Attackers Start Simple, Then Escalate

Last quarter, over half of all bot traffic came from basic scripts — cheap and noisy, but devastating at scale. When those failed, adversaries quickly pivoted to more advanced tactics.

55%
Basic Bots

Low-skill, high-volume attacks that still overwhelm defenses.

31%
Mid‑Level Bots

Evasive, stealthier attacks using proxies and headless browsers.

13%
Advanced Bots

Adaptive, human‑like attacks designed to beat detection.

Three Critical Threats Emerged

Kasada’s research identified three dominant attack vectors that are reshaping the cybersecurity landscape in 2025, including scraping, account takeover (ATO), and automated checkout.

Three Critical Threats Emerged

Our research identified three dominant attack vectors that are reshaping the cybersecurity landscape in 2025, including scraping, account takeover (ATO), and automated checkout.

AI Scrapers Flooded Sites

Over 120M AI scraper requests detected in Q2 — most from the OpenAI user agent, peaking at 950K/day. These tools bypass robots.txt to repurpose your content without consent.

Account Takeovers Soared

Retail, QSR, and webmail made up ~72% of stolen account sales in Q2. Airline ATO activity spiked 80%, while accommodation sector revenue soared 196%.

Hype Bots Fueled Markups

Bot-powered resale surged as 3,160 Labubu doll checkouts drove markups of +25% to +127% — fueled by just two cook groups.

AI Scrapers Flooded Sites

Over 120M AI scraper requests detected in Q2 — most from the OpenAI user agent, peaking at 950K/day. These tools bypass robots.txt to repurpose your content without consent.

Account Takeovers Soared

Retail, QSR, and webmail made up ~72% of stolen account sales in Q2. Airline ATO activity spiked 80%, while accommodation sector revenue soared 196%.

Hype Bots Fueled Markups

Bot-powered resale surged as 3,160 Labubu doll checkouts drove markups of +25% to +127% — fueled by just two cook groups.

Who’s at Risk

Six key industries were most targeted by bots in Q2 – here’s how attackers profited from each.

Retail

Loyalty points & stored payment data targeted.

Airlines

Frequent flyer accounts sold at scale.

Gaming

Bots exploiting limited‑release items.

Hospitality

Premium hotel loyalty accounts in demand.

QSR

Mobile order accounts as low‑risk, high‑volume targets.

Real Estate

Listing data scraped for competitive advantage.

About the Data

KasadaIQ provides an inside view into the adversary ecosystem — analyzing millions of automated interactions each quarter across 2,000+ collection points and 23M+ messages from open and closed sources. This intelligence informs our defenses and helps enterprises stay ahead of evolving threats.

Learn more about KasadaIQ

The latest from Kasada

  • Q3 2025 Threat Intelligence Report

    New intelligence from Kasada highlights the resurgence of online reselling communities, the persistence of Account Takeover, and how AI and proxy networks are redefining the automated threat landscape.

  • Q2 2025 Threat Report

    Discover Q2 2025’s top bot attack trends — scraping, credential stuffing, and fraud tactics — with insights from Kasada’s threat intel team.

  • A CISO’s Guide to Bot Protection Effectiveness – Breaking Open the Black Box

    Learn how to validate bot protection effectiveness, mitigate business risks, and ensure your defenses align with operational and regulatory needs.

Are bots sneaking past your defenses?