When you want to increase app visibility, downloads, and engagement, promoting your mobile app with different pay-per-click and marketing campaigns can be a great choice. It can help you extend your reach significantly and quickly, and you’re typically going to be paying for specific results like installs or clicks.
Mobile app campaigns, however, have some major issues to be aware of, especially as mobile ad fraud has become increasingly common. This fraud can directly impact app owners and marketers, as it can result in you paying for manipulated results that aren’t really what they appear to be.
App marketing and advertising are still generally profitable, but it’s crucial to understand the signs of mobile ad fraud so that you can act right away before it chews up ad spend and derails your campaigns.
In this guide, we’re going to look at everything you need to know about identifying and resolving mobile ad fraud, including the following:
There’s a lot to cover, so let’s get started.
Mobile ad fraud refers to intentionally misleading actions that seem to drive more traffic to an app or online mobile site in exchange for payment. However, that only creates an illusion of increased activity.
You may, for example, pay to promote your app with the goal of increasing clicks or downloads. There’s an initial surge of traffic, but it isn’t real users; the activity comes from bots or fake clicks.
Some publishers use misleading practices to cash in on revenue from an app’s paid advertising dollars without actually having to deliver results reliably.
It’s worth pointing out that mobile ad fraud is different from other types of fraud, as you can see here:
So, who are the people and companies committing mobile ad fraud?
It’s essential to understand who is behind the ad schemes in order to better identify them.
In many cases, mobile ad fraudsters are actually going to be an advertising partner. This could be an affiliate or a third-party advertising platform or publisher that will have ads appear on different online properties in order to drive traffic to your site. They’ll put you in touch with new users and get paid when those users convert— or appear to.
This could be:
They may use a variety of different tools in order to achieve their fraud and profit goals, including the following:
Running into mobile ad fraud may just seem like bad luck, but it’s actually responsible for wasting billions of dollars every year all over the world.
When publishers are using device farms or malicious bots to drain advertising resources, you’re losing ad spend on empty clicks and downloads. These clicks will never engage beyond the initial surge and that will never drive revenue.
And just as significantly, it’s important to keep in mind that you may make decisions based on inflated numbers from this fraud, which can have even longer-lasting impact. Some advertisers, for example, will think the audience they’re targeting isn’t high value because there’s no ongoing engagement, and they may shift away from an actually high-value audience as a result.
Before we dive deeper into talking about mobile ad fraud, it’s important to understand how the attribution flow for mobile apps works.
Attribution tracks installs to a specific ad partner by matching clicks and installs in order for that ad partner to get paid.
It involves the following steps when you’re using an analytics tool for app data:
This is how the attribution flow in an app install should look:
When it comes to mobile ad fraud, there are five common types of mobile ad schemes that app developers and marketers need to keep in mind.
Let’s take a look at each one and how it happens.
Click flooding and click spamming fraud happen when fraudsters spam an app with a large number of clicks all at once. When an unrelated and real user clicks and then downloads your app, that install is sometimes inaccurately attributed to the fraudster’s account.
When click spammers take credit for bringing in valuable users, not only are you wasting potential ad spend while they get rewarded, but it also means that you may be likely to invest more with them in the future.
You can sometimes spot click flooding and spamming when an increasing number of installs coming from a specific partner doesn't lead to increased engagement or higher audience numbers overall, or when the conversion rate is low.
Click injection— also known as install hijacking— is a more techy and advanced version of click flooding.
In this type of mobile ad fraud, they’ll use malware on a user’s device. When they see that the user is downloading a new app on that device, they’ll imitate an ad click so that they can then take credit for an organic install. They get paid.
So, the difference between click spamming and click injection:
Click injection can send marketers in circles, investing more in tampered-with ad campaigns that ultimately bring in no extra installs.
Bots and click farms have been created to imitate specific user activities like clicks, installs, and even user engagement. They may log into your mobile app twice a day, for example, but you’ll notice that they never bring in actual revenue beyond perhaps small purchases.
