Akamai warns of the threat posed by AI bots

According to Akamai’s latest Digital Fraud and Abuse 2025 report, AI bots now account for a growing share of this traffic, with activity increasing by 300% over the past year. These bots generate billions of requests, significantly distorting digital operations and analytics. They currently make up almost 1% of total bot traffic on the Akamai platform.

AI bots pose a serious threat to web-based business models across industries. The spike detected by the Akamai company reveals an alarming increase in automated traffic.

In the words of Francisco Arnau, regional vice president of Akamai for Spain and Portugal, “the increase in AI bots has gone from being a concern of the security team to being the big issue for executives. To combat them, we must act by creating frameworks that guarantee the safe adoption of AI, manage evolving risks and protect digital operations,” concludes the manager.

The spike in bots is largely attributed to frequent content scraping and shows how these bots impact web business models. Given the growing bot traffic, corrupt analyzes and drops in income arise, because the bots extract what they are looking for but without providing a benefit to the company.

In addition to analyzing scraping, the Akamai report reveals that the rapid growth of AI tools makes it easier than ever for attackers to attempt impersonation, social engineering, phishing campaigns, and identity fraud with fake photos or documents generated by AI.

The most notable aspects revealed in the report are the following:

• The publishing sector has been the most affected of digital media in general, with 63% activating AI bots.
• Online businesses are under pressure from a variety of bots, both useful and harmful. Although some bots support features such as indexing and search engine accessibility, malicious bots, including FraudGPT, WormGPT, ad fraud bots, and chargeback fraud bots, are driving up costs, degrading site performance, and disrupting key metrics.
• The commerce sector leads AI bot activity, with more than 25 million bot requests recorded during a two-month observation period.
• In healthcare, over 90% of AI bot triggers come from scraping, primarily from search and training bots.

Akamai’s report recommends organizations develop capabilities aligned with OWASP’s three core frameworks for web applications, APIs, and large language models (LLM). These frameworks help security teams map known vulnerabilities, such as those related to broken access control, injection flaws, and data exposure, based on the organization’s fraud risk tolerance, enabling smarter prioritization of defenses.

AI bot traffic skyrockets 300% over the last year, posing a serious threat to web-based business models

The report also includes detailed analysis of how bots evade detection, with regional and sector-specific attack data. It also includes a primer on categories of AI scraper bots and guidance on how to balance regulatory compliance and AI security strategies.

The company currently has the Akamai Bot Manager solution, which effectively detects bot traffic and mitigates malicious bots at the Edge, while effectively managing legitimate bots, all without impacting the user experience. In fact, Bot Manager has visibility to over 40 billion bots a day.

Additionally, Akamai Bot Manager enables more efficient and secure automated operations, increasing customer trust throughout your ecosystem. Bot Manager also provides customers with visualization and reporting tools to track the impact that different types of bots have on the business and infrastructure.

Akamai evaluates each bot against each detection, providing more information about why it was classified as a bot. Proper bot management allows organizations to slow down bots during times of high user traffic, as well as distribute cached content to bots instead of live site content.