After 8 years in mobile app acquisition, Natalie Allers came across a issue that would change her work and view of ads on device apps. When working on ad acquisitions for several well known apps, she found that most of the “clicks” or traffic was coming from an “iphone simulator” out of Malaysia. She came across a case of mobile ad fraud. And she only discovered this by going through her ad results manually.

The last 2 years of Natalie Allers life have now been taken up by mobile ad fraud. So it was only fitting that she spoke to this topic at Engage PDX.

What is mobile ad fraud?

At it’s heart mobile ad fraud is when clicks on an ad in a mobile app, is not from a real person with real intent to engage with that ad and the brand it’s displaying.

While mobile ad fraud can rear its ugly head in many different ways. Allers defines it as four different categories:

  • Impress fraud
  • Click fraud
  • Install fraud
  • Post-install fraud

Aller believes two of these ad fraud categories should be focused on more than others, click fraud and install fraud.

What is click fraud?

Click fraud is when an ad is being flooded with fake clicks from a real user. This can work in several different ways, including:

  • “Click stuffing” where you have one click and it clicks multiple hidden ads.
  • “Click injections” which happens on Android only and is considered a malware click.
  • “Click spam” which involves malware apps running in the background.

What is install fraud?

This type of mobile ad fraud is when an ad is getting fake clicks from a fake user. This works in several different ways, including:

A “click farm” or “device farm” where devices are hooked up and configured to automatically click.

“Fake installs” happens when a program runs to create fake app installs from devices.

“Incent fraud” happens when an offer or incentive wall appears, when unrequested.

How to avoid falling victim to mobile ad fraud

Avoid independent publishers, ad networks and affiliate networks. In Aller’s experience, they are not really checking who uses them so you should be wary.

How to identify your ad fraud risk

Start by asking yourself:

  • Who is getting paid?
  • What action are they being paid? (Doing this can tell you the type of fraud)
  • What is the end media source and what are its properties?

Who can help?

There are several well known 3rd party fraud detection tools you can use. While Aller listed several in her presentation, she didn’t want to name them. She stressed that your marketing team should be focused on the data themselves. And she listed how you and your team can do this in six steps.

What you and your team should look for for trying to identify mobile ad fraud:

Look at the Bundle ID. Take the top 50 and bottom 50 and manually test them. Make sure the Bundle ID, which will look like a URL, is a real app and is available in your country.

Look for APK Stores. These are stores for apps in developing countries and can be found when you look at the Bundle IDs.

Be aware of your ad agencies not sending you the App ID the first time. If you see a blank ID line in the data they send you ask for it to be addressed. When the excel sheet comes back it’ll most likely be one of the most popular apps out there. This is a red flag. A way to check if you’re actually on this app is to download the app yourself and see if you pop up.

Be on the lookout for click stuffing and click spamming by device. If most of your clicks are coming from the same devices you should consider blocking that device.

Check your New Device Rate. Take a look at the new devices coming in. If they are high, this is a red flag and could be your being taken by an install farm.

Be wary of Install Fraud and post-install engagement. Just like the famous situation in Silicon Valley, you might see many new users flooding in- but this doesn’t make them real. If your new users are not engaged and not purchasing, this is a red flag. Watch these users over time to get a better idea if you need to take action.

Components of Fraud Detection Program:

Before you begin the partnership with your ad agency, do these 3 things:

  • Make sure you know how and when you can get access to your data.
  • Develop guidelines to help you with transparency and quality when selecting media channels.
  • Write down traffic expectations, refund terms, and fraud thresholds with your IO.

And remember- if it looks like fraud, it’s probably fraud.


Jacqueline Fassett – A Salesforce certified Pardot Specialist, Jacqueline joined Portland-based Idealist Consulting in 2016 with proven experience helping small businesses and nonprofits with marketing campaigns. While she loves all things marketing, her favorite topics are marketing automation, content creation, and email marketing.

Linked In:

Scott Fish
Scott is the SEMpdx Volunteers Director and works with volunteers to make SEMpdx monthly events, marketing, and member services happen. He's the founder of 32 Degrees Digital, a local Portland digital marketing agency that works with clients that have an experience to sell such has Hotels, Resorts, Non Profits, Symphony Organizations, Sports Associations, Wineries, and other local business franchises.
Scott Fish
Scott Fish
Share This