This document discusses 8 types of mobile fraud that cost the digital advertising industry billions each year. It describes popular tools used to commit fraud like click farms, bots, redirects, and incentivized campaigns. It then explains 8 common types of fraud: ghost sites, ad stacking, 1x1 pixels, domain spoofing, click spamming/flooding, click hijacking, click injection, and SDK spoofing. Even large companies like Uber have fallen victim to fraud schemes. The emergence of new ad formats and channels provide new opportunities for fraud, making tools from companies like The Media Trust and GeoEdge important for detecting and preventing fraudulent activity.

1. 8 TYPES OF MOBILE FRAUD
T H E D I R T Y F W O R D
By Omri Dayan

2. “
Wrongful or criminal deception intended to result
in financial or personal gain!
In our world, fraud is typically done by creating fake ad traffic, launching ads outside
of a user’s view, or creating several ingenious tools and mechanisms in order to
deceive advertisers as well as monetise on it.

3. LOSSES IN THE INDUST RY
Estimated cost of digital ad
fraud worldwide in 2018 and 2022
Juniper Research: Ad Fraud to Cost Advertisers $19 billion in 2018, 9% of Total Digital Advertising Spend
2018 $19B
2022 $44B

4. POPULAR TOOLS TO COMMI T F R AUD - B OTS
• Click farms are physical locations full of real mobile devices used
to perpetrate mobile click fraud.
• Drain display-based marketing campaigns (impressions).
• Also known as Bots, these are small programs usually hosted in
unsuspecting users computers that can perform various activities
on the web.

5. POPUL AR TOOLS TO COMMI T F R AUD - R EDIREC TS
• Click redirection is a type of click fraud common to the mobile web and app.
• Publishers run a script on an ad that automatically redirects to a third party landing
page or an app store.

6. POPULAR TOOLS TO COMMI T F R AUD - INC ENTIVE
•A malicious activity, more than actual fraud.
•Happens in-app.
•Incentivized campaigns work while showing ads to gain
an app-related reward and not because they’re
interested in the content.
•Media Spend can be exhausted and not yield quality
users.

7. 8 C OMMON T Y P E S
OF F R A UD

8. FRAUD 1: GHOST SI TES
• These are websites with real content, usually stolen
from other legitimate websites.
• The sites’ only purpose is to defraud advertisers.
• The site owners will create these sites and make them
available through networks and exchanges.
• Afterwards, bots are directed to the site, which in turn
generates impressions and are then purchased by
advertisers.

9. FRAUD 2: AD STA CKING
•Multiple ads are stacked on top of one
another, with only the top ad visible to the
viewer.
•While only one ad is visible, the impression
counts for each served ad, even the hidden
ads underneath the stack.
•This is another publisher/network specific
trick to defraud advertisers.

10. FRAUD 3: IFRAME - 1x1 PI X ELS
•Takes place when a 1x1 pixel –invisible to the human eye– is
placed on a site, usually done with an ad.
•These pixels can end up loading an entirely different site.
•The site that loads out of view of the user on a 1x1 pixel contains
advertising – none of which is ever seen by a user.
•This method of fraud can be used to simulate false ad
impressions or hides cookies in order to falsely attribute a
potential purchase or conversion.

11. FRAUD 4: DOMAIN SP OOFING
ADS = Authorized Digital Sellers
Publishers pretending to be someone they’re not in order to sell
their inventory
Domain spoofing, works in both by using malware installed on a
user’s computer or by changing the URL in an ad tag.
These methods trick ad exchanges and other programmatic platforms
into thinking that the user is visiting a legitimate site.
But actually the ad will actually appear on a different, usually
illegitimate site or displayed on a page in a hidden tab.

12. FRAUD 5: CLICK SPAMMING / FL OODING
Networks send a vast amount of fraudulent click reports in order to deliver the
last CLICK prior to an install.

13. FRAUD 6: CLICK HIG HJ AC KING
•Works by sending fraudulent click reports moments AFTER a real click
happens.
•This malware is usually hidden in legitimate and working apps.
•When a legitimate click is detected, the malware sends a false click (call)
from a competing network in order to HIGHJACK the click and attribution
of a potential install.

14. FRAUD 7: CLICK INJEC TION
•Click injection is a type of install hijacking.
•Malware installed on a device identifies when an install begins and sends a false click or
call during the install process.
•Like click hijacking, this malware is often hidden in apps that appear to be completely
legitimate.

15. FRAUD 8: SDK SP OOF ING
•Bot-based fraud.
•Malware hidden on another or the same app, In SDK
Spoofing, fraudsters add a specific code onto an app that
then sends a simulated or fictitious click, install and
engagement (events) to an MMP.
•When successful, these bots trick the advertiser into paying
for installs, events or purchases that never happened.

16. EVEN THE BIG ONE S FA LL FOR I T
Uber said the agency was “running a wild
west of online advertising fraud,” and
claimed credit for app downloads that
happened without customers clicking on
ads.
(CNBC ARTICLE)

17. A D SECURITY AND VER IF IC ATION T OOL S
The emergence of new ad formats and channels, like video or mobile, are today’s new
breeding grounds for fraud.
Companies like The Media Trust and GeoEdge were created to prevent malicious activity
coming from fraudulent networks.
These companies created tools to scan ad campaigns several times per minute in order
to help advertisers and publishers detect and avoid fraud.

18. G E T I N T O U C H
omri@appagent.co ● appagent.co ● blog.appagent.co