India has witnessed an exponential rise in smartphone usage, internet penetration, which has furthered the growth of the Indian Digital Advertising ecosystem. Studies estimate that there were 624 million Internet users in India by January 2021 and the number of mobile connections was equivalent to 79% of the total population (1.39 billion is the current population). The growth in internet adoption, smartphone usage, and the ongoing Covid19 pandemic has impelled businesses to leverage digital marketing to reach their customers directly on their mobile devices.
This growth, however, comes with its own set of challenges as the internet has become a playground for fraudsters MMA India Report states that 62% of all digital ad fraud occurs on mobile advertising, the most dominant type of digital advertising in India. Increased mobile adoption opens a Pandora box of opportunities for digital criminals. Thus, one of the many reasons to develop an understanding of the different types of mobile advertising fraud and how to detect them.
The ever-evolving ecosystem of mobile devices allows advertisers to deploy ads in varied formats. This provides the fraudsters with a number of ways in which they can trick their victims: from fake installs to attribution manipulation. Let us have a look at the different types of mobile advertising frauds which are fairly common.
One of the most common types of mobile ad fraud, ad stacking is a scheme where multiple ads are served and displayed at once, one on top of the other, akin to a stack of folders in offices. This gives a window to immoral publishers to say that the said ad has been served (even though it was technically never visible). This form of ad fraud is also referred to as ad hiding thus can be a major cause of concern especially when a brand awareness campaign is being run.
In click flooding, fraudsters aim for tapping the last click/engagement prior to an actual install of the product being advertised. This is done by sending fraudulent clicks in large numbers with the intention of any click being credited for the download. Each click has a unique ID that is aimed to match any real user who downloaded the advertised application.
Bundle ID Spoofing
Another very sophisticated type of fraud, Bundle ID spoofing is the methodology where fraudsters trick advertisers by making them believe that the ads are being run in the intended app, whereas in actuality it’s being run on another app. This is done by changing the parameters of the second application and giving the app a fake identifier, hence called bundle ID spoofing. The ads could appear on a black screen or in the background, making it invisible to the user.
Bots and Emulators
Bots and emulators can be used on any platform to perform any type of fraud. For a mobile advertisement ad fraud, an emulator (software that can be run on any device to host devices to simulate tasks) can fake any device to look like a smartphone and then perform fake app installs, impressions without using the real device. Using this methodology, fraudsters fabricate the users and also fake attribution to claim the advertising credits. Similarly, bots can also be automated to perform and execute tasks at a high frequency (much faster than human users) and can generate fake clicks, installs, views, etc.
Another sophisticated method of mobile ad fraud, SDK spoofing creates legitimate-looking installs by using data of real devices without any real installs thus consuming all the advertising budget. The fraudsters also use this method by listening to the communication between the mobile measurement platform, app stores, ad networks, and attribution tools. These communications are then replicated (and edited) to simulate activities as per the set ad parameters such as installs, views, clicks, etc.
Frauds and scams have been haunting the digital ecosystem since time immemorial. With advancements in technology, more sophisticated ways of mobile ad fraud can be witnessed. Understanding the types of mobile advertisement fraud can help prevent and fight against the rise in such instances.