Bot attacks were analyzed in a recent report by DataDome, finding that more than 65% of websites are unprotected against simple bot attacks and 95% of advanced bot attacks go undetected on websites. 

Consumer-centric and digital native industries are prime targets for cybercriminals and have inadequate defenses against bad bots. This puts data security and the customer experience at risk, with severe consequences such as financial loss and reputational damage. The analysis found that the luxury and e-commerce sectors are at the highest risk for online fraud. The report found that 5% of luxury brand websites and 10% of e-commerce websites are fully protected against bad bots, posing a significant risk as the holiday shopping season approaches.

Additionally, 6% of media websites have robust protection against bots, leaving 94% vulnerable to ad fraud, content scraping, and DDoS attacks. These findings reveal a strong correlation between the proliferation of bad internet traffic and the vulnerability of high-traffic websites. Bad bot creation, a relatively quick and cost-effective attack vector, has become a technique of choice for attackers looking to automate online fraud.

Advancements in automated browsers, anti-detection frameworks, proxy usage, and AI assistance have made it increasingly difficult for companies to defend against bot threats. Among tested domains using some form of bot protection, bots were still able to completely penetrate 45%. Fake Chrome bots remain the most difficult type of simple bot to detect, leaving businesses open to layer 7 DDoS attacks, account fraud, and more.

Regionally, Europe is the least protected against simple bot attacks, with 68% of websites unprotected and 8% fully protected. North America follows closely behind, with 64% of websites unprotected and 9% fully protected.

Read the report.