www.helpnetsecurity.com
Open in
urlscan Pro
44.235.189.191
Public Scan
URL:
https://www.helpnetsecurity.com/2023/11/23/bot-attacks-h1-2023/
Submission: On November 24 via api from TR — Scanned from DE
Submission: On November 24 via api from TR — Scanned from DE
Form analysis 1 forms found in the DOM
POST
<form id="mc4wp-form-1" class="mc4wp-form mc4wp-form-244483 mc4wp-ajax" method="post" data-id="244483" data-name="Footer newsletter form">
<div class="mc4wp-form-fields">
<div class="hns-newsletter">
<div class="hns-newsletter__top">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__title">
<i>
<svg class="hic">
<use xlink:href="#hic-plus"></use>
</svg>
</i>
<span>Cybersecurity news</span>
</div>
</div>
</div>
</div>
<div class="hns-newsletter__bottom">
<div class="container">
<div class="hns-newsletter__wrapper">
<div class="hns-newsletter__body">
<div class="row">
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="520ac2f639" id="mcs1">
<label class="form-check-label text-nowrap" for="mcs1">Daily Newsletter</label>
</div>
</div>
<div class="col">
<div class="form-check form-control-lg">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="d2d471aafa" id="mcs2">
<label class="form-check-label text-nowrap" for="mcs2">Weekly Newsletter</label>
</div>
</div>
</div>
</div>
<div class="form-check form-control-lg mb-3">
<input class="form-check-input" type="checkbox" name="_mc4wp_lists[]" value="28abe5d9ef" id="mcs3">
<label class="form-check-label" for="mcs3">(IN)SECURE - monthly newsletter with top articles</label>
</div>
<div class="input-group mb-3">
<input type="email" name="email" id="email" class="form-control border-dark" placeholder="Please enter your e-mail address" aria-label="Please enter your e-mail address" aria-describedby="hns-newsletter-submit-btn" required="">
<button class="btn btn-dark rounded-0" type="submit" id="hns-newsletter-submit-btn">Subscribe</button>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="AGREE_TO_TERMS" value="1" id="mcs4" required="">
<label class="form-check-label" for="mcs4">
<span>I have read and agree to the <a href="https://www.helpnetsecurity.com/newsletter/" target="_blank" rel="noopener" class="d-inline-block">terms & conditions</a>
</span>
</label>
</div>
</div>
</div>
</div>
</div>
</div><label style="display: none !important;">Leave this field empty if you're human: <input type="text" name="_mc4wp_honeypot" value="" tabindex="-1" autocomplete="off"></label><input type="hidden" name="_mc4wp_timestamp"
value="1700792027"><input type="hidden" name="_mc4wp_form_id" value="244483"><input type="hidden" name="_mc4wp_form_element_id" value="mc4wp-form-1">
<div class="mc4wp-response"></div>
</form>Text Content
* News * Features * Expert analysis * Videos * Events * Whitepapers * Industry news * Product showcase * Newsletters * * * Please turn on your JavaScript for this page to function normally. Help Net Security November 23, 2023 Share CYBERCRIMINALS TURN TO READY-MADE BOTS FOR QUICK ATTACKS Bots and human fraud farms were responsible for billions of attacks in the H1 of 2023 and into Q3, according to Arkose Labs. These attacks comprised 73% of all website and app traffic measured. In other words, almost three-quarters of traffic to digital properties is malicious. Researchers assessed the attacks across three primary attack vectors: basic bots, intelligent bots, and human fraud farms. Fraudsters use these vectors to launch attack types such as SMS toll fraud, web scraping, card testing, credential stuffing, and more. The analysis found bot attacks overall increased 167% in the H1 of 2023, weighted heavily by a 291% increase in intelligent bots. These smart bots are capable of complex, context-aware interactions. In Q2 2023, there was a 202% increase in bots attempting to take over consumer financial accounts, and a 164% increase in bots attempting to establish fake new bank accounts. This trend continued going into Q3, which experienced a 30% increase over the second quarter in fake new bank accounts. Bad actors were attempting to drain account balances through ATO attacks, while online fake accounts were most likely the preferred methods to launder illicit proceeds gained from real-world crimes