Bots Make All Employers, Even Small Employers, Vulnerable To Cyber Attacks

A new study by SiteLock serves as a warning to business owners who maintain an online presence, particularly those who engage in online commerce.

Researchers found that bot traffic on the internet was 5.5 times higher than human traffic in 2021, when compared to 2020. This rise is a sure signal that malicious actors are increasingly employing automated software attacks, and they seem to be targeting small and medium-sized businesses (SMB).

Unfortunately, the study also found that smaller businesses tend to be indifferent to the threat. Although 48 percent of SMB believe they are too small to be a threat, 50 percent have already been breached. In fact, the study found that 4.1 million websites around the globe are currently infected with malware.

Researchers found that Wordpress, the most popular and highly rated content management system, is also the most vulnerable. They point to the large number of plug-ins the system utilizes. Researchers observed that for every five plug-ins on a website, the risk of a malware attack is almost double.

SiteLock strongly advises SMBs to avoid the false notion that they are not a target. Even data regarding who visits your website and what they view is information that a cybercriminal can use to create phishing attacks. If you engage in online commerce, the stakes are higher because your visitors provide valuable payment information. Aaron Hurst "4.1 million websites infected with malware worldwide" (Mar. 22, 2022).


The most common tool for blocking automated bot traffic is a CAPTCHA solver, in which the user must identify a slightly distorted word or select specific pictures from several choices. Many businesses, however, hesitate using CAPTCHAs because they can lead to a loss in customer conversion (e.g. completing a purchase or account creation).

Experts suggest owners monitor and evaluate website traffic. Unexplained traffic spikes, lower than normal conversion rates from specific traffic sources, or high bounce rates (visitors who enter then immediately leave the website) can signal bot traffic. In addition, stay alert to increases in failed login attempts, and promptly investigate the source.

Regardless of the steps you employ to limit your risk of attack, ignoring the risk is no longer a manageable option.

Finally, your opinion is important to us. Please complete the opinion survey:


New Fax Number for Best Practice Help Line

The fax line for Best Practice Help Line consultation requests is now 918-712-5965.

Fake Postal Service Note Infects Devices: How Employers Can Address Phishing Risks

Clicking the link in the phony postal service email delivers an infected Excel file. How can employers fight back?

Synthetic Identities And Ghost Employees

The recent sentencing of a cybercriminal gang in the U.S. highlights growing types of cyber fraud. Learn about the risks.

Facial Recognition Faces Challenges Even Though Passwords Still Present Security Risks

Facial recognition logins on government sites are put on hold for now. Read why passwords continue to remain the default.