Bots flood the bandwidth of your website, making it slower or unavailable to legitimate users.
Perpetrators, including competitors, use DoS attacks to disrupt a site or take it down. Revenge, blackmail, disruption, and activism can motivate these attacks.
They can use multiple sources, which makes it impossible to stop an attack by blocking a single IP address.
Bots read website pages and scrape valuable information.
Perpetrators gather pricing and product data, and repurpose it to build their own sites.
Bots inject breached or stolen username/password pairs to fraudulently gain access to user accounts. These attacks are common on sites with large user bases. This is especially true of sites running on WordPress and other CMS platforms.
Perpetrators drain breached accounts of stored value. This includes things like credit card numbers, and other personally identifiable information. They also use the information to send spam and make further illegal transactions.