Bad Bot Report 2021: The Pandemic of the Internet PDF Free Download
1 / 34
/34
100%
REPORT
Bad Bot Report 2021
The Pandemic of the Internet
.com
2Bad Bot Report 2021
Contents
About the Bad Bot Report 2021 ....................................................................................................03
What’s new in this report ...........................................................................................................................03
Scalpers exploit the pandemic......................................................................................................04
Bots that schedule vaccine appointments? ............................................................................................04
The rise of the helpful bot ......................................................................................................................... 05
Bad bots leveraging the “infodemic” to spread fraud ........................................................................... 05
Grinchbots make millions hoarding gaming hardware .......................................................................... 06
The legal stance against scalpers ............................................................................................................ 06
The legality of web scraping ......................................................................................................................07
Bad bots targeting the elections? .............................................................................................................07
Account Takeover prevalence and sophistication rises ........................................................................ 08
Uncovering fraud through successful login investigation .................................................................... 08
The canary account in Account Takeover attacks ................................................................................ 08
Increased fraud from high activity accounts .......................................................................................... 08
Understanding what bad bots do .................................................................................................09
Executive summary of findings ................................................................................................11
The bad-bot landscape ...................................................................................................................13
What is a bad bot? ........................................................................................................................................13
Bad bot sophistication levels ......................................................................................................................15
Bad bots by industry ....................................................................................................................................16
Bad bot sophistication by industry .............................................................................................................21
Account Takeover remains a significant threat ....................................................................................... 22
Bad bot traffic by website size .................................................................................................................. 23
Bad bot identity: Chrome drops in popularity, still a favorite ................................................................ 24
Mobile bots on the rise ............................................................................................................................... 26
Mobile ISPs playing a bigger role ...............................................................................................................27
Amazon remains a top source of bad bot traffic......................................................................................27
Residential is still growing in popularity .................................................................................................... 28
Where bad bots originate ........................................................................................................................... 29
The United States and China are the most attacked countries............................................................ 30
Imperva Threat Research Lab .................................................................................................. 31
Recommendations ..........................................................................................................................32
Recommended actions for detection of bad bot activity ...................................................................... 32
About Imperva Application Security .......................................................................................34
.com
3Bad Bot Report 2021
ABOUT THE BAD BOT REPORT 2021
Imperva’s Bad Bot Report 2021 investigates the daily attacks that sneak
past sensors and wreak havoc on websites.
What’s new in this report
.com
4Bad Bot Report 2021
Scalpers exploit the pandemic
Bad bots are the major pandemic ravaging the internet. Their notorious ability to mimic
human interactions in highly persuasive ways helps them remain undetected. These
automated threats consistently top the list of concerns for many businesses and security
practitioners. Bad bots have been thriving throughout the global pandemic, targeting new
markets and hiding within the global surge in internet traffic.
Bots that schedule vaccine appointments?
Bad bot traffic on healthcare websites
Sessions
January FebruarySeptember October November December
Month
.com
5Bad Bot Report 2021
The rise of the helpful bot
Bad bots leveraging the “infodemic” to spread fraud
.com
6Bad Bot Report 2021
Grinchbots make millions hoarding gaming hardware
The legal stance against scalpers
Bad bot traffic on retail websites
Sessions
Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Month
.com
7Bad Bot Report 2021
The legality of web scraping
Bad bots targeting the elections?
Bad bot traffic on government websites Feb-Dec 2020
Sessions
Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Month
.com
8Bad Bot Report 2021
Account Takeover prevalence and sophistication rises
Uncovering fraud through successful login investigation
The canary account in Account Takeover attacks
Increased fraud from high activity accounts
.com
9Bad Bot Report 2021
Understanding what bad bots do
Price
Scraping
Content
Scraping
Account
Takeover
(aka
Credential Stuffing,
Credential
Cracking)
Gift Card
Balance
Checking
Account
Creation
(aka Account
Aggregation)
.com
10 Bad Bot Report 2021
Credit Card
Fraud
(aka Carding, Card
Cracking)
Denial of
Service
Denial of
Inventory
Scalping
(aka Grinchbots,
Sneaker Bots,
Ticket Bots,
Vaccine Bots)
.com
11 Bad Bot Report 2021
Executive summary of findings
Bad bot traffic hits an all-time high
Advanced persistent bots are still dominant
Bad Bot Sophistication Levels 2020
16.7%
42.9%
40.4%
Moderate
Sophisticated
Simple
Advanced Persistent Bots 57.1%
.com
12 Bad Bot Report 2021
Top 5 Industries
Bad Bot Traffic %
1 45.7%
2 41.4%
3 33.7%
4 33%
5 29.7%
Top 5 Bad Bot Traffic
By Country
1 40.5%
2 5.2%
3 4.9%
4 3.9%
5 3.4%
28.1%
15.1%
10.8%
Top 5 Industries Sophisticated
Bad Bot Traffic %
1 59.7%
2 15.3%
3 13.5%
4 11%
5 8.6%
Top 5 Most Attacked
Countries
1 37.2%
2 8.3%
3 6.9%
4 4%
5 3.7%
The bad bot problem is a cross-industry one
Bad bots are shifting towards mobile
Bad bots around the world
.com
13 Bad Bot Report 2021
The bad bot landscape
What is a bad bot?
