Radware’s 2025 E-commerce Bot Threat Report revealed that automated bots accounted for 57% of all traffic to e-commerce websites during the 2024 holiday season.
This marks the first time that bots – computer programs designed to imitate human behaviour online – have surpassed actual shoppers on e-commerce platforms.
Although not all bots are harmful, such as search engine crawlers, the report cautions that many bots are created to perform malicious actions. These activities include scraping prices, hoarding inventory, committing fraud, and launching attacks on online retailers.
Many malicious bots now mimic real shoppers by employing tactics like switching IP addresses, rotating identities, and solving CAPTCHAs to evade detection.
“Today’s bots are powered by artificial intelligence and are much harder to detect,” Radware Vice President of Cyber Threat Intelligence Ron Meyran said.
“Retailers who rely on outdated security measures could be leaving themselves wide open to attacks, not just at Christmas, but all year round.”
The increasing prevalence of bots can impact various aspects, including product availability, website performance, and the prices consumers ultimately pay.
Businesses are encouraged to find ways to block malicious bots without hindering genuine shoppers while also staying ahead of attackers who continually evolve their tactics.