 10% Annual Surge in Account Takeover Attacks

Written by

Internet traffic associated with malicious bots now accounts for a third (32%) of the total, driving a 10% year-on-year (YoY) increase in account takeover (ATO) attacks last year, according to Imperva.

The Thales-owned company’s 2024 Imperva Bad Bot Report is a detailed analysis of automated bot traffic across the internet. It revealed that bots – both good and bad – now account for roughly half (49.6%) of all traffic globally, up slightly (2%) from the year before.

The share of bad bot traffic grew by roughly the same percentage over the period. Although on average it accounts for a third of internet traffic, the figure is significantly higher in Ireland (71%), Germany (68%) and Mexico (43%).

Thanks to this activity, ATO attempts now account for 11% of all logins, although the figure is significantly higher in financial services (37%).

Read more on malicious bots: Bad Bots Now Account For 30% of All Internet Traffic

Imperva also recorded an increase in targeting of API endpoints, which offer a quick and relatively easy way for threat actors to reach sensitive corporate and customer data. Over two-fifths (44%) of all ATO attacks are now aimed at these endpoints, compared to 35% in 2022.

Overall, bots accounted for 30% of all API attacks in 2023, 17% of which were designed to exploit business logic vulnerabilities.

Bad bot traffic originating from residential ISPs surged to 26%, according to Imperva. The vendor claimed that threat actors are increasingly looking to mimic mobile browsing usage and combining it with residential or mobile ISP traffic to evade detection.

Overall, the gaming sector (57%) recorded the largest proportion of bad bot traffic, while retail (24%), travel (21%) and financial services (16%) experienced the highest volume of bot attacks.

Meanwhile, law and government websites (76%) recorded the largest share of advanced bad bots designed to mimic human behavior and evade defenses – followed by the entertainment sector (71%) and financial services (67%).

Nanhi Singh, general manager of application security at Imperva, warned that bots fuel a wide range of malicious online activity, including web scraping, ATO, spam, denial of service and data exfiltration.

“Automated bots will soon surpass the proportion of internet traffic coming from humans, changing the way that organizations approach building and protecting their websites and applications,” he added.

“As more AI-enabled tools are introduced, bots will become omnipresent. Organizations must invest in bot management and API security tools to manage the threat from malicious, automated traffic.”

What’s hot on Infosecurity Magazine?