- The report warns that sophisticated robots imitate human behavior so many outdated defenses have no chance of you
- Mobile applications are besieged, with an increase of 160% of bot traffic targeted from year to year
- Captcha farms and rotating proxies help robots bypassing the basic defenses
The Internet has entered a new era where automated traffic now explains more web activity than human users, according to new research.
The report on the threat of electronic electronic commerce in Radware in 2025 claims that the majority of traffic towards online stores during the 2024 holiday season did not come from people. He came from bots.
For the first time, automated programs – ranging from simple writers to improved digital agents in AI – represented 57% of all traffic, exceeding human visitors on electronic commerce websites.
A smarter generation of bad robots
The report highlights the continuous evolution of malicious robots, because almost 60% now use behavioral strategies designed to escape detection, such as rotating IP addresses and identities, using CAPTCHA farms and imitating human navigation models, which makes them difficult to identify without advanced tools.
The only effective counter is equally intelligent detection – the defenses fueled by AI which can learn and adapt. Companies must reassess their safety battery and look beyond basic filters to solutions offering DDOS advanced protection and intelligent traffic surveillance.
“Bad robots are no longer based on simple scripts-they are sophisticated agents and improved by AIA capable of thwarting traditional defenses,” said Ron Meyran, vice-president of Cyber-Menace Intelligence at Radware.
“Electronic suppliers and online retailers relying on conventional security measures will find themselves increasingly exposed, not only during the holidays but all year round.”
Mobile platforms have become a critical battlefield, with an astonishing increase of 160% of the targeted mobile target activity between the 2023 and 2024 holiday seasons. The attackers deploy mobile emulators and headless navigators who imitate the legitimate behavior of the application.
The report also warns against robots that blend into daily internet traffic. A 32% increase in attack trafficking in residential proxy networks makes much more difficult for electronic commerce sites to apply traditional rate or geo-clipping techniques.
The most alarming development is perhaps the boom in multi-voter campaigns combining bots with traditional exploits and attacks targeted by the API. These campaigns go beyond the prices to scratch or test stolen references – they aim to completely remove offline sites.
For companies based on the best manufacturers of electronic commerce websites or friendly platforms, the threat is clear. Security must evolve in stage with the attackers. Platforms must also adopt mobile protections dedicated to defending themselves against these increasingly sophisticated threats.
