Most US websites unprotected against bot attacks

While bot attacks are surging, the latest industry report shows that most US websites are vulnerable to simple bot attacks.

A whopping 68% of US websites are unprotected against bot attacks, highlighting threats of automated online threats, a report from DataDome, an online fraud and bot mitigation provider, shows.

Automated attackers have enabled fraudsters to expand in recent years, with almost a third of all internet traffic attributed to bots targeting online businesses. The intensity of attacks surges up to five times during commercial events such as Black Friday or Cyber Monday.

The report, which analyzed nearly 10,000 US-based websites in various industries, revealed that not only are most websites not adequately protected, but traditional anti-bot measures such as CAPTCHA are no longer effective.

“Of the 2,587 websites equipped with only a CAPTCHA tool, less than 5% detected and blocked all bots. In 77.2% of the websites, the CAPTCHA tools failed to stop even a single bot,” reads the report.

Out of all tested websites, only a tenth successfully blocked all bot requests, with a fifth detecting some bots but not all. Meanwhile, two out of three websites let through all nine test bots.

E-commerce websites proved most vulnerable, with 72.3% failing bot tests. The best performers of the trial were gambling sites, with 31% of sites blocking all the bots. The report noted that the most successful bots were fake Chrome bots, with a staggering success rate of 85%.

“Bots are becoming more sophisticated by the day, and US businesses are clearly not prepared for the financial and reputational damage these silent assassins can cause. From ticket scalping and inventory hoarding to account fraud, bad bots wreak chaos on consumers and businesses alike,” said Antoine Vastel, head of research at DataDome.