Fraud Traffic: The dark side of mobile digital advertising

Discover how fraudsters make you waste your budget on fake app installs

Fake app installs are part of developers and advertisers’ daily life. 
I am not just talking about incentive installs or fraud downloads made by bots or clickfarms, but of new ingenious methods that are introduced by fraudsters every day.

The reason is simple: mobile advertising is a cave of gold. Considering the only USA, mobile app installs advertising expenditure reached $5.7 billion last year and it is constantly growing. There is a huge market available for fraudsters and they won’t miss the opportunity to earn money easily.

Over 15% Paid Installs are Fake

Graphics and data by DataVisor

Last reports from DataVisor tell us that every 100 installs, at least 15 are fraud. While this number lowers if we refer only to premium publishers and ad networks (where fraud rate is around 5%), we are still talking about $300 millions that US developers and advertisers are wasting every year.

If this 5–15% fraud rate does not scare you (while it should), it’s because you don’t know that fraud rate can fluctuate consistently, depending on many factors. Within the same trusted network, you can have campaigns with fraud rates below 10% and other ones above 90%. Fraudsters are quickly adopting new methods to fake installs and this makes more difficult to find reliable ad networks to work with.

Graphics and data by DataVisor

Fraud rates can even change from country to country. You can find the highest ones in North America and Europe, driven by the higher payouts, but you will face the same problems moving to east countries like India.

Android devices are used for fraud 5x more than iOS ones and their average fraud rate is 5.8% compared to 3% on iOS (thanks to the fact they are easy to hack). Newest models of Android and iOS devices have relatively low rates of fraud because they are not cost-effective for use in install farms.

Top 3 Types of Fraud

Frauding is an evil art that relies on many different tools and methods. You will probably know the most common ones, but I bet you will be surprised by the newest.

1. Bots, Emulators & Clickfarms

This is a very common type of mobile app install fraud. Even if it seems easy to detect (e.g. VPN traffic, proxies, duplicate IPs, old OS versions, low post-install events, low retention), it can still have some pitfalls. Fraudsters constantly work to make fake installs more and more similar to genuine one, changing Google IDs, increasing retention and post-install events or even introducing fake IAPs.

2. Click Spam

Known also as ‘organics poaching’, this method is one of the most interesting. Click Spam starts when a user lands on a mobile web page or in an app in which a fraudster is operating. From here, many things can happen.

Graphics and data by Adjust

The mobile app (or web page) could be executing clicks in the background without visible ads while the user is in or even at any time, if we are talking about an app able to run in the background 24/7. Moreover, fraudsters can send impressions-as-clicks to make it look as if a view has converted into an engagement.

The result? A user may install your app organically, but a fraudster will claim they’ve seen an advert and you will pay him for conversions that had nothing to do with the install. Since the fraudster is stealing organic installs (that are generally top quality), you will see him as a good source of traffic and… you will increase your spending on that source, wasting more and more money!

3. Click Injection

Similar to Click Spamming, Click injections differs from it because it is more sophisticated.

Graphics and data by Adjust

Android apps can access a feature called “broadcast intents” that let them know when other apps are installed on a device. What happens if a fraudster owns an app with such feature and many users (let’s say a common “flashlight” app)? He will make lots of fake installs.

If a user of that app installs a new app that has been advertised with display advertising, there’s a chance that the fraudulent app has participated in the campaign — and so has access to the tracking codes.

The fraudster will receive the credit for that install as a consequence of this action because the fake click will happen right after the download but before the app opening.

How to avoid fraud traffic?

As you can see, fraud is a serious matter. To fight it and stop wasting your money, you will have to be smart:

  1. Work only with trusted networks that has an integrated anti-fraud system and that can give you direct support on your app install campaigns
  2. Make a list of relevant soft KPI that your app install providers will have to meet basing them on your organic users’ behaviour
  3. Analyze the results, monitoring in particular conversion rate, retention rate, purchases and ROI
  4. Switch off bad sources of traffic as soon as you have a proof of fraud or incent installs from your tracking system or after your analysis.

If you don’t do this yet, I invite you to start as soon as possible.


This article was meant to give you an idea of what is going on in mobile digital marketing world right now. Of course, there is much more to say.
But don’t worry: I will help you soon with an in-depth article about fraud detection and analysis to optimize your app install campaigns and avoid fraud traffic.

Anyway, if you want direct support on this matter just contact me on Twitter, drop me a line via email or write us at myAppFree to discover the best traffic sources.

Did you find this story useful? Follow me on Medium for more interesting posts about mobile digital marketing and app install.

This story is published in The Startup, Medium’s leading publication for entrepreneurs and startups.

You can subscribe to get the top stories here.