Ad Fraud

How Cybercriminals Profit from Advertising

If you own a business and have a website, then the chances are you’ve used (or thought about using) paid advertising. Whether it was paying to display your banner on another website or diving into the world of pay per click advertising, online advertising is becoming increasingly popular.

Ad fraud is a pain in the *ss for each and every mobile marketer. The losses in the online advertising industry due to ad fraud are reaching crazy new summits. According to Adage, on every $3 spent on advertising, $1 is lost due to fraud. $16,4 billion of losses in 2017 alone. Insane!

What is ad fraud?

Ad fraud is any type of activity that forces advertisers to pay for exposure that did not take place. Fake traffic, fake clicks, fake installs — the result is the same — advertisers are forced to think that real users completed the actions while in reality they never did.

Image source —

The bad news is — there are numerous ways advertising activities can be compromised. On the bright side — there are a few main fraud types and the more you know about them, the more effective will be your anti-fraud strategy. Warned means armed!

So, which types of ad fraud are there?

You can distinguish 3 main fraud types in mobile advertising:

1. Fake Impressions

2. Fake Clicks

3. Fake Installs

Fake Impressions

The main idea behind fake impressions is that users don’t see the ads they are intended to see, but advertisers have to pay as if ad impressions took place:

Hidden Adds— ads are ‘piled’ together and users only see the ‘top’ one, while the others are hidden inside. The advertisers, on the other hand, have to pay for all the ads in the ‘pile’.

Invisible Pixels— an ad is displayed as a single pixel on the screen, invisible to users.

Auto-Impressions— the ads are continuously run within an app even when the app is not actively used. Another form of auto impressions is non-stop video ads that are continuously replayed even when users don’t use the apps.

Ad Injections — an ad is placed on a website illicitly, with no consent from the website owner. Then, placed behind an existing ad, the fraudulent one keeps sipping out publisher’s money while no users see it.

Fake Clicks

The objective of click fraud is to fabricate clicks on CPC-based adverts.

Click Bots — bots are programmatic bits designed to perform automated actions. In case of click bots — the advertisers are forced into delusion that real users clicked the ads. Instead, the ad never reaches organic users and all clicks came from bot software.

Click Farms — are a type of human fraud. The mechanism behind them is simple yet effective — low-paid workers have a single task — to physically click through the ads.

Ghost Websites — a fake website is created and made available for ad placing. Once an ad is placed, bots inside the website impersonate real ad clicks increasing advertiser’s CPC expenses.

Fake Installs

As the title suggests, in case of app install fraud the objective is to impersonate app installs by real users.

Botnets— if early bots had straight-forward behavior and were easily detectable, today’s botnets are extremely hard to locate. These super-bots are designed to impersonate user behavior as if a real user discovered and installed an app through a mobile ad.

App Install Farms — are very much similar to click farms. The only difference is that the final goal is to use multiple devices to install apps through mobile ads.

Is that all?

Of course not! Domain Spoofing, Cookie Stuffing, Context Fraud, Geo-Masking and many-many other fraud activities that mobile marketers have to courageously fight against on daily basis.

Is it possible to detect install ad fraud?

Let’s put it like that — it’s extremely challenging. One has more chance to succeed if they have one app and a single ad campaign — simply because they will have to watch out for fewer placements. But the more placements one has, the greater is the chance that ad fraud will slip in.

That doesn’t mean that you should give up and wait to be one of the ad fraud victims. There are several effective indicators that will help you discover ad fraud:

· The same install behavior pattern for a number of installs

· Multiple installs from the same IP or device

· Extremely high numbers of downloads coming from a single source

· Unnaturally short period between the click and the install

· Inconsistency in click and install geo’s

· Install IPs matching those of advertisers

· Other unusual behavior that raises suspicion. Be vigilant!

Image Source — Singular

So, what do you do to prevent ad fraud?

Start with the basics:

Ad Networks Reputation

Today mobile marketers have an insane number of ad networks to choose from. There is a great amplitude — the size, the quality, the costs — a variety that a newbie will lose their head in. Take one simple advice — avoid suspicious and unknown networks and go for good reputation. Here are a few charts to choose from:


Don’t hesitate to inquire where exactly your publisher’s traffic comes from. Invest in an investigation rather than investing in fraudsters’ bank accounts.

Third-Party Solutions

Luckily today you can find quite a number of third-party ad monitoring solutions designed to track your ad campaigns and do consistent fraud prevention. Don’t ignore such solutions. Better be fully armed in this combat. Here are a few solutions for you to choose from:

Human Factor

Successful fraud prevention is a combination of data, tools an human potential. Invest in your fraud prevention team, ensure clear verification patterns and immediate algorithm of actions in case suspicious activity is detected.


Ad fraud is a serious issue undermining mobile advertising industry. The losses due to ad fraud are skyrocketing, while the mechanisms of fraud prevention remain unclear and largely ineffective.

However, this doesn’t mean that advertisers should just give up and willingly share their revenues with fraudsters.

Mobile advertisers can and must take active measures to use only reputable traffic & ad sources, formulate fraud detection algorithms and use a combination of data, tools, and people to prevent fraudulent activities within their advertising campaigns.

Show More

Yassine El Fadili

Entrepreneurship Enthusiast. Building and Breaking Systems. Dark Web Explorer | #eMarketing #eCommerce #GrowthHacking #Privacy #CyberSecurity

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button