For years, the story of holiday web traffic was one of total bot traffic steadily claiming a larger share. In last year’s research we found that it crossed into the majority when total bot traffic outpaced human shopping traffic for the first time. From our analysis this past holiday shopping season, the threat is no longer about bots in general, but about malicious bots – and how they’ve become almost on par with human traffic.
During the 2025 Cyber 5 – Thanksgiving through Cyber Monday – bad bots made up 43% of all traffic to the e-commerce retailers we protect, against just 46% from human shoppers. A year earlier, bad bots formed 31% of all traffic, a roughly one-third jump in a single season, putting malicious automation within three percentage points of the entire human shopping audience during the year’s biggest sales events.
The trajectory based on data from the past few holiday shopping seasons points towards bad bot share moving from near-parity to outright majority, and the question is when, not whether.
The Attacker Pool Got Wider
One of this season’s most important findings is also the easiest to misread. Close to 70% of the bad bot traffic we observed was low in sophistication or basic in nature, up from 44% a year earlier. While this number appears to indicate that bot attacks have become easier to stop, it is not.
It means that the barrier to building bad bots has collapsed, and attacks are now arriving at scale – on the busiest days of the year. What once required real development skill now takes little more than a plain-language prompt. Gen AI has brought a large new population of low-skill attackers online – the ‘script kiddies’ of the AI era – who are able to generate high-volume bots with minimal expertise. Meanwhile, experienced attackers use similar AI tools to make their bots more evasive, more human-like, and faster to relaunch.
Every Major Bot Attack Type Scaled Up
The more established threats of price scraping, ATO, carding etc. all increased in volume this past season, several by orders of magnitude. At one large multinational retailer, account takeover attacks grew more than 5 times year over year, and carding increased by roughly 15 times compared to the previous season. Price scraping climbed to 5 billion detected attacks, and fake registrations grew six times more.
Also important is the timing of these attacks. Aggressive attacks were often targeted before the sale, not just during it. At one retailer, ATO attempts surged roughly 1,100% just four days ahead of Black Friday, timed to target shoppers when they reactivate dormant accounts, top up digital wallets, and refresh stored payment details. Transactional attacks like carding and denial of inventory peaked on the days of sales events, with attackers trying to blend in with the highest legitimate checkout traffic.
AI Crawlers: A Growing Presence on E-Commerce Platforms
AI crawlers operated by the major AI platforms to collect content for training LLMs, indexing for search, or retrieving live information, are a new class of traffic that is neither clearly good nor clearly bad. Across the holiday shopping period, AI training crawlers formed 54% of the overall AI crawling traffic, with AI indexing crawlers making up 27%, and AI retrieval crawlers 19%. This was led overwhelmingly by two operators, with OpenAI’s crawlers alone making up 65% of all crawling activity, and Anthropic’s training crawler a further 20%.
These crawlers harvest commercially valuable retail data, while the benefit they return ranges from real (visibility in AI search) to negligible (content scraped to train commercial LLMs). At one retailer, crawling jumped more than 300% on specific days – costing capacity that may give nothing back. The right response isn’t to block all AI crawlers – it is to govern each crawler based on its intent and the business value offered.
Attackers Still Route Attacks Through Legitimate Origins
ISP-origin bad bot traffic held steady at 23% year-on-year, a clear sign that even with the growth in low-sophisticated attacks that typically originate from data centers, advanced attackers continue to invest in residential proxies and ISP-based routing to mask their attacks and slip past defenses.
Agentic AI is The Next Frontier
The next frontier of agentic activity is here. We already observe AI agents browsing, comparing, and transacting on e-commerce platforms – marking the emergence of agentic commerce. These AI agents are non-human, yet may carry genuine purchase intent from a human customer behind it. This breaks the human vs bot binary that bot defense has traditionally relied upon. As this grey zone widens, the question shifts from “human or bot?” to “trusted or untrusted?”.
What This Means for E-Retailers
Automation is now the baseline condition of web traffic, and malicious bots are closing in fast. For security and business leaders, the implication is direct: Do you have visibility into every class of traffic hitting your applications? Can you tell the wanted from unwanted, and act on that distinction in real-time, at peak scale, on your busiest revenue days?
This capability is what will separate the protected from the exposed in 2026. It calls for AI-powered, behavior-based detection to counter AI-driven attacks, deliberate governance of AI crawlers, low-friction mitigation that stays invisible to genuine shoppers, and readiness for the agentic commerce shift now, rather than turn away AI-driven revenue.
The full report breaks down each attack type, the season’s timeline, and what’s coming next.
Download the report here.