Traffic from smart bots is disrupting the online environment. According to Fastly (FSLY)'s recent security report for the third quarter of 2025, approximately 29% of all web requests are generated by automated bots. The report emphasizes that it has become difficult to view bot activity purely as a security threat, suggesting that automation has deeply embedded itself in the structure of the internet.
Analysis indicates that traffic from AI-based crawlers and data collectors is particularly concentrated among a few large platforms. Meta (META) accounted for about 60% of all AI crawler traffic in the third quarter, while OpenAI's ChatGPT is said to generate 68% of AI collector traffic. These bots play a core role in supporting AI search, providing summaries, interactive responses, and other advanced services, but also trigger traffic overload and content access issues, prompting companies to modify their data management strategies.
According to Fastly, the interception rate of benign bot traffic in the media, entertainment, and high-tech industries is only 4%. This means that most businesses have not yet effectively addressed the side effects of automated access. A bigger issue is the sophisticated automated tools known as 'headless bots'. They browse websites like real people and, while also used for testing purposes, can be misused for data scraping, fraud, credential theft, and other malicious purposes.
The report shows that this quarter, billions of requests were generated by headless bots, most of which targeted industries concentrated on transactions such as finance and e-commerce. Attackers use bots for automated large-scale probing while manipulating their behavior to make them appear human-like, cleverly evading security systems.
Therefore, businesses are required to go beyond merely intercepting bots and adopt more refined monitoring and control strategies. This is because the same automated tools are used in internal testing and performance validation, and excessive interception may impact development and operations.
In the context of the ongoing expansion of AI data collection activities, Fastly emphasizes that both enterprise security teams and management need to develop policies that balance technological innovation, content protection, and operational stability. The report warns that to adapt to the increasingly intelligent automation era, businesses also need to refine their monitoring and decision-making systems.