like human trafficking, drug dealing, or weapon sales. HUMAN FRAUD FARMS The attacks, though, weren’t limited to bots. Research found that when fraudsters’ bots are blocked, they pivot attacks to human fraud farms, which increased 49% from Q1 to Q2 2023. “Bot attacks aided by human fraud farms are about more than concert tickets and high-priced sneakers. They can point to far darker activities,” said Kevin Gosschalk, CEO of Arkose Labs. “We’re seeing more attacks, using more intelligent bots, conducting more sophisticated types of attacks. Fake account registration, credential stuffing, scraping, SMS toll fraud–these are the types of attacks that fraudsters use as the first steps to more harmful crimes. They lead to romance scams that groom for human trafficking, money laundering from drug deals, or theft to fund illegal weapons,” Gosschalk continued. Two trends are highlighted as driving the increase in attack level: generative AI (GenAI), and Cybercrime-as-a-Service (CaaS). During the past six months, Arkose Labs’ threat researchers have observed a significant uptick of GenAI being used for content generation by bad actors who are now able to write pristine phishing emails for Man-in-the-Middle attacks or perfectly-worded responses on dating apps in their romance scams. In addition, the researchers found attackers are using bots to scrape data from websites and then using that data to tune their GenAI models. GenAI has lowered the barrier to entry for attackers, which, in turn, has quickly made it an imperative rather than an option for CISOs and their teams to attend to. An equally prodigious trend, Cybercrime-as-a-Service (CaaS) lowers the barrier to entry for adversaries looking to commit cybercrime. CaaS vendors advertise their questionably-legal services openly. Anyone can reach out to these vendors to buy bots to circumvent security measures or carry out an attack. Fraudsters with limited to zero technical skills can then use fully automated bots at scale that cause widespread damage to businesses and consumers. Fraudsters no longer have to know how to code to deploy a sophisticated volumetric bot attack. They can simply buy the bots off the web along with the training they need and even tap into the sellers’ “customer” support. Gosschalk added, “The massive rise of CaaS has completely changed the economics for adversaries. It’s much cheaper to attack companies and the attacks are just better because it’s a dev shop that is doing the attacks instead of just individual cybercriminals.” INDUSTRIES UNDER ATTACK With so much traffic to digital properties made up of malicious attacks, Arkose Labs researchers delved more deeply into the specific industries under attack. Nearly every industry experienced an increase in the number of attacks. The report lists the following as the industries that had more than 50% of traffic coming from bad bots and details common attacks carried out by malicious bots. * Travel and hospitality – 76% bad bots * Technology – 71% bad bots * Retail – 65% bad bots * Streaming – 61% bad bots * Gift cards – 57% bad bots More about * Arkose Labs * attacks * bot * cybersecurity * fraud * report Share FEATURED NEWS * New horizons in cyber protection with 2024 trends to watch * How LockBit used Citrix Bleed to breach Boeing and other targets * Microsoft announces Defender bug bounty program Download: The Ultimate Guide to the CISSP SPONSORED * eBook: Keeping Active Directory out of hackers’ cross-hairs * eBook: Cybersecurity career hacks for newcomers * Guide: SaaS Offboarding Checklist DON'T MISS * Sumo Logic discloses potential breach via compromised AWS credential * Marina Bay Sands breach exposed data of 665,000 customers * The 3 key stages of ransomware attacks and useful indicators of compromise * Aqua Trivy open-source security scanner now finds Kubernetes security risks * AI-assisted coding and its impact on developers Cybersecurity news Daily Newsletter Weekly Newsletter (IN)SECURE - monthly newsletter with top articles Subscribe I have read and agree to the terms & conditions Leave this field empty if you're human: © Copyright 1998-2023 by Help Net Security Read our privacy policy | About us | Advertise Follow us ×