New study finds bots and fraud farms responsible for 73% of web traffic

interestingengineering.com New study finds bots and fraud farms responsible for 73% of web traffic

The report found that bot attacks increased by 167 percent in the first half of the year, with a staggering 291 percent increase in intelligent bots.

New study finds bots and fraud farms responsible for 73% of web traffic::undefined

86 comments

Permanently Deleted
- The headline stat is a misinterpretation of the study which was done by Arkose Labs which "provides businesses with lasting bot prevention and account security by sapping the financial motivations of cybercriminals."
  
  That's pretty vague but skimming it sounds like they prevent automated account creation and takeover. The stat comes from the companies they have access to (who need bot protection enough to pay for it), and 76% of activity on the login/account creation was malicious. That makes a lot more sense. All the various hacks and credential leaks result in bots banging in stolen credentials on high value sites.
  
  The headline stat is a misinterpretation of the study
  
  and 76% of activity on the login/account creation was malicious.
  
  Are you assuming though that that's 76%, once they've created an account, would do no fuether interaction with the Internet after that?
  
  I'm not sure of the point that you're trying to make?
  
  Arkose does log-in protection for Roblox (and others but that's the one I'm familiar with) where the user has to do something like rotate a picture before logging in.
More evidence for the Dead Internet Theory
- Not yet but soon it will be
  
  Death by a thousand ~~cuts~~ bot/shill posts.
- I don’t necessarily think it’s a bad thing if people were good, but it can easily be abused as we’ve seen with election manipulation.
"73% of web traffic" does not mean 73% of comments, posts, content, etc.
- It amazes me when I spin up some random server on a cloud provider and it's immediately getting tons of traffic from bots searching for insecure ssh servers and default WordPress admin credentials and then like. If that's the short of stuff they're counting, I'd believe it. But yeah, it's not like all the commenters on this post are bots.
  
  Yeah we had a presentation at work from AWS , they said expect all ports and protocols on any aws server you spin up to be scanned in less than 1min of any instance being created
  
  But yeah, it’s not like all the commenters on this post are bots.
  
  What percentage would you guess that are bots as commenters?
The web is like a shitty neighborhood now, with stalkers and unpleasant people coming up to you frequently to sell their shady stuff.

Still works for finding answers to technical questions but if I wasn't working in tech, I would probably question why im using it in the first place. Is the entertainment value worth the cost?
- Depends does hentai count as entertainment cayse if so. Yes.
  
  Based. That and comics of culture.
Holy shit, thinking of all the resources that are just wasted for this shit... Imagine you could just slash all web infrastructures by two thirds.
- I really hate the phrase "bots" because it gives the appearance that they're all useless and malicious. I guarantee you they lumped in the following extremely valid uses of "bots":
  
  Automated personal scripts that many programmers use, these are technically bots. Hell, I use a "bot" to auto-clip digital Safeway coupons
  
  Moderation bots on sites like Lemmy/Reddit
  
  Archive efforts
  
  Are AI chatbots bots? If they use a loose enough definition all this means is humans utilize fuck tons of automation over the Internet, both programmers and not.
  
  Tech journalism is fucking garbage. Its always trying to tell me what to think rather than present legit unbiased information. It seems to get worse every year as if these journalist have a hate on for the tech they write about
  
  Why do you think that such bots cause a relevant amount of traffic?
  
  I use a "bot" to auto-clip digital Safeway coupons
  
  How?
  
  I use a bot to convert source code into executable binaries.
  
  That's a very good point, thanks!
- Not really, as with many others the headline is sensationalist. It's missing the "... on login page attempts for sites that pay for and or use bot protection services."
  
  That's very good to know and makes the situation a lot less bleak. Thank you for the additional context!
Soon there will be content created and consumed entirely by generative "ai," an almost shadow-culture.
- They'll have memes beyond our understanding!
  
  Obligatory
100% on Twitter, 150% on Facebook. Or maybe the other way around 🤷
- Was scrolling through Facebook as I still use it to keep in touch with family. 20 sponsored posts for every one actual post. Facebook is terrible.
  
