Distil Networks recently released its annual Bad Bot Report titled, “Bad Bot Report 2019: The Bot Arms Race Continues.” The report investigates hundreds of billions of bad bot requests from 2018 over thousands of domains to provide deeper insight into the daily automated attacks wreaking havoc on websites, mobile apps and APIs. The findings suggest that bot attack sophistication continues to evolve, as advanced attackers learn to adapt their techniques in order to invalidate existing defense tactics.

“Bot operators and bot defenders are playing an incessant game of cat and mouse, and techniques used today, such as mimicking mouse movements, are more human-like than ever before,” said Tiffany Olson Kleemann, CEO of Distil Networks. “As sophistication strengthens, so too does the breadth of industries impacted by bad bots. While bot activity on industries like airlines and ticketing are well-documented, no organization – large or small, public or private – is immune. When critical online activity, like voter registration, can be compromised as a result of bad bot activity, it no longer becomes a challenge to tackle tomorrow. Now is the time to understand what bots are capable of and now is the time to act.”

Bad bots are used by competitors, hackers and fraudsters and are the key culprits behind account takeovers or hijacking, web scraping, brute-force attacks, competitive data mining, transaction fraud, data theft, spam, digital ad fraud and downtime. Produced by the Distil Research Lab, a team of dedicated analysts who examine the most sophisticated automated threats for some of the world’s most attacked websites, this report underscores the increasing pervasiveness of bad bots, revealing that no industry is safe from malicious bot activity.

Key Findings from the 2019 Bad Bot Report:

  • In 2018, bad bots accounted for 1 in 5 website requests (20.4 percent of web traffic). Good bots decreased slightly to make up 17.5 percent of traffic.
  • 73.6 percent of bad bots are classified as Advanced Persistent Bots (APBs), which are characterized by their ability to cycle through random IP addresses, enter through anonymous proxies, change their identities and mimic human behavior.
  • Nearly 50 percent (49.9 percent) of bad bots report their user agent as Chrome. Mobile browsers, such as Safari Mobile, Android and Opera increased from 10.4 percent last year to 13.9 percent.
  • Amazon is the leading ISP for originating bad bot traffic. In 2018, 18 percent of bad bot traffic originated from Amazon compared with 10.62 percent the previous year.
  • Despite the fact that 53.4 percent of bot traffic originates from the United States, Russia and Ukraine combined make up nearly half (48.2 percent) of country-specific IP block requests.

This year’s report provides a comprehensive breakdown of some of the top industries impacted by bots and the specific challenges they face. Key findings include:


Percentage of Bad Bot Traffic

Type of Attacks

Financial Services

42.2 percent

Credential stuffing to access or take over user accounts


39.3 percent

Scalping bots, seat inventory checkers, credential stuffing


37.9 percent

Scraping for research papers, class inventory and user account access


29.9 percent

Voter registration account interference, scraping business registration listings

Gambling and Gaming

25.9 percent

Scraping ever-changing betting lines, account takeover seeking loyalty points


25.9 percent

Scraping pricing information, account takeover to empty airline mile balances


18 percent

Price scraping, content scraping, account takeovers, credit card fraud and gift card abuse

To download a full copy of Distil Networks’ report, visit: https://resources.distilnetworks.com/white-paper-reports/bad-bot-report-2019