95 percent of website bot attacks go undetected

More than 65 percent of websites are unprotected against simple bot attacks and 95 percent of advanced bot attacks go undetected on websites.

A new report from DataDome reveals that eCommerce and luxury goods sites are at greatest risk. Just five percent of luxury brand websites and 10 percent of eCommerce websites are fully protected against bad bots.

Media sites are at risk too with only six percent having robust protection against bots, leaving the rest vulnerable to ad fraud, content scraping, and DDoS attacks.

Regionally, Europe is the least protected against simple bot attacks, with 68 percent of websites unprotected and only eight percent fully protected. North America follows closely behind, with 64 percent of websites unprotected and only nine percent fully protected.

"Consumer-centric industries are highly vulnerable to malicious bot activity and face increased risks of financial loss, data breaches, and reputational damage. As our research reveals, the low barriers for creating and deploying bad bots have made them a favored tool for fraudsters seeking to exploit high-traffic websites. Needless to say, the need for robust, multi-layered bot protection has never been more urgent," says Antoine Vastel, vice president of research at DataDome.

The report also finds that advanced bots, designed to bypass traditional CAPTCHAs by leveraging AI-powered 'bot farms' to solve them in real-time, are detected by protection less than five percent of the time.

Advancements in automated browsers, anti-detection frameworks, proxy usage, and AI assistance have made it increasingly difficult for companies to defend against bot threats. Among tested domains using some form of bot protection, bots were still able to completely penetrate 45 percent. Fake Chrome bots remain the most difficult type of simple bot to detect, leaving businesses open to layer seven DDoS attacks, account fraud, and more.

Vastel adds, "We're seeing a surge in GenAI-augmented media, which can be used for nefarious political influence. Social media platforms and media websites are being targeted by bad actors looking to spread political disinformation. Given that this is an election year, we strongly advise media websites to reassess the risks associated with malicious web traffic."

The full report is available from the DataDome site.

Image credit: ktsdesign/depositphotos.com