Some bots today can perform specific actions that are targeted by CPA campaigns like cashing in rewards for installs or reaching early levels of a game.
This type of mobile fraud is particularly daunting for app developers and marketers, partially because it’s a little harder to track. When you see in-app activity, it’s easy to think that these are real users, and some may even seem engaged enough to reach certain attribution thresholds that you’re focused on.
The reality, of course, is that this data is misleading and that you’re still spending money on the illusion of more users; you’ll never get real revenue out of any of them.
Mobile app advertisers can choose to put restrictions on what types of content traffic can come from. They may, for example, not want to have advertisements run on branded traffic.
Ad publishers, however, can create promotions that breach that advertising order in hopes that the app developer and marketers won’t find out.
Traffic can actually come from illegal or semi-legal channels; other ad publishers may use misleading advertising or adult advertising to try to drive initial clicks. This is a direct threat to your brand and its overall perception, and it also is a wasteful way to spend your ad budget.
SDK spoofing is a type of mobile ad fraud that embeds bots into the server or app code that will simulate clicks, installs, or, potentially, engagement signals. It seems like it’s generating traffic or activity, but (of course!) it’s not.
Sometimes, this will actually involve the emulation of SDK functions directly from the server side of the app.
SDK spoofing is particularly risky because once the fraudsters manage to embed it in the app code, tens of thousands of fake installs can be emulated in the blink of an eye. Your entire ad budget will be drained fast, and all on users that don’t actually exist.
Mobile ad fraud, unfortunately, can be particularly difficult to spot. This has become increasingly true as fraudsters have gotten smarter, utilizing different fraud schemes and more advanced technology to accomplish their nefarious goals.
Part of the reason fraud is so difficult to spot is that it’s often carried out on a level-by-level basis.
The partner or platform is considered, and everything seems okay, so you work with them. That passes the test.
Then a separate advertising campaign is created which may also get the “all clear” designation. The problem may come into play with a specific placement showing up somewhere online that drives traffic; this may be one out of hundreds of online campaigns or placements. The traffic generated is used to then hide fraudulent installations.
This means that if you look at the advertising campaign as a whole, it’s downright difficult to see anything wrong, let alone to figure out where the issue may be. It may be easy to think the problem is coming from a campaign that seems to be less effective from a straightforward reporting standpoint.
There’s also the chance that the overall campaigns look to be performing well and meeting all your KPIs. This makes it difficult to isolate the one that may be holding your results back, because it may be difficult to notice that there’s even anything wrong. Overall, the campaigns are strong… so your marketing team does nothing while the fraudsters keep diverting ad spend away from where it needs to go.
Every mobile site and app developer needs to know how to spot and identify mobile ad fraud so that they can stop it quickly when it happens.
If you’ve got a decent user base that’s already up and running, there’s a good chance that you’ve got some established user behavior patterns.
You may have the following, for example:
If you see major changes in user behavior— particularly when it comes to decreased engagement or activity after initial downloads or interest—that’s something you want to look into.
Are 70% of users still clicking around a few days after install, but there’s a sharp decrease in logins or paying customers? That’s a red flag.
Let’s look at the example above. Line 3 shows rising clicks and installs, but a sudden drop in registrations and paying audience members. While it could theoretically be due to a technical issue that’s sabotaging the user experience, big shifts in user behavior could also be one of the biggest indicators of fraud, especially when combined with other high-risk indicators we’re going to look at.
Whenever user behavior changes (and not for the better), it’s important to determine why.
Some types of apps will retain users for long periods of time. This is common for apps that have ongoing value, like those that help you track exercise or discover new recipes.
Others have natural turnover.
If you have a game that has a beginning, middle, and end, it’s normal that users will move through the game at varying speeds, complete a story, and then disengage. Ideally, a new audience will replace the old one.
If, however, the audience isn’t “getting younger” and old users hang around, and advertising doesn’t work to increase user engagement, that could be a sign of potential fraud. This is particularly true if there’s low-level engagement still happening but nothing more–this can be a sign of bots or emulators.
