New report underscores urgent need for improved bot protection measures in the US
NEW YORK, Nov. 28, 2023 /PRNewswire/ — Today, DataDome, a leading provider of AI-powered online fraud and bot mitigation, unveiled insights from its US Bot Security Report, which found that a staggering 68% of US websites are unprotected against simple bot attacks, highlighting how vulnerable US businesses are to automated online threats. Findings show not only the significant risk websites face – especially as Americans head into the busy holiday shopping season – but also that traditional CAPTCHAs are no longer an effective tool in preventing automated attacks.
Bad bots are plaguing the internet and today make up over 30% of all internet traffic, which cybercriminals use to target online businesses with fraud and other attacks. Bots disrupt digital business operations, putting data security and the customer experience at risk, with severe consequences including financial losses and reputational damage. During the largest sales events, such as Black Friday and Cyber Monday, e-commerce platforms typically face at least five times — and sometimes up to 30 times — more bot attacks than on normal days.
“Bots are becoming more sophisticated by the day, and US businesses are clearly not prepared for the financial and reputational damage these silent assassins can cause,” said Antoine Vastel, Head of Research, DataDome. “From ticket scalping and inventory hoarding, to account fraud, bad bots wreak chaos on consumers and businesses alike. Businesses which do not deal adeptly with bad bots risk significant reputational damage, as well as exposing their customers to unnecessary risk. They must act now to protect themselves against this growing threat.”
To understand more about how US businesses defend themselves against these malicious bots, DataDome tested over 9,500 of the largest US-based websites across a range of industries, from banking and ticketing to e-commerce and gambling. The company’s findings shed light on the prevailing state of bot protection across different industries and varying business sizes, and highlighted variations in the performance of different bot detection systems as well as the effectiveness of traditional CAPTCHAs as a defense mechanism.
More specifically, the research found that a significant majority of US-based digital businesses are not adequately protected against simple bot attacks. It showed that:
More than 68% of US websites tested are unprotected against simple bot attacks.
- Only 10.2% successfully blocked all our bot requests.
- 21.6% detected and blocked some of our bots, but not all.
- A staggering 68.2%—more than 2 out of 3 targets—let through all nine different types of bots (combinations of attack vector and geographic origin).
E-commerce and classified ads websites are particularly exposed.
- 72.3% of e-commerce websites and 65.2% of classified ads websites failed all bot tests.
- Gambling sites are the best-defended, with 31% blocking all the test bots.
CAPTCHA proves ineffective.
- Of the 2,587 websites equipped with only a CAPTCHA tool, less than 5% detected and blocked all bots.
- In 77.2% of the websites, the CAPTCHA tools failed to stop even a single bot.
The most ‘successful’ bots (from an attacker’s POV) are fake Chrome bots.
- 85% of DataDome’s fake Chrome bots were undetected.
- 83% of simple Curl command bots were undetected.
- Nearly 3 in 4 fake Googlebots were undetected.
The DataDome BotTester tool is available to access here: https://datadome.co/bot-tester/
Today’s news comes on the heels of several recent announcements, including DataDome’s rank to the 2023 Deloitte Technology Fast 500, its leader position in the Fall 2023 G2 Grid® Report for Bot Detection and Mitigation, the company’s inclusion in the 2023 Inc. 5000, its channel partner program expansion, as well as closing $42M in Series C funding. DataDome has received widespread recognition in the past year for its market-leading detection and mitigation capabilities, including Best Use of Machine Learning/AI in the 2023 SC Europe Awards, the 2023 Fortress Cybersecurity Award for Application Security, the 2023 Global Infosec Award for Most Innovative Bot Mitigation, and more.
Follow DataDome on YouTube and LinkedIn for regular updates on threat research, customer case studies, and to ensure your bot protection is ready to tackle the most sophisticated attacks.
About DataDome
DataDome’s bot and online fraud protection detects and mitigates attacks with unparalleled accuracy and zero compromise. Our machine learning solution analyzes 3 trillion data points per day to adapt to new threats in real time. Our 24/7 SOC experts protect hundreds of high-profile brands worldwide, including Rakuten, AllTrails and AngelList. A force multiplier for IT security teams, DataDome is fully transparent, easy to deploy, and frictionless for consumers. DataDome was named a Strong Performer in the 2022 Forrester Wave: Bot Management and ranked a top G2 Leader in Bot Detection & Mitigation in 2022 & 2023.
SOURCE DataDome