Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Distil Networks Releases Fourth Annual Bad Bot Report, Revealing Bad Bots Most Prevalent on Websites with Login Pages

March 2017 by Distil Networks

Almost every website with a login page is under attack from bad bots, the automated programs used by hackers, fraudsters and competitors to carry out a variety of nefarious activities, according to a new report from Distil Networks, Inc., the global leader in bot detection and mitigation.

Today, Distil released its fourth Bad Bot Report titled, "The 2017 Bad Bot Report: If You Build It, They Will Come." It serves as the IT security industry’s most in-depth analysis on the sources, types and sophistication levels of 2016’s bot activity.

The report found that websites requiring a login are almost certain to be attacked by bad bots, with 96 percent of such sites targeted by malicious bots. Bad bots are used by competitors, hackers and fraudsters and are the key culprits behind web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, data theft, spam, digital ad fraud, and downtime.

"Massive credential dumps like Ashley Madison and Yahoo, coupled with the increasing sophistication of bad bots, has created a world where bad bots are running rampant on websites with accounts," said Rami Essaid, CEO and co-founder of Distil Networks. "Website defenders should be worried because once bad bots are behind the login page, they have access to even more sensitive data for scraping and greater opportunity to successfully carry out transaction fraud."

Key Findings:

Bad Bots By The Numbers:
 40% of all web traffic in 2016 originated from bots. Bad bots alone were responsible for 20% of web traffic and increasingly impact large websites.
 76% of bad bots lie about coming from the most popular browsers, including Chrome, Safari Internet Explorer and Firefox.
 60% of bad bots come from data centers, as opposed to residential or mobile. Amazon is the top originating Internet Service Provider (ISP) for the third year in a row, with 16% of all bad bot traffic — four times more than the next ISP.
 16% of bad bots self-reported as mobile users. For the first time, Mobile Safari made the top five list of self-reported user agents, outranking Web Safari.
 75% of bad bots were Advanced Persistent Bots (APBs). Today’s APBs are either sophisticated in that they can load JavaScript, hold onto cookies, and load up external resources, or persistent, in that they can randomise their IP address, headers, and user agents.

Automated Threats in Detail:
 97% of websites with proprietary content and/or pricing are being hit by unwanted scraping.
 90% of websites were hit by bad bots that were behind the login page, including websites with account login sections, payment portals, and transaction platforms.
 31% of websites with forms are hit by spam bots, which damages customer experience, affects brand perception, and diverts traffic off the site. 

The report also includes attributes that make specific websites appealing to bad bot actors. Websites that have one of the following attributes are most attractive to bad bots:
 Unique content and/or product and pricing information
 Sign-up, login, and account pages
 Payment processors
 Web forms, such as contact, discussion forums, and reviews

The findings are based on 2016 data collected from Distil Networks’ global network and includes hundreds of billions of bad bot requests, anonymized over thousands of domains.

To download a full copy of the report, visit https://resources.distilnetworks.com/whitepapers/2017-bad-bot-report.


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts