Cequence 研究顯示，由於惡意機器人流量和詐欺企圖，整個 12 月企業每小時可能面臨平均 258 萬美元的潛在損失

該報告基於 Cequence 統一 API 保護 (UAP) 平台的數據，重點介紹了網路犯罪分子如何在黑色星期五和網路星期一等購物高峰期利用不斷增加的攻擊面。

Cybercriminals are targeting businesses with an average of $2.58 million in potential losses every hour throughout December due to malicious bot traffic and fraud attempts, according to new research from Cequence.

根據 Cequence 的最新研究，網路犯罪分子瞄準的企業在整個 12 月平均每小時因惡意機器人流量和詐欺企圖而造成 258 萬美元的潛在損失。

The report, which is based on data from Cequence’s Unified API Protection (UAP) platform, highlights how cybercriminals are exploiting the increasing attack surfaces during peak shopping periods such as Black Friday and Cyber Monday.

該報告基於 Cequence 統一 API 保護 (UAP) 平台的數據，重點介紹了網路犯罪分子如何在黑色星期五和網路星期一等購物高峰期利用不斷增加的攻擊面。

Findings from the study show a significant rise in e-commerce transactions, which doubled from 5.1 billion in 2023 to 10.4 billion in 2024. Of these transactions, 34.62% were flagged as malicious, reflecting a 138.57% increase from the previous year.

研究結果顯示，電子商務交易量大幅成長，從2023 年的51 億筆成長到2024 年的104 億筆，翻了一番。 138.57%。

Over an 11-day period from Black Friday to Cyber Monday, the report identifies potential losses from cybercrime amounting to USD $681.12 million, with projections for December 2024 estimating losses averaging USD $2.58 million per hour, totalling USD $1.79 billion.

從黑色星期五到網路星期一的 11 天內，該報告確定網路犯罪造成的潛在損失達 6.8112 億美元，預計到 2024 年 12 月損失平均每小時 258 萬美元，總計 17.9 億美元。

There was also a marked increase in sophisticated attack techniques, such as credential stuffing, SMS pumping, and token farming, which rose by 700% year-over-year.

撞庫、簡訊泵送、代幣挖礦等複雜攻擊技術也顯著增加，較去年同期成長 700%。

In one real-world example, a major e-commerce company was able to use Cequence’s bot and API protection capabilities to thwart an SMS pumping attack—which could have cost the company $3,000 every four hours—by blocking fraudulent account creation and preventing further financial losses.

在一個真實的範例中，一家大型電子商務公司能夠使用Cequence 的機器人程式和API 保護功能來阻止SMS 攻擊，該攻擊可能會導致該公司每四個小時損失3,000 美元，方法是阻止欺詐性帳戶創建並防止進一步的財務損失。

Cequence also reported handling a 125% surge in traffic on Black Friday, during which it blocked 11.5 million malicious attempts while maintaining seamless customer experiences.

Cequence 還報告稱，黑色星期五處理的流量激增 125%，在此期間阻止了 1,150 萬次惡意嘗試，同時保持了無縫的客戶體驗。

The research highlights the challenge for businesses in defending against high-volume, sophisticated attacks, as evidenced by the 72.6% increase in mitigated malicious traffic from 2023 to 2024.

該研究強調了企業在防禦大量複雜攻擊方面面臨的挑戰，從 2023 年到 2024 年，緩解的惡意流量增加了 72.6% 就證明了這一點。

“Cybercriminals are seizing on the rapid growth of digital commerce, using increasingly sophisticated tactics to target both businesses and consumers,” said Randolph Barr, Chief Information Security Officer at Cequence. “This year’s findings are part of a broader trend: as e-commerce continues to evolve, so too does the scale and complexity of cyber threats. These findings highlight the critical need for businesses to adopt robust API and bot management solutions to protect revenue, maintain customer trust, and stay competitive in an increasingly digital world.”

Cequence 首席資訊安全長 Randolph Barr 表示：“網路犯罪分子正在利用數位商務的快速增長，使用日益複雜的策略來針對企業和消費者。” 「今年的調查結果是更廣泛趨勢的一部分：隨著電子商務的不斷發展，網路威脅的規模和複雜性也在不斷發展。這些發現凸顯了企業迫切需要採用強大的 API 和機器人管理解決方案來保護收入、維持客戶信任並在日益數位化的世界中保持競爭力。

The research includes several recommendations for businesses to mitigate the risk of cybercrime during peak periods, such as enhancing incident readiness with regular security drills, mapping the attack surface to eliminate exploitable blind spots, and aligning security measures with business objectives to simultaneously protect and enhance user experiences.

該研究包括為企業減輕高峰期網路犯罪風險的幾項建議，例如透過定期安全演習增強事件準備情況、繪製攻擊面以消除可利用的盲點，以及根據業務目標調整安全措施以同時保護和增強用戶經驗。

Cequence also advises deploying multi-layered security strategies, monitoring anomalous behaviour, strengthening access controls, investing in real-time threat management, and optimising systems for high-traffic events like Black Friday for improved security during peak periods.

Cequence 還建議部署多層安全策略、監控異常行為、加強存取控制、投資即時威脅管理以及針對黑色星期五等高流量事件最佳化系統，以提高高峰時段的安全性。