Top 5 Bad Bots of 2024

Alex McConnell
Alex McConnell
3 Minute read
Top 5 Bad Bots of 2024

Article Contents

    Are bad Bots a problem in 2024?

    Around half of all internet traffic is generated by bots – some of those bots are good and some are bad bots.

    In fact, roughly 26% of bot traffic is bad bot or illegitimate traffic. Posing a threat to businesses and consumers alike, with bad bots created to scrape data, disrupt the ordinary running of service and performing a range of fraudulent activities. It’s malicious bot activity such as this that leaves brand reputations in tatters, customers frustrated and increasingly, large organisations significantly out of pocket as they respond to the fall out of a bot attack.

    What are the bad bots to be aware of in 2024?

    1. Sneaker bots

    Sneaker bots do what they say on the tin – they are used to buy sneakers. Sneaker bots vary in complexity, with many built to auto-cart and buy limited edition sneakers within seconds of their release.

    From an attacker’s perspective, bots prove much more effective than trying to manually check-out. Precious seconds are saved simply by storing card details and addresses within the bot, so there’s no requirement to type out the information. Not only does this annoy many “sneakerheads”, but it leaves retailers open to scrutiny with suggestions that they aren’t doing enough to stop bad bots.

    To find out more about sneaker bots in our four-part blog series.

    2. Scrapers & spiders

    Not all scrapers are a nuisance to businesses, GoogleBot being a prime example. As a search engine, Google finds and indexes content according to relevance and quality; achieving the number one spot in the search engine results pages (SERPs) is every organization’s dream.

    However, many scrapers are created with less than ethical intent. They farm content to be repurposed, reposted and resold; this is known as content theft. Scrapers also scrape prices listed on websites. This technique is commonly used in eCommerce, with competitors targeting items that will allow them to undercut their rivals and increase their profits.

    Learn more about the web scraping threat to businesses.

    3. Gift card bots

    Gift Card Bots are constantly evolving and are rapidly becoming a major issue within the retail sector.

    Many retailers partake in gift card processing online and are subsequently becoming attractive attack targets. Gift card bots such as GiftGhostBot, generate and enter potential gift card numbers into different sites to identify successful combinations; GiftGhostBot claims to be able to test up to 1.7m combinations within an hour of being deployed. One retailer has reported peaks of over four million requests within an hour, which is almost 10 times their expected traffic levels.

    4. Click and ad fraud bots

    Pay-per-click (PPC) advertisement is a major form of promotion for businesses seeking to get a product or service into the market. For example, Google Ads average a PPC cost of between £0.66 and £1.32 however, prices can vary depending on the industry, budget, network and end goal.

    Click and ad fraud bots take advantage of these tools by repeatedly ‘clicking’ and generating payments per click, running up a hefty bill for the advertisement owner. On average, $6bn of $300bn in ad-click-costs are fraudulent, and app installs are considered the most lucrative method.

    Uber and Facebook have taken out lawsuits against alleged fraudsters but with little success, due to not being able to ‘sue a bot’.

    Discover more about click fraud and ad fraud.

    5. Denial of inventory bots

    Bots make up a large portion (up to 97%) of total internet traffic during the busy festive shopping period.

    Consumers head online to avoid the in-store rush, unaware that a much bigger threat may be present. Seemingly unmissable Black Friday and Cyber Monday deals make online shopping irresistible, yet the increase in eCommerce consumer activity has also resulted in the vast quantity of bot traffic we see today.

    If you were unable to bag that gift you wanted this Christmas, it’s possible that you were competing with a denial of inventory bot, suitably nicknamed the Grinch Bot or Jingle Bot. These less than jolly bots add stock to baskets making it unavailable to genuine shoppers. Some of the bots were built to direct customers elsewhere, and other to resell the products on third party sites. Both the Grinch Bot and Jingle Bot operate similarly to sneaker bots and as a result, retailers saw a much higher level of cart abandonments over the 2019 holiday period.

    The festive season is an opportunity for bad bots to hide their malicious activity in the already large volume of traffic to sites however, eCommerce sites are hit by bots all year round.

    Learn more about denial of inventory and scalper bots.

    Stop bad bots with Netacea Bot Protection

    Renewing your bot protection technology and mitigation strategy in 2024? Netacea helps hundreds of brands effortlessly detect and block unwanted bot traffic using an invisible agentless solution. Powered by Defensive AI Netacea helps brands identify up to 33x more threats vs legacy controls.

    Block Bots Effortlessly with Netacea

    Book a demo and see how Netacea autonomously prevents sophisticated automated attacks.

    Related Blogs

    Knight chess piece
    Alex McConnell

    What is a Sophisticated Bot Attack?

    Learn about the growing sophistication of bot attacks. Find out how to improve defenses and detect these attacks effectively.
    Alex McConnell

    Offensive AI Lowers the Barrier of Entry for Bot Attackers

    Explore the impact of offensive AI and automated attacks. Discover how AI is changing the landscape of cybersecurity.
    Worker helmet
    Alex McConnell

    What is Defensive AI and Why is it Essential in Bot Protection?

    Discover the potential of defensive AI in bot protection. Explore how machine learning can protect against automated attacks.

    Block Bots Effortlessly with Netacea

    Demo Netacea and see how our bot protection software autonomously prevents the most sophisticated and dynamic automated attacks across websites, apps and APIs.
    • Agentless, self managing spots up to 33x more threats
    • Automated, trusted defensive AI. Real-time detection and response
    • Invisible to attackers. Operates at the edge, deters persistent threats
    Book a Demo