More than half of web traffic is now automated with financial institutions a top target for malicious bots, according to a new report by the cybersecurity firm Imperva. The firm found that in 2024, automated traffic surpassed human activity, accounting for 51% of all web traffic. Thirty-seven percent of traffic was the result of “bad bots,” which include malicious automated software that targets consumers and businesses.
The U.S. is the top target for bad bots with financial services the fourth most targeted industry, following travel, retail and education. However, financial services were the top industry for API attacks, in which bad actors attempt to break into a computer system to steal data. It was also the top industry for account takeover attacks, in which hackers gain access to a customer’s account.
“The proliferation of APIs in the industry has expanded the attack surface for cyber criminals who target API vulnerabilities such as weak authentication and authorization methods, to conduct account takeover and data theft,” the report concluded.
