New study finds bots and fraud farms responsible for 73% of web traffic::undefined

  • auf@lemmy.ml
    link
    fedilink
    English
    arrow-up
    192
    arrow-down
    1
    ·
    11 months ago

    The fact that this post is by a bot makes it sound so ironic

    • designatedhacker@lemm.ee
      link
      fedilink
      English
      arrow-up
      60
      arrow-down
      1
      ·
      11 months ago

      The headline stat is a misinterpretation of the study which was done by Arkose Labs which “provides businesses with lasting bot prevention and account security by sapping the financial motivations of cybercriminals.”

      That’s pretty vague but skimming it sounds like they prevent automated account creation and takeover. The stat comes from the companies they have access to (who need bot protection enough to pay for it), and 76% of activity on the login/account creation was malicious. That makes a lot more sense. All the various hacks and credential leaks result in bots banging in stolen credentials on high value sites.

      • jdeath@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        ·
        11 months ago

        Arkose does log-in protection for Roblox (and others but that’s the one I’m familiar with) where the user has to do something like rotate a picture before logging in.

      • Cosmic Cleric@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        11 months ago

        The headline stat is a misinterpretation of the study

        and 76% of activity on the login/account creation was malicious.

        Are you assuming though that that’s 76%, once they’ve created an account, would do no fuether interaction with the Internet after that?

        I’m not sure of the point that you’re trying to make?

        • Syrc@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          11 months ago

          Well, I mean, if a bot protection company found malicious activity in account creation, I’m assuming they stopped the account from completing it…?

          • Cosmic Cleric@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            arrow-down
            1
            ·
            11 months ago

            I’m assuming they stopped the account from completing it…?

            They could have let it continue to monitor it, in a honey-pot sort of way, to learn more about the bot, and it’s network.

            But I was asking towards intent, not success. Why would people have bots create accounts and then do absolutely nothing with those accounts afterwards?

        • designatedhacker@lemm.ee
          link
          fedilink
          English
          arrow-up
          0
          ·
          11 months ago

          You think these bots are streaming movies and music? 73% of Internet traffic is not bots. It’s all YouTube, Netflix, Insta, TikTok, Spotify, etc media consumption. 73% of login traffic may be bots, but it’s a teeny drop of global traffic.

          • Cosmic Cleric@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            arrow-down
            1
            ·
            11 months ago

            73% of login traffic may be bots, but it’s a teeny drop of global traffic.

            So you are assuming they’re just logging in and not doing anything else, yes?

            That there are no bots that (for example) watch YouTube videos and then gives them a like up or down, depending how they’ve been paid to do so, etc?

    • indepndnt@lemmy.world
      link
      fedilink
      English
      arrow-up
      17
      ·
      11 months ago

      It amazes me when I spin up some random server on a cloud provider and it’s immediately getting tons of traffic from bots searching for insecure ssh servers and default WordPress admin credentials and then like. If that’s the short of stuff they’re counting, I’d believe it. But yeah, it’s not like all the commenters on this post are bots.

      • Enigma28@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        11 months ago

        Yeah we had a presentation at work from AWS , they said expect all ports and protocols on any aws server you spin up to be scanned in less than 1min of any instance being created

      • Cosmic Cleric@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        11 months ago

        But yeah, it’s not like all the commenters on this post are bots.

        What percentage would you guess that are bots as commenters?

        • indepndnt@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          That’s a good question, I doubt I could make a very accurate guess. Just broadly though, based mainly on the lack of an immediately obvious payoff, I’d guess less than 50%.

  • arandomthought@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    42
    arrow-down
    1
    ·
    11 months ago

    Holy shit, thinking of all the resources that are just wasted for this shit… Imagine you could just slash all web infrastructures by two thirds.

    • JDubbleu@programming.dev
      link
      fedilink
      English
      arrow-up
      42
      arrow-down
      2
      ·
      11 months ago

      I really hate the phrase “bots” because it gives the appearance that they’re all useless and malicious. I guarantee you they lumped in the following extremely valid uses of “bots”:

      • Automated personal scripts that many programmers use, these are technically bots. Hell, I use a “bot” to auto-clip digital Safeway coupons
      • Moderation bots on sites like Lemmy/Reddit
      • Archive efforts

      Are AI chatbots bots? If they use a loose enough definition all this means is humans utilize fuck tons of automation over the Internet, both programmers and not.

        • JDubbleu@programming.dev
          link
          fedilink
          English
          arrow-up
          3
          ·
          11 months ago

          Because they’re used absolutely everywhere, and often back large portions of Internet infrastructure. I’m a backend developer and we have thousands of “bots” running at any given time to keep our systems going. They generate traffic equivalent to thousands of people and are maintained by a 3 person dev team. This is for a relatively small company. When I was at AWS the scale was much more unfathomable.

