It is legitimate to ask the question: isn’t fraud prevention ultimately just a game of cat and mouse?
In reality, the answer is yes. It has even become evident in the daily work of fraud prevention. If this is the first time you enable any of Adjust’s fraud prevention suite filters, it is likely that you will immediately capture a certain volume of suspicious assignments.
Over the next few minutes and hours, the volume of suspicious assignments drops rapidly. The explanation is quite simple, the fraudster noticed that he no longer gets credit for these app installs, automatically increasing his CPI (Cost per install). Once that happens, the financial interest in the fraudster wanes, so they naturally decide to redirect their attention to other campaigns and apps.
This example shows how crucial it is to stay abreast of the latest mobile fraud techniques.
Throughout this article, we want to examine two common types of mobile click fraud – “click spamming” as well as click injection
.
CLICK SPAMMING’: HOW FRAUDORS GET ORGANIC USERS
There is a particular technique that allows the fraudster to gain organic users. This type of fraud, called “click spamming”, occurs when a fraudster attributes clicks to users who did not create them. It starts when a user lands on a mobile web page or an app operated by a scammer. From there, any type of click fraud can take place:
The mobile web page can perform mobile click scams in the background without any visible or interacting ads. Spammers may start clicking in the background while the user is engaging their application, giving the impression that they have interacted with an advertisement. The scammer app can generate clicks at any time if it is using an app that is running in the background 24/7 (e.g. launchers, garbage collectors, battery savers, etc. ). The scammer can send impressions on clicks to give the impression that a view has been converted to an engagement. The spammer can send clicks of invented device identifiers to tracking providers. What unites these approaches to mobile click fraud is that a user does not realize that they have been registered to interact with an ad. This is because, in reality, they have never seen anything. As a result, the user can install an app organically, but a fraudster claims to have seen an ad, which means that conversions will be attributed to a source unrelated to the installation.
THE IMPACT OF ‘CLICK SPAMMING
“Click spamming” is insidious because it essentially captures organic traffic, tags it unwittingly, and then claims credit for the user. This has serious consequences for an advertiser, the most obvious of which is paying for an organic installation.
Not only is this expensive for advertisers, but this type of mobile click fraud also has other effects:
Bad calculation of organic installations:
First of all, and related to the previous point, the fact that the advertiser does not know that they have paid for an organic install skews a number of related statistics.
So it risks underestimating the number of organic users generated by the app, which affects both internal cohort analysis and potentially the impact of marketing activities that can generate organic installs, such as the ASO (app store optimization), branding, and press relations, potentially cannibalized through spam.
Poorly informed user acquisition strategies:
Poaching of organic facilities also threatens the certainty of strategic acquisition decisions. If an ad network claims organic users and those users perform well within an app, the advertiser will obviously decide to invest in that channel to acquire more users of the same type. This creates a vicious cycle in which the advertiser continues to pay ad networks for organically acquired users until they realize the mistake.
“Click spamming” can affect the decisions of the entire company. While these organic users are undoubted of good quality, their presence in the paid acquisition cohorts will make a marketer pay for advertising in other channels that target these groups. This is despite the fact that these groups might just download the app in question without the need for an ad, meaning the advertiser wastes time and money looking for users who could be targeted from another. way.
More reliable channels suffer from this situation:
Investments by advertisers will be made at the expense of other channels. Campaigns without fraudulent conversions will appear to perform less well than stolen organic users. Missing ROI on relatively un-fraudulent channels comes at a cost to the advertiser: while they could have invested in chasing cohorts of promising users, their budget is cornered by fraudulent channels.
“Click spamming” might seem like a minor problem, but if it’s not caught early, it can seriously damage your app’s attribution efforts.
HOW CAN ‘CLICK SPAMMING’ BE DETECTED?
It is impossible for advertisers to tackle “click spamming” directly because it is up to publishers to stop engaging in this practice.
However, advertisers can detect “click spamming” by looking for a specific pattern. During our investigation of the issue, we discovered that there was a clear difference between the distribution of genuine clicks over time and that of spammers.
For a genuine traffic source, clicks are attributed to a normal distribution. The precise shape and size of the distribution will vary from traffic source to traffic source, but the model of a trusted source is essentially a massive number of installs in the first hour before a rapid drop in performance.
The sources of “click spamming” behave differently. Installs from a fraudulent source are distributed flat because the spammer can trigger the click but not the install. Therefore, installs (and times between clicks and installs) will follow a random distribution pattern.
This means that it is possible to eliminate spammers after the event. By refusing to allocate installs to traffic that generates traffic with a flat distribution, advertisers can fight spammers. That being said, we are finding that fraudsters are venturing into other techniques as fraud prevention becomes more common.
CLICK INJECTION: HOW FRAUDORS USE INSTALLATION BROADCASTS TO THEIR BENEFIT
Click an injection is a sophisticated form of “click spamming”. By publishing a low-effort Android app, which uses so-called “install broadcasts,” scammers can detect downloading other apps on a device and trigger clicks just before the end of the process. installation. The fraudster will, in this case, receive credit for the installations (usually organic) accordingly.
To put it simply, fraudsters using click injection tools use an unwanted app to hijack the user’s device at the right time – and with the right information – to create a seemingly legitimate “click ad” and thus obtain the cost per installation payments.
Fake ad interactions don’t just hijack ad budgets that could have reached more prospects. Worse, such conversions cause marketers to mistakenly believe that some paid campaigns are more successful with users than they actually are.
Marketing data becomes polluted: The conclusions drawn by the numbers that marketers exploit are based on data containing systematic inaccuracies. This can mean that advertisers continue to invest in relatively ineffective ads, using funds from potentially better placed and better-designed campaigns.
If you run a lot of cost-per-install campaigns across several different ad networks, especially in high CPI markets such as the United States, you have a higher risk of exposure.
HOW CAN ADJUST HELP YOU?
In February 2019, we announced a new standard in the fight against mobile ad fraud called “Proof of Impression Click Validation”. This standard for click validation encourages ad networks to send impression data with a unique identifier corresponding to user clicks. Since the start of the year, it has been a key requirement for members of the Coalition Against Ad Fraud (CAAF) network, an industry alliance founded by Adjust to fight mobile ad fraud.
Others in the industry are urged to do the same, creating more transparency and unifying their efforts to prevent fraud within the ecosystem.
By sending a print request before the click, it will finally be possible to verify whether a matching commitment has been made by the same device: enough to provide a more precise attribution and a reduction in the waste of the budget going to advertising fraud.(Try Clickcease 14 Days Trial)