Fighting Ad Fraud Part One: Types of Fraud

ad fraud

As digital advertising – especially mobile advertising – skyrockets, ad fraud has become an even more urgent issue.

To dig deeper into the numbers:

  • Further, “a study commissioned by WPP ad agencies The&Partnership and conducted by ad verification company Adloox estimates advertisers could be wasting $16.4 billion to fraudulent traffic and clicks manufactured by bots in 2017.”
  • These estimates are up from a 2015 Interactive Advertising Bureau report that notes that the digital advertising and media industry loses more than $8 billion to advertising fraud every year. Of that amount, more than $1 billion in losses can be attributed to mobile alone.

So what can publishers and brands – indeed, the entire digital ad value chain – do to address this destructive issue?

The first step is being able to identify the types of ad fraud that are common on mobile. Once you know what to look for, fighting it becomes just a little bit easier.

Types of Fraud

It’s important to understand that many different types of fraud exist.

One type is CPM (impression-based) fraud. CPM fraud can include:

  • Stacked Ads: Multiple advertisements are layered on top of each other. Users only see one ad, but every advertiser in the layered ad stack is charged for the impressions
  • Invisible Pixels: Pixel ad serving shows ads as an invisible pixel within the display screen. Users never see an ad, but advertisers still get charged for the impressions.
  • “Unstoppable” Apps: Apps are rigged by the publisher to load ads non-stop, even when the user is not using the app.
  • Video Auto-Play: Videos are played automatically or played unnoticed in the background, costing advertisers money even though no real users are watching the ad. Fraudsters may design bots that play and pause video ads within the span of a second or two, earning the revenue without raising suspicions.

Another common fraud type is CPC (click-based) fraud. CPC fraud can include:

  • Misleading Ads: Ad creatives that seem like a warning or system alert that tricks users into clicking; or are totally unrelated to their end products, tricking the user into thinking they are clicking through to a different product or service; or have a deceptive close or X button, tricking the user into clicking when they are really trying to close the ad. Some fraudulent ads even remove the close or X button altogether, forcing the user to click the ad in order to close it.
  • Auto-Redirects: A fraudster interrupts the normal ad flow, automatically redirecting a user to an ad’s landing page even though the user never performed a click action.

A third type of mobile ad fraud is CPI (install-based) fraud. CPI fraud can include:

  • Install Farms: Though rare, there have been instances of human-run install fraud being generated through an install farm, where 10-50 people with dozens of mobile devices manually install applications.
  • Attribution Fraud: Pre-clicking, which is similar to “cookie-stuffing” on desktop traffic. Here clicks are not made by a user seeing an ad, but by artificially using device or user details to make it look like a user completed the click. This activity outsmarts common attribution methods in order to attribute organic installs to publishers as paid installs.install farm

Another type of ad fraud which is becoming more common is post-install fraud. Post-install fraud can include:

  • Value of Install Fraud: After the install, bots can simulate average user behavior within an app, tricking the advertiser into believing that they acquired a high-value user. This incentivizes advertisers and networks to run more campaigns with the fraudulent publisher who originated the install, creating a fraud loop.
  • Credit Card Fraud: Fraudsters will capture real or counterfeit credit card numbers and use them to complete in-app transactions in target apps. Before the credit card fraud is caught, these fraudsters have already earned revenue from advertisers for the post-install event.
  • Registration Fraud: Install farm workers register on landing pages, using fake emails to open fake accounts.

There are also different types of fraud that don’t fall easily into any of the above categories. Other fraud types can include:

  • Bots: Just as on desktop, mobile bots simulate ad clicks or installs. Programs are designed to avoid detection by attributing clicks or installs to fake user IDs, device IDs, or IP addresses.
  • Undisclosed Traffic: Fraudsters pass off incentivized traffic as non-incentivized traffic by artificially suppressing the click or install rate to just below the fraud detection threshold of most ad tech providers.

To combat the fraud challenges, many ad networks and ad tech providers, including StartApp, have begun identifying, cataloguing, and analyzing mobile fraud to detect patterns in order to flag potential fraudsters, lay out strategies to block fraud, and develop methods to prevent fraudulent traffic before it even begins.

Read part two of our series, “How to Protect Yourself” here!

For more information on ad fraud, how to fight it, and case studies from StartApp’s own fraud prevention team,  download our whitepaper: “Winning the Fight Against Mobile Fraud”


Share Article

Back to Blog