Arkose Labs, renowned for its expertise in bot management and account security, recently published a comprehensive report titled “Breaking (Bad) Bots: Bot Abuse Analysis and other Fraud Benchmarks”. This report offers an in-depth analysis of the current state of cyber attacks, highlighting that in the first half of 2023 and into the third quarter, bots and human-operated fraud farms were behind billions of attacks, accounting for 73% of all website and app traffic.
The report’s extensive research encompassed billions of sessions globally across various sectors, identifying the most prevalent attacks by industry, type, and geographical region. The primary attack vectors included basic bots, intelligent bots, and human fraud farms. These were used for various nefarious activities, including SMS toll fraud, web scraping, card testing, and credential stuffing.
Key findings indicated a 167% surge in bot attacks in the first half of the year, with intelligent bots witnessing a staggering 291% increase. These sophisticated bots are designed for intricate interactions, mimicking human behavior. Additionally, the report observed a 49% rise in human fraud farm activities from the first to the second quarter of 2023, especially when bots were blocked.
Kevin Gosschalk, the CEO of Arkose Labs, emphasized the seriousness of these attacks, which go beyond typical cybercrimes. He pointed out that such activities could lead to more severe crimes like human trafficking, money laundering, and illegal arms financing.
Two major trends driving this increase in cyber attacks were identified: the use of Generative AI (GenAI) by cybercriminals for creating convincing phishing emails and scam messages, and the growth of Cybercrime-as-a-Service (CaaS). CaaS has notably lowered the entry barrier for cybercriminals, offering ready-made bots and support services for conducting large-scale attacks, even for those with minimal technical expertise.
The study also highlighted the industries most affected by these attacks, with travel and hospitality topping the list at 76% traffic from malicious bots, followed by technology, retail, streaming, and gift cards sectors. Arkose Labs’ findings are based on an analysis of billions of sessions from its Global Intelligence Network, which includes some of the world’s largest companies and Arkose Labs’ customers, making it a valuable resource for understanding the dynamics of cybercrime.
