Bad Bots Infiltrate the Internet: Nearly 1/3 of All Traffic is Malicious

The recovery of the tourism industry post-pandemic has encountered a new threat—automated attacks. According to Imperva, nearly 21% of all attack requests last year targeted the tourism sector.

In Imperva’s recent “2024 Bad Bot Report,” it is noted that the share of so-called “bad bots” in the web traffic of the tourism industry in 2023 reached 44.5%, significantly higher than the 37.4% recorded in 2022.

With the increased demand for travel during the summer season and major sporting events in Europe, Imperva warns of a potential rise in bot activity. These automated systems target the industry through unauthorized scanning, inventory hoarding, account takeovers, and fraud.

Bots are software applications that perform automated tasks on the internet. While most of these tasks, such as website indexing for search engines or web performance monitoring, are legitimate, the number of malicious bots is growing.

Bad bots engage in various nefarious activities, from DDoS attacks to fraudulent transactions. These threats can consume bandwidth, slow down servers, and disrupt business processes, even if they do not directly steal sensitive data.

The tourism industry has long struggled with bot-related issues. One of the most common forms of attack is price scraping. Bots gather information on prices and inventory without authorization, which can distort critical business metrics and increase API costs. For instance, one airline lost approximately $500,000 per month due to traffic from bad bots.

Another problem is inventory hoarding, where bots repeatedly book and cancel airline tickets or hotel rooms, creating a false sense of scarcity. This misleads customers, drives up prices, and complicates bookings for real users, leading to revenue loss and a degraded customer experience.

In 2023, the tourism industry ranked second in the volume of account takeover attempts. Cybercriminals target valuable personal data, payment methods, and loyalty points, making user accounts attractive for identity theft and fraud.

Imperva classifies malicious bot activity into three categories: simple, moderate, and advanced. Simple bots use unmasked scripts, moderate bots mimic browser technologies, and advanced bots emulate user behavior to evade detection systems.

The tourism sector is particularly afflicted by advanced bots, which constituted 61% of malicious bot traffic last year. These bots achieve their goals with fewer requests and greater persistence, increasing the risk.

To combat such threats, Imperva recommends employing a multi-layered defense strategy, including user behavior analysis and profiling. It is essential to regularly monitor traffic anomalies and analyze suspicious sources. As bot technology evolves, especially with AI integration, distinguishing between good and bad traffic becomes increasingly challenging.