How do good and bad bots differ?
Even good bots can be bad news
Bad Bot v Good Bot v Human Traffic 2020
25.6%
Bad Bots
59.2%
15.2%
Good Bots
Human
.com
14 Bad Bot Report 2021
Bad Bot v Good Bot v Human Traffic 2014 - 2020
BAD BOTS
2014
22.8%
36.3%
40.9%
18.6%
27.0%
54.4%
19.9%
18.8%
61.3%
21.8%
20.4%
57.8%
20.4%
17.5%
62.1%
24.1%
13.1%
62.8%
2015 2016 2017 2018 2019
25.6%
15.2%
59.2%
2020
GOOD BOTS
HUMANS
Bad Bot v Good Bot v Human Traffic 2014-2019
0%
2014 2015 2016 2017 2018 2019 2020
25%
50%
75%
100% Human
Good Bots
Bad Bots
Bad Bot v Good Bot v Human Traffic 2014 - 2020
BAD BOTS
2014
22.8%
36.3%
40.9%
18.6%
27.0%
54.4%
19.9%
18.8%
61.3%
21.8%
20.4%
57.8%
20.4%
17.5%
62.1%
24.1%
13.1%
62.8%
2015 2016 2017 2018 2019
25.6%
15.2%
59.2%
2020
GOOD BOTS
HUMANS
Bad Bot v Good Bot v Human Traffic 2014-2019
0%
2014 2015 2016 2017 2018 2019 2020
25%
50%
75%
100% Human
Good Bots
Bad Bots
.com
15 Bad Bot Report 2021
Bad bot sophistication levels
Bad Bot Sophistication Levels 2020
16.7%
42.9%
40.4%
Moderate
Sophisticated
Simple
Advanced Persistent Bots 57.1%
.com
16 Bad Bot Report 2021
Bad bots by industry
Industry What businesses are included? What bad bots do?
Automotive
Business
Services
Computing
& IT
Education
Entertainment
& Arts
Financial
Services
Food &
Beverages
Gaming &
Gambling
.com
17 Bad Bot Report 2021
Industry What businesses are included? What bad bots do?
Healthcare
Government
Marketing
News
Retail
Society
Sports
Telecom
& ISPs
Travel
.com
18 Bad Bot Report 2021
TELECOM & ISPs
NEWS
SOCIETY
Bad Bot v Good Bot v Human Traffic 2020
Human Good BotsBad Bots
Telecom and ISPs
Computing & IT
Sports
News
Business Services
Education
Gaming & Gambling
Travel
Society
Healthcare
Automotive
Retail
Food & Beverages
Government
Entertainment & Arts
Marketing
Financial Services
0% 25% 50%
Percentage of Traffic
75%
100%
45.7% 30.5%23.9%
41.1% 51.1%7.7%
33.7% 58.5%7.8%
33% 38.5%28.4%
29.7% 61.3%9.0%
28.6% 52.3%19.2%
27.7% 65.5%6.7%
26.8% 65.4%7.7%
26.2% 64.3%9.5%
25.1% 68.4%6.4%
17.8% 79.2%3.0%
18.7% 69.4%11.9%
18.9% 73.4%7.7%
20.7% 74.6%
4.8%
22.5% 41.7%
35.9%
22.7% 69.8%
7.4%
23.4% 67.9%
8.7%
.com
19 Bad Bot Report 2021
EDUCATION
RETAIL
TRAVEL,
Sophisticated bad bot traffic on travel websites
Requests
Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Month
.com
20 Bad Bot Report 2021
HEALTHCARE
FINANCIAL SERVICES
GOVERNMENT
.com
21 Bad Bot Report 2021
Bad Bot Sophistication for 2020 –By Industry
SophisticatedSimple Moderate
Travel
Government
Retail
Financial Services
Food & Beverages
News
Healthcare
Business
Computing & IT
Automotive
Society
Entertainment & Arts
Education
Marketing
Telecom and ISPs
Gaming & Gambling
Sports
0% 25% 50%
Percentage of Traffic
