HUMAN has released the 2023 Enterprise Bot Fraud Benchmark Report, which provides insights into automated attack trends across enterprise use cases. Read on for the top takeaways, or download the full report.
Internet visibility is the name of the game for stopping bad bots and online fraud. And HUMAN’s visibility is unmatched. HUMAN observes more than 20 trillion digital interactions each week across 3 billion devices worldwide. So, when it comes to activity on the internet, we’ve seen a thing or two…or 33 million interactions per second, to be exact.
Malicious bots like to hide in the shadows of the internet, but we’re here to bring them to light. Illuminating and observing automated attack patterns is the first step in combating this massive threat. With that in mind, we’ve released our annual Enterprise Bot Fraud Benchmark Report, which details automated attack patterns against enterprises across the web. Here are the key findings.
Attackers almost always use proxy servers and fake user-agents to hide the true source of malicious requests. By faking the traffic source, bot operators can also better blend in with the crowd. For example, U.S. proxy servers account for 75% of requests to U.S. applications, but only 47% of requests to ex-U.S. applications. This shows that attackers often choose to mimic the source of legitimate traffic based on the region they are targeting.
Furthermore, all three saw attack types increased as the year went on. In the second half of 2022 as compared to the first half, carding attacks rose 161%, account takeover attacks rose 123%, and scraping attacks rose 112%.
HUMAN’s Satori Threat Intelligence and Research Team has observed bots performing human-like behaviors, such as taking over accounts, making fraudulent purchases, scraping proprietary content, inflating engagement with media, and scalping hot products. Bot attacks, once considered an inevitable and relatively inconsequential type of online fraud, can now have a material impact on brand reputation and revenue.
The cost of letting bad bots and fraud go undetected is growing. At the same time, bots are becoming increasingly sophisticated and pervasive. Our data suggests that certain periods (such as concert ticket release days, Cyber Monday, and days surrounding political events) will always be high targets. However, other seemingly insignificant days are often prone to bot attacks as well.
In the words of Gavin Reid, CISO at HUMAN, “It’s clear that bots are a pervasive threat. “It is extremely easy for bad actors to conduct malicious bot attacks and fraud with minimal effort or risk. This means that cybercriminals can take advantage of any event online, big or small, making all events open for attack."
Today, the ebb and flow of bot traffic is better described as just the flow and bigger flow. Bots are a persistent and growing threat, so digital organizations must have defenses in place all year round. And that’s where modern defense comes in.
Built on the three pillars of visibility, network effect, and disruptions and takedowns, modern defense is the fuel behind everything that HUMAN does. The strategy of modern defense powers the Human Defense Platform, an award-winning suite of security solutions that protect against digital attacks targeting exposed ad, web, mobile and API surfaces.
Modern defense allows HUMAN to stop sophisticated bot attacks and online fraud with unmatched speed, scale, and precision.
Together, the pillars of modern defense enable HUMAN to disrupt the economics of cybercrime and deliver collective protection that combats tomorrow’s cybersecurity threats, today.
Read the 2023 Enterprise Bot Fraud Benchmark Report to see more bot trends, or contact us for a free bot risk assessment.