Malicious traffic surged nearly 20% from Q1 to Q2 2025.

Three-quarters (75%) of scams now target critical workflows such as account creation and sign-in processes.

Desktop-based threats targeting dating platforms declined by 16%.

Excluding U.S. traffic, the highest concentrations of fraud hubs are found in Brazil (over 11%), Great Britain (nearly 10%), Vietnam (over 6%), and Nigeria (9%).

Dating platforms experienced a 61% surge in mobile attacks.

The overall device distribution for dating platforms flipped from 55% desktop prevalence to just 39% desktop prevalence.

Despite growth in mobile threats, desktop remains the favoured channel, accounting for 68% of attack traffic.

Overnight fraud surges were observed in Vietnam (38%), Mexico (38%), and India (36%).

Attack automation services targeting gaming increased from 15% to 25% of all gaming-related attacks.

The Roblox browser accounted for 18% of gaming attacks, indicating a platform-specific vulnerability

Sign-up fraud traffic in the Fintech sector escalated to 17 times the industry average.

Great Britain was responsible for 44% of attacks specifically targeting the Fintech sector.

The use of attack automation services increased from 31% to 36% of all attacks from Q1 to Q2 2025.

Average attack size grew by over 12% from Q1 to Q2 2025, demonstrating that attacks are becoming larger and more aggressive in scale.

Evening fraud attack peaks were observed in Pakistan (65%) and The Philippines (43%).

AI bot traffic surged by 300% from 2024 to 2025, significantly impacting digital operations and analytics.

AI bots now compose nearly 1% of total bot traffic across Akamai's platform as of 2025.

LLM crawler traffic rose from 2.6% of verified bot traffic in January to over 10.1% by August.

88.9% of domains disallow GPTBot in their robots.txt files.

DataDome alone detected nearly 1.7 billion requests from OpenAI crawlers in a single month.