75% 100%
25.5% 59.7%14.8%
49.5% 15.3%35.2%
37.2% 13.5%49.3%
26.4% 11.0%62.6%
12.2% 8.6%79.2%
47.7% 8.0%44.4%
34.5% 7.4%58.1%
57.3% 6.7%36.0%
35.7% 5.2%59.1%
29.4% 5.0%65.5%
55.5% 4.5%40.0%
60.7% 4.4%34.9%
62.8% 3.2%34.0%
78.7% 2.8%18.5%
69.9% 2.7%27.4%
27.9% 2.6%69.4%
77.7% .7%21.5%
Bad bot sophistication by industry
.com
22 Bad Bot Report 2021
Account Takeover remains a significant threat
Top industries targeted by Account
Takeover attacks
Top countries that originate Account
Takeover attacks
34%
16%
45%
Account Takeover Attacks on Financial Services
Sites Attacked
Mar Apr May Jun Jul Aug Sep Oct Nov Dec
0
1000
2000
3000
Account Takeover Attacks on Telecom & ISPs
Sites Attacked
Mar Apr May Jun Jul Aug Sep Oct Nov Dec
0
1000
2000
3000
4000
.com
23 Bad Bot Report 2021
Bad bot traffic by website size
Bad Bot v Good Bot v Human to All Sizes Sites 2020
Human
Good Bots
Bad Bots
0%
Large Sites Medium Sites Small Sites Tiny Sites
25%
50%
75%
100%
23.7%
60.7%
15.6%
34.4%
58.0%
7.6%
27.8%
60.7%
11.5%
62.3%
22.5%
15.2%
Bad Bot v Good Bot Ratio
on Large Sites 2019
Bad Bot v Good Bot Ratio
on Medium Sites 2019
59.6%
Bad Bots
40.4%
Good Bots
70.8%
Bad Bots
29.2%
Good Bots
Bad Bot v Good Bot Ratio
on Small Sites 2019
81.9%
Bad Bots
18.1%
Good Bots
60.4%
Bad Bots
39.6%
Good Bots
Bad Bot v Good Bot Ratio
on Tiny Sites 2020
Bad Bot v Good Bot Ratio
on Large Sites 2019
Bad Bot v Good Bot Ratio
on Medium Sites 2019
59.6%
Bad Bots
40.4%
Good Bots
70.8%
Bad Bots
29.2%
Good Bots
Bad Bot v Good Bot Ratio
on Small Sites 2019
81.9%
Bad Bots
18.1%
Good Bots
60.4%
Bad Bots
39.6%
Good Bots
Bad Bot v Good Bot Ratio
on Tiny Sites 2020
Bad Bot v Good Bot Ratio
on Large Sites 2019
Bad Bot v Good Bot Ratio
on Medium Sites 2019
59.6%
Bad Bots
40.4%
Good Bots
70.8%
Bad Bots
29.2%
Good Bots
Bad Bot v Good Bot Ratio
on Small Sites 2019
81.9%
Bad Bots
18.1%
Good Bots
60.4%
Bad Bots
39.6%
Good Bots
Bad Bot v Good Bot Ratio
on Tiny Sites 2020
Bad Bot v Good Bot Ratio
on Large Sites 2019
Bad Bot v Good Bot Ratio
on Medium Sites 2019
59.6%
Bad Bots
40.4%
Good Bots
70.8%
Bad Bots
29.2%
Good Bots
Bad Bot v Good Bot Ratio
on Small Sites 2019
81.9%
Bad Bots
18.1%
Good Bots
60.4%
Bad Bots
39.6%
Good Bots
Bad Bot v Good Bot Ratio
on Tiny Sites 2020
.com
24 Bad Bot Report 2021
Bad bot identity: Chrome drops in popularity, still a favorite
Top Self Reporting Browser by Bad Bots 2014–2020
0%
2014 2015 2016 2017 2018 2019 2020
20%
40%
60%
4.9% 4.4%
5.0%
0.0% 0.0% 0.0% 0.0% 0.0%
0.6%
0.0%
0.3%
9.0%
23.3%
11.9%
6.5%
6.7%
4.1% 3.7% 3.5%
1.1%
4.4% 4.8%
11.8%
10.3%
6.6%
7.1%
4.6%
7.9%8.8%
4.2%
17.7%
22.9%
17.5%
13.3%
26.5%
26.9%
45.5%
49.9%
55.4%
33.3%
7.6%
7.6%
26.9%
26.0%
26.6%
Firefox Mobile Safari
