When it comes to designing a good website, most companies are understandably concerned with what consumers think. After all, you have only about 10 seconds to make an impression and express to customers what they might get out of your site and your business. But recent data shows that a good portion of your website’s visitors can’t even think for themselves. That’s because they’re actually bots — and they’re bad ones, at that. With 40% of consumers claiming they would stop doing business with a company or brand if that business previously suffered a breach in security, this influx of bots can devastate small businesses.
According to Distil Research Lab’s recent Bad Bot report, approximately one-fifth of web traffic (or 20.4%) worldwide comes from malicious bots. These automated scripts or tools operate with specific tasks in mind; even Google uses bots to crawl the internet and evaluate websites. But other bots are created with malicious intent in mind, often by those who want to attack, defraud, or hack sites and consumers. This technology is used to do everything from data mining and web scraping to identify theft, spam messaging, fake account creation, DDoS attacks, and more.
These automated attacks happen on website, apps, and APIs on a regular basis, presenting problems for all kinds of businesses. According to the report, 73.6% of bad bots can be classified as “advanced persistent bots” (or APBs), which have the ability to switch user agents, enter through anonymous proxies, and cycle through IP addresses to block any identifying features; in this way, they’re extremely difficult to track and can even mimic human behaviors. These bots can mimic movements of a computer mouse and perform attacks with fewer requests (or even delay them), which makes detection even less likely.
The report notes that those in the financial, ticketing, and educational sectors were highly affected by this malicious traffic in 2018, although governmental agencies, airlines, and gaming and gambling enterprises were also impacted significantly. Interestingly, e-commerce sites were not affected at as high a percentage, though these businesses are certainly not immune. And although bad bot traffic levels have actually decreased year-over-year, the amount of sophistication seen in these bots continues to grow — so no one should discount whatever advancements may be coming in the near future.
Distil’s report states: “Bad bots continuously target all of these industries daily, with defenses requiring constant optimization. Some are hit by sophisticated bots that repeatedly perform a specific task, such as checking credit card numbers. Another may be scraped for pricing content, while a third may be victimized by bad bots checking gift card balances.”
Often, the design and maintenance of a website makes the end-user a priority, ensuring that consumers are able to easily access and navigate a given site. For instance, 72% of mobile users surveyed by Google felt mobile friendly websites were important, but businesses must realize that human users aren’t the only ones who are responsible for website traffic. And while some bots are used for good, the prevalence of bad bots should concern organizations in all industries. If action isn’t taken, your website could be completely vulnerable to a data breach or other malicious activity that can harm your reputation, your customers, and your ability to operate.
