A shocking new report from DataDome, a leader in cybersecurity, reveals that 95% of advanced bot attacks go undetected on websites. The 2024 Global Bot Security Report shows that more than 65% of websites lack protection against basic bot attacks. 95% of advanced bot attacks go undetected. E-commerce, healthcare, and luxury industries are the most exposed to online fraud.
DataDome, a specialist in cyber fraud protection, has released the findings of its 2024 Global Bot Security Report. This study uncovers alarming gaps in cyber fraud protection. Based on an analysis of over 14,000 of the world’s most visited websites, DataDome found that more than 65% of them aren’t protected against basic bot attacks. Additionally, 94% are vulnerable to ad fraud, content scraping, and DDoS attacks.
To conduct this large-scale study, DataDome used its BotTester tool and classified websites by size (number of employees) and industry. All tested domains receive an average of at least 5 million visitors per month.
In the past 12 months, bot attacks—both basic and advanced—have multiplied. DataDome’s findings show that consumer-focused industries are the hardest hit and least prepared for these attacks.
Luxury and E-commerce Industries Most Exposed to Online Fraud
Consumer-focused and digital sectors like luxury and e-commerce are prime targets for cybercriminals. Only 5% of luxury websites and 10% of e-commerce sites are fully protected against malicious bots.
Creating malicious bots is indeed a quick and profitable attack vector. It has become a favored technique for attackers looking to automate online fraud.
Another concerning finding: only 6% of media sites have effective protection against malicious bots, meaning 94% are vulnerable to ad fraud, content scraping, and DDoS attacks.
The risks for businesses are immense: data theft, reputational damage, poor customer experience, and financial losses. With the holiday season approaching, the situation is critical.
In a statement, Antoine Vastel, DataDome’s Vice President of Research, said:
“Consumer-facing industries are particularly vulnerable to malicious bot activities and face growing risks of financial losses, data breaches, and reputational harm. As our research shows, the low barriers to creating and deploying malicious bots make them a tool of choice for fraudsters to exploit high-traffic sites. The need for robust, multi-layered protection against these bots has never been more crucial.”
RELATED ARTICLE
AI-Powered Advanced Bots Evade Detection
Another key takeaway from the study is the increasing sophistication of the tools and technologies cybercriminals use. Advanced bots, designed to bypass traditional CAPTCHA systems, rely on AI-powered “bot farms” to solve them in real-time. These advanced bots were detected by protection systems in less than 5% of cases.
These advanced bots can impersonate users with a high degree of accuracy. In July 2024, the U.S. Department of Justice dismantled a large-scale Russian propaganda campaign that used a “bot farm” to bypass X’s (formerly Twitter) user verification methods and spread disinformation in the U.S. using fake social media accounts. The use of advanced bots by political actors poses a growing threat, especially in electoral contexts like the upcoming U.S. elections in November.
According to Antoine Vastel:
“We are witnessing the rise of AI-enhanced media, which can be used for harmful political influence. Social media platforms and news sites are targeted by malicious actors seeking to spread political disinformation. As we approach a high-stakes political year, we strongly advise media sites to reassess the risks associated with malicious web traffic.”
Businesses’ Defenses Are Weaker Against Evolving Threats
The problem is that the defenses available to companies are increasingly inadequate against advances in automated browsers, anti-detection tools, proxy use, and AI assistance. For example, fake Chrome bots remain the most difficult basic bot category to detect. Companies are then exposed to layer 7 DDoS attacks, account fraud, and more.
According to the study, Europe is the continent least protected against basic bot attacks. 68% of websites are unprotected, and only 8% are fully secured. North America fares only slightly better, with 64% of websites unprotected and just 9% fully secured.
![Image [BUYING GUIDE] How to Choose the Right Shelving?](/wp-content/uploads/sites/3/Featured-7-320x213.jpg)