  I just went on my annual visit. I'm not sure if it was ublock or what, but it was actually a fairly pleasant experience with no 'sponsored' content. Reminded me of the Facebook of old. Accessed through the browser, of course. I don't want that cancerous app on my phone.
- How are you about to do that on Facebook? I can't even sign up without it asking for my ID
  
  I had an account for about 10 years which I never used at first, then a fair bit for 3-4 years, linked it to Instagram and WhatsApp. Then I didn’t sign into Facebook for 2-3 years and when I tried, despite having the same email and using the linked IG accounts, they demanded my drivers license. Uh, no way in hell I’ll ever do that, so guess I’m not signing into stupid Facebook. Not sure who the hell they think they are or why they believe I’d consider their awful website so important as to send them my ID.
Horse shit.

Sandvine still released traffic reports. So does Cable Labs.

Maybe attempted connections, but not volume / tonnage / bytes.
- Okay, bot. I believe it, doesn't surprise me at all. Lemmy is also full of bots.
  
  I'm a bot
Permanently Deleted
- This is just what the bots are into.
  
  It's why AI porn is so popular all of a sudden, all the bots thought human porn was weird.
- 70% of my web traffic, anyways.
Yeah dead internet. And I hope this news will kill online marketing for good
- As long as real users exist on the internet, marketing will follow. If centralized social media will be even more of a shithole than already is, then they will slowly target the decentralized. You won't escape marketing.
  
  But if 73% of traffic is fake, and they monitor traffic to determine sentiment and marketing strategies, then who are they actually marketing TO?
  
  Man they caught ~~Google~~ evil actors using Google's infra that pumped up view numbers for video impressions and milking advertisers.
  
  They got swindled millions by the 3ve "scandal".
  
  There's botfarms clicking ads and following brands.
  
  There's warehouses full of smartphones that fake download and fake use apps and fake watch video ads....
  
  At this point it's a money laundering scheme. I refuse to believe that those people responsible are that stupid.
So the same as snail mail and phone calls?
- I recently switched cell providers to save a pile of money, but the new one doesn't have call control like the old did. 100% of my calls over the last two weeks were spam calls. I keep telling myself the savings are worth it, but my God it's annoying.
I miss the days when the internet was a fad that most people were apathetic towards.

before we even had search engines, and had to rely on websites listing links to every website.
- banner exchange 😂
  
  Internet yellow pages and ring networks and word of mouth and slips of paper with weird urls written out on them.
i hate it when i open my laptop and there’s an error sign blocking the trackpad
Bot wars
No I'm not!
- No I'm... Doesn't..
!veryrealtechpics@lemmy.world
Permanently Deleted
Wonder what the engineering solution to this could look like..

Thinking something like a zero trust model being required for all web requests.. Like the target address would need to receive a validated identity token from some third party but that token couldn't contain identifying info about the requester. Likewise, the validating third party would need to verify the identity of the requester without having knowledge of the target address.

Then that raises more questions like who would we all be comfortable trusting as a verifier and what data would we use for that validation? The validation system and the data used to validate would need to be provided for free too to account for low income people so no subscription services or hardware MFA keys. Also who counts as an identity to be validated?

What do enforcement mechanisms look like if this does get built? Are the validators entirely passive or do they actively participate in the process? Like do we have rate limits imposed by the validation engine or do we just leave that to the target address/organization to impose themselves? What happens if someone is banned from a site? Does the site notify the validators to drop requests earlier in the lifetime of a request? Do individuals get a lower request quota than corporations? Would you have to form a company just to prototype a new tool/product?

If someone seriously wanted to work on this I'd jump on the opportunity to work with them. It sounds like a fascinating project.
- It's called Google's "Web Integrity API" and it's a horrifically bad idea.
Giving india access to to the internet was a mistake
- None of the Indians I've met are bots
  
  They are the ones who make bots that flood the internet. But yes most of them act like bots too.
- Bravely said on a throwaway. 🙄
  
  Good morning sir
- Oh no! Poor people!
- Jokes on you majority of internet users are not from India, but from English speaking countries. Any other language takes a smaller percentage.

You've viewed 86 comments.