- Report warns sophisticated bots mimic human behavior so well outdated defense is not a chance
- Mobile apps are under siege, with an increase of 160% in targeted bot traffic years over years
- CAPTCHA Farms and Rotatating Poxies Help Bots by bypassing Basic Defense
The Internet has entered a new era where automated traffic is now accounting for more web activity than human users, new research says.
Radwares 2025 E -Handelsbot -threat report claims that most of the traffic to online stores during the 2024 holiday season did not come from people. It came from bots.
For the first time, automated programs – ranging from simple manuscripts to AI -enhanced digital agents – drew 57% of all traffic that surpassed human visitors to E -trading sites.
A smarter generation of bad bots
The report highlights the ongoing development of malicious bots, as almost 60% now use behavioral strategies designed to avoid detection, such as rotating IP addresses and identities, using CAPTCHA farms and mimicking human brows patterns, making them difficult to identify without advanced tools.
The only effective counter is equally intelligent detection – AI -driven defense that can learn and adapt. Companies need to reassess their security stacks and look beyond basic filters for solutions that offer advanced DDOS protection and intelligent traffic monitoring.
“Bad bots are no longer just based on simple manuscripts – they are sophisticated, AI -enhanced agents who are able to outlast traditional defense,” said Ron Meyran, vice president of cyber threat pipes on radware.
“E-commerce providers and online retailers who depend on conventional security measures find themselves increasingly exposed, not only during the holidays but year round.”
Mobile platforms have become a critical battlefield with a staggering 160% increase in mobile targeted bot activity between 2023 and 2024 holiday seasons. Attackers implement mobile emulators and headless browsers that mimic legitimate app behavior.
The report also warns of bots that are mixed in everyday internet traffic. An increase of 32% in attack traffic from Housing Proxy Network makes it much more difficult for e-commerce stations to use traditional rate-limiting or geo-fencing techniques.
The most alarming development is perhaps the increase in multi-vector campaigns that combine bots with traditional exploitation and API-targeted attacks. These campaigns go beyond scraping prices or testing stolen credentials – they aim to take sites offline completely.
For companies that depend on the best e-commerce site builders or user-friendly platforms, the threat is ready. Security must develop in steps with attackers. Platforms must also adopt dedicated mobile protection to defend themselves against these increasingly sophisticated threats.
