Even as the mobile advertising ecosystem expands, the situation of mobile ad fraud continues to remain a constant problem in the equation. According to a recent study, advertisers are most likely to lose around $7.2 billion globally by the end of 2016 due to the rising cases of impression fraud, click fraud and install fraud.

This is a major concern as nowadays, most of the mobile ad spends are based on a CPI model. In fact, other cost models like PPC, PPM, CPR, CPT, etc. are also no exception to this problem as fraudsters are always looking for new tactics to break through the security vault and steal money from advertisers.

Given the magnitude of losses caused by such acts of fraud, it’s important for marketers to stay informed about the various routes through which fraudsters launch their attack.

For who knows, you might be actually paying for your organic installs?

So before burning money on clicks, make sure that you’re up to speed with the types of mobile ad fraud so that you can easily detect the quality of your traffic.

1) Geo-fraud or wrong targeting

This kind of a fraud can occur in the case of marketing campaigns, which target users from specific geographies or location. Here, marketers who spend money on purchasing geolocalized traffic are provided with false data that alters the device location from which clicks or installs are registered. In layman language, this is a case of wrong targeting for clicks, installs, or, any form of in-app activities. Instead of showing the ads to the targeted audience, they’re run on irrelevant networks that ultimately reduce conversions.

2) Fake impressions through ad stacking

Sometimes, marketers are tricked by using techniques that generate fake impressions of their ads for which they’re charged. This is usually done by showing two or three ads that coincide each other and appear on the same space. But only one of those ads are made visible to the users and still, the advertisers get charged. This can be taken as another instance of fraud.

3) Fraud using Spoofing

This is another technique that’s quite common amongst fraudsters for committing repeated fraud. In this case, hackers manipulate the device and browser of users to resemble a different device or browser. This results in multiple cases of clicks, downloads or installs from the same device whilst portraying and counting it as occurring from several other user devices or browsers.

How does it happen?

With the availability of large no. of apps that can change the settings of a mobile device to simulate a different set of configurations, spoofing has become quite convenient for fraudsters. These apps enable fraudsters to manipulate their mobile device settings so as to make it appear like a different mobile device. Similarly, tools like FraudFox can help fraudsters manipulate a browser’s fingerprint to match a different ID or generate a new ID.

4) Fake unique device IDs

Another resort available with cyber criminals is the use of manipulative tools or techniques, like device farms. This enables them to generate a large numbers of fake unique device IDs through which they tend to provide fake traffic or even, fake installs.

5) Attribution fraud or Click Stuffing

Click stuffing refers to the situation where users are deceptively redirected to an app install page on the Google Playstore or App Store by say, using a false offer or communication. Obviously, these users have no known intent in downloading the app. However, if the same users happen to download the advertised app from another source (organic or others) at a future date out of their own interest, the initial fraud publisher gets the credit for that particular install.

So fraudsters tend to staff a lot of clicks as there is a good probability of the app being downloaded by a fraction of those users at a future date. However, as per the first click attribution logic, these downloads or installs will get attributed to the fraud source.

6) Bots & non-human traffic

When it comes to committing fraud through invalid traffic, fraudsters often rely on creating bots or fake profiles. This is also known as ‘non-human traffic’, which has become a huge nuisance as they result in huge losses on the marketing ROI. At present, the existence of millions of such bots in the app marketing ecosystem has worsened the scenario for marketers. According to a ANA / WhiteOps study, bots account for 52% of traffic, which happens during midnight and 7:00 am.

When we’re talking about bots, it’s important to understand that their operation is not just limited to random clicks. Nowadays, bots are sophisticated and they’re programmed to carry out specific tasks like mimicking online user-behaviour. These actions range from being as specific as clicking on particular ads, visiting relevant landing pages, showcasing an intent to purchase or transact without actually completing the process. But relying on such user-behaviour data may make marketers believe that they’re dealing with some good leads here. This could further persuade them to run some retargeting campaigns targeting these fake users and burn a hole in their pockets.

So by using these mechanisms of automated traffic, fraudsters generate fake ad impressions, clicks and other in-app activities that bring down the effectiveness of marketing campaigns.

7) Hacking the postback URL & APK

Fraudsters often simulate app downloads or any post-install event by hacking the install postback URL and manipulating it. This results in faking bulk installs through a single click or bulk clicks on the ads, as per the predefined KPIs of marketing campaigns. So, sometimes even when you get great response for your marketing campaigns, it’s difficult to be certain if those are genuine users you’re dealing with.

Hacked APK downloads

In some cases, fraudsters also rely on hacked APK downloads. It’s the easiest way for them to steal from marketers and make money from app downloads, or even, in-app purchases.

The best case here is the Android app market, which is very prone to fraudulent practices.Every year, millions of downloads are stolen from the Google Play Store as hackers adopt the reverse engineering route to obtain the APK code of an app along with the attribution SDK used by fraud publishers. By doing so, fraudsters increase the app downloads from non-preferable sources and obtain downloads that are segregated from the Google Play Store.

8) Deceptive ad creatives

Last but not least, is something that all of us have come across. Remember clicking on an ad that advertises something but takes you to a different offer or app when you click on it? This is what we call the misuse of creatives which results in deceiving the user with a false offer or communication. What’s worse about this kind of an ad fraud is that it deceives both the advertisers and the users at the same time. In some cases, users are even charged money for clicking on such fraudulent advertisements.

So make sure you include these points in your checklist while running your marketing campaigns on mobile and don’t lose out on your ROI.

To learn more about mobile ad fraud, just drop me a line at neelanjana@affle.com!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>