Chrome Mobile Chrome Safari Android Browser Internet Explorer
Opera
Self-Reported Browser
Percentage of Total Bad Bot Traffic
5.7%
38.6%
.com
26 Bad Bot Report 2021
Mobile bots on the rise
Bad Bot Reported User Agent Types 2020
68%
3.9%
28.1%
Mobile User Agents
Chrome, Firefox,
Internet Explorer,
Safari
Other User Agents
Bad Bot Reported User Agent Types 2016–2020
0%
2016 2017 2018 2019 2020
25%
50%
75%
100%
79.4%
78.1%
13.9% 12.9%
83.2%
10.4%
75.9%
16.1%
8.0% 8.0%6.4% 7.7%
68.0%
28.1%
3.9%
Chrome, Firefox, Internet
Explorer, Safari Mobile User Agents Other User Agents
.com
27 Bad Bot Report 2021
Mobile ISPs playing a bigger role
Amazon remains a top source of bad bot traffic
Bad Bot Traffic by ISP Type 2020
54.0%
30.9%
15.1%
Mobile
Datacenter
Residential
.com
28 Bad Bot Report 2021
Residential is still growing in popularity
Top 10 Bad Bot Originating ISPs in 2020
Rank ISP % of traffic
1 10.80%
2 4.39%
3 4.21%
4 3.58%
5 2.57%
6 2.43%
7 2.11%
8 2.54%
9 1.81%
10
1.57%
Top 10 Mobile ISPs
Rank ISP % of traffic
1
4.39%
2 1.01%
3 0.70%
4
0.68%
5 0.66%
6 0.66%
7 0.47%
8
0.40%
9 0.31%
10 0.27%
.com
29 Bad Bot Report 2021
US Bad Bot v Rest of the World 2020
40.5%
USA
4.9%
United Kingdom
3.9%
Russia
28.7%
Other
5.2%
China
3.4%
Japan
3.1% Brazil
3.2% Germany
2.2% Ireland
2.5% Canada
2.3% France
Where bad bots originate
.com
30 Bad Bot Report 2021
Top Targeted Countries By Bad Bots 2020
37.2%
United States
25.8%
Other
4.0%
Brazil
8.3%
China
6.9%
United Kingdom
2.5% Canada
2.5%
Philippines
2.6% Russia
2.9%
3.5%
Kenya
Hong Kong
3.7% Japan
The United States and China are the most attacked countries
1
2
3
4
5
6
7
8
9
10
.com
31 Bad Bot Report 2021
Cyber Threat Index
Imperva Threat Research Lab
.com
32 Bad Bot Report 2021
Recommendations
Recommended actions for detection of bad bot activity
1. PLAN AHEAD WHEN UPDATING YOUR WEBSITE:
a. MARKETING CAMPAIGNS BRING MORE BOTS
b. NEW FUNCTIONALITIES BRING MORE BOTS:
2. BLOCK OR CAPTCHA OUTDATED USER AGENTS/BROWSERS:
Chrome version
Firefox version
Safari version
Internet Explorer
version
Block
End of Life more
than 3 years
CAPTCHA
End of Life more
than 2 years
.com
33 Bad Bot Report 2021
3. BLOCK KNOWN HOSTING PROVIDERS AND PROXY SERVICES:
Host Europe GMBH, Dedibox SAS, Digital Ocean, OVH SAS &
Choopa, LLC.
4. BLOCK ALL ACCESS POINTS:
5. CAREFULLY EVALUATE TRAFFIC SOURCES:
6. INVESTIGATE TRAFFIC SPIKES:
7. MONITOR FOR FAILED LOGIN ATTEMPTS:
8. MONITOR INCREASES IN FAILED VALIDATION OF GIFT CARD NUMBERS:
9. PAY CLOSE ATTENTION TO PUBLIC DATA BREACHES:
10. EVALUATE A BOT PROTECTION SOLUTION:
Copyright © 2021 Imperva. All rights reserved
.com
+1.866.926.4678
Bad Bot Report 2021
About Imperva Application Security