You can see a great example of slow engagement in the image above. There’s a massive drop-off from the initial install to the next conversion stage (reaching level 5), and much smaller drop-offs from that point on.
Are you getting a massive influx of users but very low conversion rates–especially at or under .1%?
If your number of clicks and installs is either staying consistent or going up but you’re seeing a drop-off in the number of orders, in-app purchases or paid subscriptions, that should be of huge concern. This is true if your growth rates seem fairly consistent, but it might be a sign of SDK spoofing if you’re seeing a massive influx of new downloads or clicks at an unprecedented rate but no real revenue coming in.
In this example, you can see that installs and trial subscriptions are at a consistently high level. Paid subscriptions (TPC), however, are declining compared to installs and trials.
This is a big one: if your traffic, clicks, and downloads are staying consistent but your other metrics are either steady or dropping, you at the very least have some engagement issue that needs to be resolved.
Different metrics that may fall include:
It’s important to keep in mind that there are always new leads coming in, and not all users convert. This is normal, especially with apps that are free or low cost; you should, however, still be converting some of these users. If leads are piling in but nothing else is changing, you’re going to want to look into the potential of mobile ad fraud.
Let’s look at an example here. The WAU is a flow metric that indicates a change in behavior. If there’s a significant decline, like you can see in the third line above, it’s a sign that something major happened during week two. The second week would be where you want to focus your attention.
We mentioned above that using app tracking analytics software is one of the best ways to reliably spot and address fraud.
Some users want to know if they can detect fraud manually.
The answer is yes— though it comes with a significant “but.”
You can detect fraud manually, but collecting the data you need to detect said fraud is not easy. This is particularly true since the data needs to be high quality and reliable.
Take click fraud, for example. You need some sort of attribution platform that will collect information on clicks, installs, and other core metrics. You need to be able to get the data from the attribution platform, export it, and store it in a primary location where you can analyze it.
Even if you manage to collect all the data, you then need to assess it manually. Analyzing and finding patterns, tracking segments of user behavior, and understanding accurate attribution can be much more difficult without software doing the heavy lifting for you.
You have to religiously track user behavior and hope to spot any changes in user activity. It’s much more difficult to spot changes in behavior patterns, especially since fraud typically only impacts a small portion of existing campaigns in order to make it difficult for advertisers to discover them.
So, the recap: Yes, theoretically, you can spot mobile ad fraud manually, but it’s much more difficult to identify and it’s shockingly easy to miss, especially as fraudsters get smarter.
In the section above, we spoke about how to spot fraud manually and which indicators could potentially be a sign of fraud.
There are, however, much easier ways to spot fraud. Using an anti-fraud solution will save you a huge amount of time, as it will use its own algorithms to detect and flag fraud. This software should conduct three types of checks: pre-install, hardware, and post-install assessments.
Because mobile ad fraud is often so sophisticated today, it’s important to use app tracking and analytics software. This is your best chance to get actionable insights on app performance and downloads that can help you not only optimize your app but spot potential fraud issues.
Let’s look at which fraud indicators can be found within each check.
Pre-install checks is the first type of assessment that an anti-fraud solution will run when scanning for any indications of fraud. They’ll pay attention to the following indicators:
To perform the hardware fraud check, anti-fraud solutions will look at the following device parameters:
If you typically have iOS users predominantly from the UK, for example, but there’s a surge of Android users from different parts of a country in Asia (and you aren’t trying to reach that specific audience), that’s something you need to look into right away. Similarly, if a large number of new downloads are shooting back invalid identifier info, that can be a red flag.
The last part of any mobile ad fraud assessment will take a look at post-install, in-app metrics. At this stage, the system dives into user behavior, looking for CPA fraud, suspiciously high session frequency, no activity, and more.
These are the metrics that our software will look for:
Analyzing user data is going to be the most beneficial way to spot potential bots or emulators, because detailed user behavior analysis is your best shot to see where real users and fake users differ.
