Mobile Ad Fraud Impacts and What To Do About It

Way back in 1999, Bell Labs published the first research paper on digital ad fraud. It concluded fraudsters are easily able to inflate click numbers on target sites. It also explored how extremely difficult it is to eliminate fraud in web advertising.

More than two decades later, fraud is still an open problem. In fact, it’s a problem that costs businesses billions every year. Statista estimates that, in 2022, ad fraud cost $81 billion in the U.S. alone. Ad fraud — and its associated costs — are only likely to grow as ad spending grows.   

Impacts of ad fraud on marketing 

As we have seen, fraud is a multi-billion dollar industry. But why else should marketers care about fraud?

  • Waste: Finding fraudulent traffic and networks results in spend that needs to be clawed back or remediated with networks.
  • Data quality: Bad traffic sources may appear to be ROI positive, so more money is spent in these locations without actually providing a tangible return.
  • Time: Fraud investigation takes a lot of time, resources, and evidence to build a case.

Impacts of ad fraud on the ecosystem

Gif showing an illustration of the ad fraud ecosystem

Ad fraud impacts four main parts of the AdTech ecosystem:

  • Brands and advertisers: No one wants to pay more and get less. This is how an advertiser feels when they have been hit by fraud. They can also lose trust in the network and the publisher.
  • Publishers: Publishers are the content creators and rely on advertisers to buy premium ad slots. When fraudsters deflate the value of their ad inventory, a publisher’s advertising-based business model can be significantly affected.
  • Networks: Networks act like matchmakers between advertisers and publishers, pairing ad budgets with ad slots. When ad budgets are mapped to fake ad slots, advertisers can lose their faith in these networks — and networks can lose their high-spending customers.
  • Customers: As ad spend increases and the app owners are hit with fraud, brands and advertisers usually raise prices to help recoup the losses. Most customers never know ad fraud occurred, but they are also affected by it.

As an industry, we tend to look at this as a brand/partner/network problem, but it is larger than that. Everyone is affected by ad fraud — and no one party wants to accept liability or responsibility for the losses. This is why collaboration is so necessary. Each stakeholder in the ecosystem needs to collaborate and take the necessary actions to weed out fraudsters.

Main ad fraud tactics

Many nuances exist among different fraud tactics.

Attribution hijacking

Organic hijacking of real users happens by spamming and/or injecting fake clicks.

  • Click injection: A fraudulent app or malware may fire off a click when it detects an install. This will happen just before the app is opened in an attempt to take credit for a legitimate install. 
    • How to identify click injection: Google Play Referrer timestamp comparison and short click-to-install times are good indicators.
  • Ad stacking: Fraudsters place many ads behind a single ad to make one click register as many clicks. 
    • How to identify ad stacking: Low click-to-install rates are typical indicators.
  • Click flooding: Bots fire off clicks from as many device IDs as possible. The hope is to steal credit for any installs originating from one of these device IDs within the attribution window. 
    • How to identify click flooding: Long click-to-install times and low click-to-install rates are common indicators.

Fake activity 

Fake user activities are generated using real devices, emulators, or SDK-spoofing scripts.

  • Fake devices and click farms: A fraudster can use hundreds to thousands of devices to repeatedly click ads, generate installs, and then engage with the app. The devices are regularly reset and the traffic is routed through VPNs to mask the activity. 
    • How to combat fake devices and click farms: Such fraud can be flagged and blocked through blocked IPs and blocked devices. Pattern detection based on brand, model, and OS version is another method.
  • Device ID reset fraud: Because device IDs can be reset at any time, malicious fraudsters could leverage device ID dumps to perform installation fraud. This is done by installing an app, interacting with it, resetting its IDFA, deleting the app, and then reinstalling it to simulate an install from a completely new device. 
    • How to combat device ID reset fraud: Key traits for this type of fraud are suspicious personas. Branch, for example, leverages its extensive network of personas to identify the traits of a genuine user. Branch can then easily identify installs originating from device ID resets.
  • SDK spoofing: This occurs when fraudsters fake or misrepresent device data sent to the mobile measurement partner (MMP). The goal is to hide their fraudulent activity, making it appear as if it’s coming from legitimate devices. This is a very sophisticated type of fraud — and it is growing significantly. Ad fraudsters are perpetually evolving attempts to duplicate legitimate device activity. They’re also faking retention by spoofing additional sessions and in-app conversion milestones in an attempt to match a normal retention curve of the app’s vertical and location.
    • How to combat SDK spoofing: Branch utilizes proprietary spoofed device detection via fraud rules and multi-anomaly threshold detection.

How to battle ad fraud

“It’s all about questioning what is too good to be true. If it’s too good to be true, it usually is. If it’s too bad to be true, it’s the same thing. If you have anomalies of conversion rates that are exceptionally high or too low, that’s where you should be questioning yourself rather than the networks. If you don’t question yourself, you’ll never catch any fraud at all.” — Nikhil Parachure, Independent Marketing Consultant from the webinar Ad Fraud: How is this still a thing and how can I stop it?

Ad fraud is continuously evolving. As marketers get more sophisticated, so do the fraudsters. Part of battling fraud is monitoring metrics so you can ask the right questions and find inconsistencies. Of course, identifying real versus fake clicks and being able to detect downstream fraudulent activity — and doing all this in real time — is not easy. But this is something Branch takes very seriously. Our business intelligence team studies bad actors closely to understand their latest techniques and to provide a continuous feedback loop to the Branch fraud suite. This ensures our clients are protected.

Learn more about how to tackle ad fraud in our webinar, Ad Fraud: How is this still a thing and how can I stop it?