Mobile Ad Fraud: How Not to Become ‘Gollum’s Precious’ for Fraudsters and Which Companies Already Have
The gist
With the rise of modern tech, more and more web traffic has been shifting to mobile. As many as 60% of Internet users switch between a variety of devices, and 39% only use smartphones to go online.
Digital marketing is changing: companies actively promote their mobile apps and buy ads. Along with familiar and reliable ad channels, such as Google, Facebook/Meta, many niche providers of in-app ads have sprung up.
The booming mobile market has made in-app ads a very attractive marketing channel, but many advertisers are wary of it because of the high risk of fraud. However, there are certain monitoring tools that can be used to identify the low-quality traffic and streamline the work with ad sources.
Types of mobile ad fraud
· Click flooding: a large number of clicks are sent to the ad tracker in hopes to land the last click before the app is installed. The users don’t actually see the ads, and the clicks are made in the background.
· Click injection: clicks are sent when an app is installed in hopes to intercept the organic clicks or other ad channels that actually led to the install.
· Bot farms: views, banner clicks, installs, and conversions are made by fake users.
· Incentive traffic: non-target users are brought in for reward. Usually, they aren’t interested in the app, so their actions are meaningless to the advertiser.
According to our analysis and the data we accumulated, in-app fraud may account for up to 90% of all add traffic. Converted to cash, the number is no less impressive: in 2017, Uber lost $100M to mobile fraud — and didn’t know it until years later. Now that IDFA (The Identifier for Advertisers) is gone, install costs are expected to rise due to the increasingly complex attribution.
We at Admon think that it is wrong to give up on in-app ads — if used properly, it can be a very effective ad channel.
Finding fraudsters
In February 2020, we launched a monitoring tool designed to identify click fraud in mobile installs by external means.
We installed a bunch of apps with the worst reviews on Google Play and App Store and found all the ads that generated fake clicks. Then we checked with the advertisers that worked with us on mobile fraud monitoring and recorded the sources of fake clicks.
Eventually, we wrote a parser that gathers the ad offers related to fraud traffic from the sources we had identified. It wasn’t an easy task, since the fraudsters go out of their way to conceal their traffic. For instance, a fraud link opened in a regular browser on a PC may yield a blank page. To access the content, it’s necessary to configure the user agent parameters and find the right combination of device, browser, and Internet connection.
Another solution that we used here was a web crawler designed to search the contextual ads for a specific brand — it impersonates different devices and successfully passes all verification checks set by fraudsters. Thus, we successfully found the right parameters for each source of fraud traffic.
Distribution between markets
We compiled a list of top fraud victims based on the analysis of 500K fraudulent clickthroughs during the summer and 100K during September.
Here are the diagrams with the markets most vulnerable to fraud:
Percentage: share of fraud in the mobile app traffic.
Interestingly, in September, we found 1,108 apps infested with fraud traffic, and 2,239 during the summer. And this data wasn’t that hard to get.
It can be seen from the diagram that specific categories start to stand out in September. Business (includes job hunting apps) becomes the third-largest category. That’s when the labor market is recovering from the vacation season.
Thanks to the latest wave of COVID, Medicine is also on the rise. Sports traffic declines for obvious reasons, while Food and Drinks goes up in the ending season of evening walks, restaurant take-outs, country trips and vacations.
Education enters the Top 10 due to the surge in educational services as the academic year starts.
We were curious — which apps get the most fraud traffic? Here are some of the leaders in their respective categories: Alibaba, Bettery, Shein.
One of our most important take-aways: there are very few major sources of fraud (we will call them “roots”). For example, Russia has only 10 distinct fraud channels, but their traffic is sold in hundreds of CPI networks and has thousands of different ID publishers, that is why fraud traffic grows at an exponential rate.
Why mobile fraud exists
Advertisers try to counter fraud through different channels and block thousands of fraud publishers or banners. But it doesn’t go away: removing the original source of the fraud traffic, the companies don’t deal with the real reason, and fraudsters continue to push their traffic through other networks and agencies.
A case study
The advertiser works with three different CPI agencies. The data shows that the first agency brings 40% of all paid installs. But the advertiser has to stop working with them due to the pandemic and the shrunken marketing budget. However, the traffic goes down only by 10%.
What’s going on here? Obviously, the agency brought only 10% of the real ad traffic, and the rest 30% were interceptions of organic installs through click flooding or injection. Which means that the advertiser paid for 1,850 organic conversions every month.
Such cases don’t mean that all paid traffic should be immediately shut down. We recommend optimizing the traffic through thorough analysis: look closer at your traffic sources and fine them in direct proportion to the amount of fraud they bring.
“How much traffic in my app is fraud traffic?”
If that’s what you’re asking yourself, we recommend applying for a test of your app in our database.