Mobile ad fraud, as we’ve mentioned above, has become more sophisticated. Like all aspects of the digital and mobile world, ad fraud has evolved along with technology. Part of that evolution is a drastic increase in its occurrence.
Digital ad fraud alone has skyrocketed, costing businesses “only” 35 billion in USD in 2018. It’s projected to cost over 100 billion USD in 2023 alone.
In order to better spot mobile ad fraud, we conducted a study to assess mobile ad fraud trends. We used our Fraud Scanner tool, which we created in-house to better spot indicators of fraud so that it can be addressed faster.
Let’s look at what we found.
Post-install fraud is currently the most common type of mobile ad fraud. This type of fraud happens when bot farms are used to seemingly increase ad engagement that will fulfill a campaign’s attribution requirements.
The bots might create a login using fake social media accounts, for example, or reach an early level of a mobile app game.
Post-install fraud currently makes up 41.8% of mobile fraud.
This is followed by hardware fraud (where bots emulate an install process) at 32.5% and click fraud (click spamming or click injection) at 25.8%.
Post-install fraud and click fraud has been rising since the release of iOS 14.5.
Click fraud is increasing on quick installs metrics because the new update reduced the amount of data being shared from ad interactions. It’s easier for click farms to claim attribution when the data is muddled to begin with.
Since apps function in different ways and may prioritize different milestones or actions for attribution, it only makes sense that unique app categories are prone to different types of fraud.
Android struggles more with hardware fraud (which makes up 37% of their fraud issues) than iOS (24%), but both are challenged most by post-install fraud (55% for iOS and 43% for Android).
Click fraud only makes up 20% of Android and 21% of iOS’s fraud issues.
It’s clear to us that fraud is becoming more difficult for fraudsters to implement, but when they do it successfully it also may be more difficult to spot.
Fraudsters are learning to mimic real users; they’re blending in, making it harder to spot them and root them out. This is particularly true with the increase of hardware and post-install fraud that may use bot farms or other tech to hide in plain sight, especially thanks to more complex bot interactions.
Because fraud isn’t going anywhere, we do know that app developers need to have the right tools to catch them faster.
Fraud protection focuses on identifying fraud quickly so that you can figure out the root cause and avoid draining your ad budget.
By 'fraud protection,' anti-fraud systems generally mean the ability to:
In some cases, anti-fraud solutions may also have the ability to block known-to-be-fraudulent traffic as an extra layer of protection for the mobile developer.
For better protection from behavioral (post-install) fraud you should opt for an app analytics tool with fraud-finding features that allow you to set up unique custom events.
It’s more difficult for bots to complete a number of unique events (like reaching a certain level in a game or using a specific feature) when you have a variety of tasks you’re looking for. These custom events become like conditional fraud traps, making it a little easier to spot true standard app usage over low-level engagement that comes from bots.
More unique custom events make it harder for fraudsters to keep up, but it also makes it much easier to spot patterns.
If you’re looking at installs, launches, and sessions alone, there’s almost no chance of catching behavioral fraud or spotting anomalous behavior patterns.
If you also start tracking when users take specific actions in the app that seem to follow a specific goal, it becomes much easier to see when you may be dealing with a bot farm.
When choosing an anti-fraud solution for your business, we strongly recommend looking for the following system capabilities:
Fraud identification and resolution is excellent—and every app marketer must have a system in place, as fraud is becoming ever more prevalent.
That being said, the best treatment is prevention, and there’s nothing like being proactive.
To prevent mobile fraud, take the following steps:
Mobile ad fraud is a serious threat to all app developers, mobile site developers, and marketers. It’s draining millions of dollars in ad spend a year, and many apps can’t afford to take the kind of loss fraud can cause.
Having the right tools in place to spot fraud and stop it early is key. MyTracker’s anti-fraud tool was created specifically for this purpose, developed to spot smarter and more advanced mobile ad fraud schemes early.