Good Bots, Bad Bots, and What You Need to Know

In 2015, internet bots made up for only a little less than half of online traffic. Of that, anywhere from 18% to 29% of the traffic was from bad bots, and only 19% to 27% was from good bots. Smaller websites tend to think they’re immune to bot traffic, but the harsh reality is, the smaller the website, the higher the chance of being visited by bots, both good and bad.
Bot Traffic Varies According to Website Size
Source: Incapsula

To advertisers, most bots are the nonhuman programs who generate fake ad impressions or serve hidden ads to trick browsers into downloading malware or spreading spam. Now, bots are becoming more stealthy and difficult to detect, and they can do more than just deliver false ad impressions.

There are both legitimate and malicious bots out there. The legitimate ones keep the web running smoothly and ensure that the higher quality content gets seen, but malicious bots do the exact opposite.

Legitimate Bots

Not all bots are bad; legitimate bots are actually helpful to websites. They’ll crawl site pages in order to determine SERP ranking, and they’re what help keep weather, sports, and other news updated in real-time.

Plus, there are also bots that’ll help you find the best price on a product or discover any stolen content. Good bots ultimately assist in the growth and development of the web.

Spider Bots. These are the bots that are used by search engines, such as Googlebot or Bingbot. They explore web pages and analyze content, organization, and linking, using that information to determine the ranking of pages on a SERP.

Trader Bots. Trader bots crawl online auction sites (such as eBay or Amazon) to find the best deals on a product or service. Online retailers will use them to help inch out the competitor by posting a better price or a more in-depth product description.

Media/Data Bots. These are the bots that provide real-time updates on the weather, news and sports, currency exchange, and other data. They’re also used to censor online chat rooms and instant messenger programs.

Copyright Bots. Copyright bots are the opposite of malicious scraper bots. They search the internet for material that has been copied or plagiarized in order to catch the thieves and possibly gain monetary compensation.

Malicious Bots

Malicious bots are designed by hackers and other internet users to generate false ad impressions, serve spam and malware, overtake networks of computers to form botnets, and steal content and information.

Fortunately, the number of bad bots has declined from previous years. But their actions are becoming more human and advanced, making them harder to detect. Malicious bots are thriving on smaller sites, where there’s less security. While they’re having trouble keeping up with human visitors on the larger sites, where the security and traffic filtration is more prevalent, they’re still making up over a third of the overall traffic.
2014 to 2015 Bad Bot Traffic Comparison
Source: Incapsula

Chances are, your website has seen its fair share of malicious bot traffic. However, there are different types of bad bots that you should be aware of.

Spam/Email Bots. These bots spread spam content and advertising links all over the internet. They’ll also collect email addresses, phone numbers, and other personal information submitted by users through forms filled out online.

Impersonator Bots. These bots are more advanced malicious bots designed to impersonate regular human users in order to bypass site security and carry out the harmful orders of the hacker using them.

Zombie Bots and Botnets. Zombie bots take over your computer and run in the background, essentially turning your computer into a “zombie.” Most of these zombie bots attack residential IP addresses, making them difficult to catch. A collection of these “zombie” computers is what makes up a botnet, which is a network that uses these infected computers to perform a variety of malicious deeds, such as a targeted group attack known as a DDoS attack.

Download Bots. Also known as transfer bots, these bots attach themselves to legitimate web pages and are used to transfer users to a malicious website instead of the web page that the user requested.

Spy Bots. These bots are used for surveillance and data mining to collect information about a person, website, or company. Usually, hackers will then sell the information gathered to a marketing firm or rival company.

Website Scraper Bots. Scraper bots will steal original content from a site and reprint it on various sites throughout the internet without permission. Usually, victims of scraper bots don’t even know their content’s been stolen unless they’re actively searching for it.

Click Bots. Click bots are the ad fraud bots that advertisers have grown to know and despise. These bots set out to intentionally engage with your advertising, therefore skewing your data incorrectly and costing you money for fraudulent clicks.

These bots may cause you to believe that an advertising campaign is doing really well, depending on what metrics you’re measuring, and may lead you to pour more money into a campaign. Rival companies may use click bots to cause a competitor to quickly run through their daily budget, so their ad won’t show for very long.
Types of Malicious Internet Bots
Source: Incapsula

Advanced Persistent Bots

Malicious bots are growing increasingly sophisticated. So much so that bot detection company Distil Networks gave these bots a new name in their 2016 Bad Bot Landscape Report: Advanced Persistent Bots (APBs).

Distil’s report describes three different sophistication levels of bad bots: simple, evasive, and advanced. Advanced bots make up about 46% of bad bot traffic, and of this percentage, 39% are advanced enough to mimic human behavior. Simple bad bots, on the other hand, decreased from 23% to 12% of total bad bot traffic. Evasive bots make up about 42% of bad bot traffic, and are more advanced than simple bots because they can disguise their activities by rotating IP addresses or changing user agents.

APBs have several advanced capabilities that help them mimic human behavior, and they’re much harder to identify because they aren’t noticed by many of the existing security solutions. These advanced behaviors include loading external resources, tampering with cookies, and browser automation.
Percentage of Bots Mimicking Humans
Source: Distil Networks

They can also load JavaScript, which many analytical tools use to function. The ability to load JavaScript means they have the potential to throw off key metrics measured by these tools, since a lot of them function with a JavaScript code snippet. Because APBs are able to mimic human behavior more and more, Distil predicts that analytical tools will pass about 53% of bad bots as legitimate human traffic.

These advanced bots are also able to use tactics such as dynamic IP address rotation, which allows them to choose rotating IP addresses from huge pools and obscure their origins by distributing their attacks over hundreds of thousands of IP addresses.

The Future of Bots

While the overall amount of bad bots has decreased, the ones that still exist are getting more and more advanced.

Recently, chat bots have been gaining more popularity. These are AI bots that are programmed to learn from and respond to humans over online applications, such as Facebook Messenger. Most recently, Microsoft had an AI named Tay who learned how to act more human from the habits of Twitter users.
Microsoft AI Tay Twitter
Source: Telegraph UK

Tay backfired of course, because Microsoft didn’t double check that Tay knew the difference between what was offensive and illegal and what wasn’t.

But, Tay was still a stepping stone for more advanced AI technology. Bots are aiming to become more like humans, and even replace them in some cases. Facebook Messenger is perfecting its personal assistant “M,” and many brands online are using chatbots for customer service needs.

The continued advancement of bots means that bots are becoming more human over time. This is great for the good bots, as they will be able to perform their jobs better and improve the online experience.

However, that means the bad bots will be better at acting human, too, and these sophisticated bots are much harder to combat. As bot software evolves, websites will have to improve their security and traffic filtration, because it will become that much harder to distinguish a malicious bot from an everyday user.