        • JDubbleu@programming.dev
          link
          fedilink
          English
          arrow-up
          2
          ·
          11 months ago

          TamperMonkey (I’ve been told to use ViolentMonkey instead as TamperMonkey isn’t open source) and the script here. Then you can run a script to periodically log into your account in a headless browser and click the button. Unfortunately there’s no coupon API so this is the best solution I could think of.

        • Decoy321@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          11 months ago

          They go, “hey bot, would you please clip me some Safeway coupons?”

          Then the bot goes and gets their little bot scissors and their bot newspaper, then clips up some coupons and hands them to OP.

          It’s a pretty endearing sight.

          • Flying Squid@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            11 months ago

            Then the bot goes and gets their little bot scissors

            But digitally.

            and their bot newspaper,

            But digitally.

            then clips up some coupons

            But digitally.

            and hands them to OP.

            But digitally.

            They said we’d all be living in a VR world by now back in the 90s!

    • fmstrat@lemmy.nowsci.com
      link
      fedilink
      English
      arrow-up
      12
      ·
      11 months ago

      Not really, as with many others the headline is sensationalist. It’s missing the “… on login page attempts for sites that pay for and or use bot protection services.”

  • 1984@lemmy.today
    link
    fedilink
    English
    arrow-up
    36
    ·
    edit-2
    11 months ago

    The web is like a shitty neighborhood now, with stalkers and unpleasant people coming up to you frequently to sell their shady stuff.

    Still works for finding answers to technical questions but if I wasn’t working in tech, I would probably question why im using it in the first place. Is the entertainment value worth the cost?

  • grayman@lemmy.world
    link
    fedilink
    English
    arrow-up
    20
    arrow-down
    2
    ·
    11 months ago

    Horse shit.

    Sandvine still released traffic reports. So does Cable Labs.

    Maybe attempted connections, but not volume / tonnage / bytes.

    • dreamer@lemm.ee
      link
      fedilink
      English
      arrow-up
      5
      ·
      11 months ago

      How are you about to do that on Facebook? I can’t even sign up without it asking for my ID

      • sanguine_artichoke@midwest.social
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        I had an account for about 10 years which I never used at first, then a fair bit for 3-4 years, linked it to Instagram and WhatsApp. Then I didn’t sign into Facebook for 2-3 years and when I tried, despite having the same email and using the linked IG accounts, they demanded my drivers license. Uh, no way in hell I’ll ever do that, so guess I’m not signing into stupid Facebook. Not sure who the hell they think they are or why they believe I’d consider their awful website so important as to send them my ID.

        • Cosmic Cleric@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          1
          ·
          11 months ago

          I didn’t sign into Facebook for 2-3 years and when I tried, despite having the same email and using the linked IG accounts, they demanded my drivers license. Uh, no way in hell I’ll ever do that, so guess I’m not signing into stupid Facebook.

          Curious if you give Discord your phone number?

  • Nacktmull@lemm.ee
    link
    fedilink
    English
    arrow-up
    17
    ·
    11 months ago

    And I thought porn and cat pictures where responsible for 70% of web traffic… TIL

    • Ethalia@feddit.ch
      link
      fedilink
      English
      arrow-up
      7
      ·
      11 months ago

      As long as real users exist on the internet, marketing will follow. If centralized social media will be even more of a shithole than already is, then they will slowly target the decentralized. You won’t escape marketing.

      • JeffKerman1999@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        3
        ·
        11 months ago

        Man they caught Google evil actors using Google’s infra that pumped up view numbers for video impressions and milking advertisers.

        They got swindled millions by the 3ve “scandal”.

        There’s botfarms clicking ads and following brands.

        There’s warehouses full of smartphones that fake download and fake use apps and fake watch video ads…

        At this point it’s a money laundering scheme. I refuse to believe that those people responsible are that stupid.

      • CaptainSpaceman@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        11 months ago

        But if 73% of traffic is fake, and they monitor traffic to determine sentiment and marketing strategies, then who are they actually marketing TO?

        • Cosmic Cleric@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          1
          ·
          11 months ago

          Those left over who are still human.

          But you do bring up a great point, what happens when the Internet is nothing but bots/shills?

  • affiliate@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    arrow-down
    2
    ·
    11 months ago

    i hate it when i open my laptop and there’s an error sign blocking the trackpad

    • ThePrivacyPolicy@lemmy.ca
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      I recently switched cell providers to save a pile of money, but the new one doesn’t have call control like the old did. 100% of my calls over the last two weeks were spam calls. I keep telling myself the savings are worth it, but my God it’s annoying.

  • A_Random_Idiot@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    edit-2
    11 months ago

    I miss the days when the internet was a fad that most people were apathetic towards.

    before we even had search engines, and had to rely on websites listing links to every website.