Los IA traigators already represent almost 80% of the AI bots trafficaccording to him Threat Report of the First Quarter of Fastly 2025based on 6,500 million monthly applications collected through their application protection solutions and APIS for NEXT-GEN WAF, BOT Management and DDOS Protection companies.
The report, which offers an overview of security trends, attack vectors and malicious activity in application security, reveals that the volume of attacks aimed at electronic commerce has doubled in a year, and has gone from 15% in the first quarter of 2024 to 31% in the same period of 2025.
In addition, the report highlights that 37% of all observed Internet traffic comes from automated traffic or bots. Of this traffic, 89% is considered as unwanted traffic. Therefore, distinguishing between desired and unwanted bot traffic is increasingly important for companies. Unwanted traffic includes malicious bots and can cause accounts, advertising fraud or data theft.
On the other hand, search engine trackers, which represent 66% of legitimate bots traffic, help improve visibility and attract visits to the websites. Knowing how to identify and manage this difference allows you to block harmful activities without affecting essential services.
Goal is at the head of large -scale tracking activity, adding more than half of the traffic and more than the sum of Google and OpenAi. Chatgpt, meanwhile, generates most of the web traffic in real time.
Tracking growth is also promoting a significant increase in content scraping and bandwidth consumption. Also in the appearance of access patterns that saturate servers and reproduce effects similar to distributed service denial attacks, even without malicious intention of those who launch these types of activities.
90% of this traffic is concentrated in North America, which points to a growing geographical bias in the data sets used to training large language models and raises doubts about the neutrality of its results in the future.
In general, companies related to the high -level technology industry belong to the most attacked sector, and total 35% of the total observed attacks. On the other hand, in terms of activity, in March 2025 there was a daily average of more than 1.3 million login attempts with compromised passwords. In part, these attempts were driven by the use of proxy services for the automation of activities.
Fastly’s quarterly threat report is based on 6,500 million monthly applications collected through its application protection solutions and APIS for NEXT-GEN WAF, Bot Management and DDOS Protection companies.
Simran Khalsa, Staff Security Researcher de Fastlyhe pointed out of the results of the report that «As the bots represent an increasing part of Internet traffic, distinguishing between useful and unwanted automation becomes essential. If you are not actively managing bots traffic, it may be in an infrastructure, bandwidth or performance that, in reality, is being malicious in serving malicious traffic or does not provide any value«.
