It’s a natural progression: Marketers go where the consumers are. And of course, the fraudsters follow next. As smartphone usage continually increases, it was only a matter of time before mobile ad fraud blew up as well.
A recent report from mobile measurement company Adjust found that mobile ad fraud doubled year-over-year during the first quarter of 2018. It continually contributes to a larger portion of the overall global digital ad fraud, which was more than $16 billion last year.
“As dollars flow into mobile, specifically the mobile app ecosystem, fraudster attacks become more common,” says Casie Jordan, Director of Professional Services at Twitter’s mobile monetization platform MoPub, during a panel discussion at the recent Impact Growth 2018 event. “We refer to it as a perpetual arms race loop that may never stop, as long as ads are transacted digitally.”
Adds Scott Alexander, COO of video ad platform LKQD, “The goal here is not to eliminate mobile ad fraud, but to make it more difficult to the point where it’s unprofitable.”
Consumers spend the overwhelming majority of their mobile time in-app. That makes apps attractive for fraudsters, especially given the heavier lifting required by the advertisers. Websites can be updated in real time; mobile apps take longer and the user has to download the latest version.
AppsFlyer spent six months analyzing 10 billion installs on 6,000 different apps. The mobile marketing platform found that 11.5% of app installs were fraudulent. That contributed to nearly $800 million worth of fraud in the first quarter of 2018, representing 30% more financial losses than the previous year.
Looking deeper, AppsFlyer found that 22% apps have more than 10% fraud, while 12% of apps have more than 30%. Size doesn’t particularly matter to criminals; larger advertisers have more money, but their smaller counterparts tend to have less sophisticated lines of defense.
Types of mobile ad fraud
Creativity is a hallmark of any good marketer. Unfortunately, the same is true for the cybercriminals making money at their expense. Here’s an overview of eight common types of mobile ad fraud:
- Bot traffic. Automated ad traffic allows fraudsters to collect money for phony impressions.
- Click flooding. Large numbers of fraudulent click reports are submitted, taking credit for attribution.
- Cookie stuffing. Fake clicks from real users result in ads targeted so well that people may convert naturally.
- Toolbar injection. Foreign software deployed on someone’s browser clicks on ads.
- Click injection. When fraudsters remotely hijack a user’s device and click an ad immediately after an app is downloaded, they essentially steal credit for app installs.
- Software Development Kit (SDK) spoofing. Hackers break into the communication line between the developer-side analytics tools and back-end servers. This makes it look like app downloads took place.
- Device ID spoofing. When a device appears to be a different one, cybercriminals act on behalf of consumers. This also inflates the unique user pool.
- Device ID resetting. Criminals download apps and click on real ads before resetting the device and doing it again (and again and again).
Mobile ad fraud solutions
As LKQD’s Alexander points out, fraud numbers are so high that eradicating the problem is an unrealistic expectation. A few things marketers can do to at least alleviate mobile ad fraud is pay attention to anomalies, say, between app store numbers and the reporting platform; and keep their SDKs up to date.
However, Amit Joshi, Director of Product and Data Science at fraud detection platform Forensiq, notes that SDK-based integration often comes with technical issues and requires more adoption time. He thinks artificial intelligence (AI) should be part of every marketer’s fight against fraud, especially since the cybercriminals leverage the technology themselves.
“I might be able to garner 10 fake websites a day and they might look somewhat real. Using AI, I could train a model to develop thousands of fake websites a day and have them almost perfectly mimic real websites, while being different enough so they’re not exactly comparable,” he says. “On the other side, AI can also spot anomalies and help you respond efficiently.”
Another defensive tactic marketers can deploy is, of course, being selective with partners. Make sure yours are committed to cleaning up the ecosystem and have more transparent, detailed insights than simply saying, “There’s fraud.” Mobile ad fraud isn’t going to stop, but these strategies can decrease how much it impacts your company.
Or as Alexander says, “You don’t have to be faster than the bear. You just have to be faster than the other people running from the bear.”