Hello All,
We've just released the Radware 2026 E-Commerce Bot Threat Report, and one stat from the report stands out: malicious bots are now nearly level with human shoppers during peak holiday traffic (43% vs 46%).
Alongside this, over the past few days we asked your perspective on the most common bot attacks during the holidays.
What the community sees most
From your responses, the most frequently cited bot attack types were:
#1 Account Takeover (ATO)
#2 Price Scraping
#3 Fake Account Registrations
What we see from our research
Your inputs closely align with what we observe at scale:
- Price scraping dominates the volume of bot attacks
- ATO and fake account registrations are increasing multi-fold, among the fastest growing attack types
- Carding attacks are surging, with a 15x growth year-over-year detected at one large retailer
- AI crawlers that extract content at scale on behalf of AI platforms are a growing presence on e-commerce
- The shift towards AI agents and agentic commerce is already underway
Bottom line
The same bot attack types you're facing day-to-day are the ones scaling fastest globally, but are now amplified by the rise of AI-driven bot threats.
- Where do you see AI having the biggest impact on bot attacks? Let us know here.
Take a look at the full report for deeper insights - and thank you for contributing your perspective!
Full Report Download Link