What Is Ad Fraud And How Does It Work

Let’s start with one simple statement — ad fraud is here, and it’s here to stay. Protection is a must, and there are fewer and fewer opportunities for marketers to operate online ads without a fraud detection tool.

In this blog post FraudScore’s team is going to dig deeper into the types of ad fraud, ways to detect fraudulent traffic, and tools that might release you from the task of a constant control of traffic quality.

Is there really a problem?

If you are working with online advertising & ad campaigns — you expect to reach (and get) real views, real users, real people. You pay for those users and interaction with them.

Fraud is simply a scheme that allows bad guys to fulfill the KPIs of your ad campaigns, steal target actions from/as real users, and get to your ad budget. In other words — you get good statistics for your campaign, but there are no (or few) real humans. It’s indeed a problem.

What Types of Ad Fraud Are There?

There are dozens of types of fraudulent schemes out there. But to illustrate the main categories, let’s take a look at these:

  1. Impression (or media) fraud
  2. Performance fraud
  3. Incentive traffic
  4. Bots and Emulators
  5. Fraud in Remarketing

Impression (media) fraud

To cut a long story short — impression fraud is aimed to fake impressions. As in these types of campaigns advertisers pay for contact with a potential user via showing the brand’s ad. So, the key goal of bad guys is to fake and skyrocket views of the ad.

  • Pixel stuffing — a pixel is put at the web page. That pixel is a banner that “shows” ads. A user doesn’t see an ad the size of a pixel. But an advertiser pays for the impression — because campaign's statistics show that the ad was viewed by a person.
  • Background ads — when there are ads shown at the background of the page, and a user has no idea that something is going on. Yet again, an advertiser is charged for these impressions.
  • Data center traffic — invalid (fake) traffic that is supposed to give a lot of views to every ad. There are no real people involved here at all.

Performance fraud

Basically, performance fraud wants to get money for any target action of a campaign: clicks, installs, conversion, payments etc. Take a look at the campaign goal — CPM, CPC, CPA — and you’ll get the targeted action for fraudsters.

  • Click spam — the goal is to steal the last click. There are millions of clicks done by fraudsters to get the attribution, and to get that last (and paid for) click. The user is real, but he might be just organic. But campaign’s statistics receive him from a click that is supposed to be done on the ad.
  • Click Injection — done via apps that are infected by fraudsters (such apps can be even developed by bad guys). These can be flashlights, e-cards wallets or even games. After an infected app is installed to user’s device, it gets access to so-called “install broadcasts” — specific signals that are being sent by all newly installed applications on the device. So when the user decides to install a new app to his phone, and clicks the ad — the infected app gets the installation broadcast signal, hijacks that click, and fraudsters get credit for it.
  • Click hijacking — when a real click to a real ad is stolen and assigned to a fraudulent partner. It could happen if a user had an infected browser extension installed. This extension might be a web-page translator, or a downloading program — and it works. But it also steals real clicks that this user does on real ads.
  • Cookie stuffing — when a real user gets browser cookies saved. It will later on show the tracking platform that this user came from an ad from this particular partner (although he didn’t). How does the user get these cookies? There are lots of ways — from hidden scripts on web sites, to special browser extensions. In this case — the user and device are real too.
  • Fake Installs — all installs are done by software, no real users. A ‘’new’’ device with “clean and real” parameters is created, and this “device” from a data center simulates user behavior, clicks the ad, installs the app etc. Everything here is fake (with some exception about device data, that can also be stolen).

Incentive traffic

Users and their data are real — they view ads, click, install, fill out forms etc. But they are not really organic. They do all the actions because they are motivated with payouts. Usually such users are hired to fake a really good traffic (sometimes to show good test runs of a source, sometimes for a one-time operation). But these users are of no long-time use for an advertiser. They leave after they do what they are told to do (there are scenarios and step-by-step guides for such incentivised users).

It’s worth mentioning that in gaming — incentive campaigns work for promotion purposes, but it’s not always the case.

Bots & Others

Here are all the types of fraud schemes that “can do it all”. These are really “flexible”, and bad players are exploiting it:

  • Device farms — when real people work as “farmers” but instead of crops and fields — they have tables with dozens of real devices. They click the ads, install apps etc. — they perform real actions, but with one goal — get paid by the advertiser, wipe the device, and start all over with another ad.
  • SDK spoofing — when your device is being used to fake installs and other engagements. And you have no idea about it. Again — the source of trouble is an app — a flashlight, a special calculator, a funny game. This app is managed by fraudsters, and it gets access to any other apps on your phone after you install it. The bad app finds activities that are being tracked (meaning they are in an ad campaign, and they are paid for) — and finds a combination of parameters to trick the platform as this device is doing all the required engagements. You can learn about SDK spoofing a little bit more here.
  • Bots, Bot Networks & Emulators — software that imitates real users. That’s it. Bots can be smart, complex, or just one-task-bots. But the idea is to mimic real users behavior for a campaign, and fake all the possible interactions. Bots can view ads, click, register, engage and return to apps. But these are bots — they “die” in the statistics eventually. And those cohorts that show no further development — are the ones to keep an eye on.

Fraud in Remarketing Campaigns

Remarketing campaigns are aimed to gain users who have already interacted with the product/ad. These users are supposed to be easier to attract because they are already interested. And most importantly — these are real people (already verified through the first interactions). Advertisers have high hopes for this category of users.

To cut a long story short — fraudsters aim to steal attribution for these users. This type of fraudulent activity might relate to any type of campaign with attribution payment model.

It’s also worth mentioning that the majority of remarketing campaigns are conducted through Google, Instagram, Facebook, Twitter etc. And these environments are supposed to be fraud-free, but in reality — they are not. Fraudsters are well known to find their way to remarketing traffic.

How to detect ad fraud?

1. Monitor metrics.

When you monitor traffic data, you need to keep an eye on specific metrics that might signal bad traffic — CR, TTI, Churn, GEO data, etc. Each category of ad campaign (and ad fraud) can be detected by monitoring specific data. To sum it all up — if the data is really good and promising — double check it.

2. Use a third party antifraud tool (SaaS).

If you control and monitor statistics, it doesn’t mean that you don’t need an antifraud tool. A human simply can’t process millions of data points that help an antifraud solution detect fraudsters. A human can make mistakes. So an independent third-party service is a good option to consider. These tools are made to prevent and detect ad fraud, and they focus only on the task of fighting bad guys.

There is a checklist to find a suitable antifraud tool, you can check it here.

3. Have an in-house antifraud tool.

This approach works, but you need to keep in mind that, first, a separate tool needs both development and constant updates (fraudsters are known to improve their game constantly), and second — you need to invest in the education of your team to make them traffic-quality-specialists. And, of course, you’ll have to take into account that your managers need time to read the reports, detect ad fraud, and make fraud cases. After all, you hire good affiliate managers, and not ad fraud specialists. Or if you do — it costs a lot of money.

There are pros and cons in every approach to fighting fraudsters, but there is no option to ignore ad fraud. Take a look at the latest ad fraud report by FraudScore. In the first six months of 2022 there are 27% of fraudulent traffic detected globally. And this number only shows the average situation in the world.

FraudScore team invites you to have a chat about global ad fraud threats, and discuss how our antifraud solution can be useful to your business. Contact us, and let’s have a chat!

  • I recommend to use FraudScore anti fraud solution. It really helps to avoid unnecessary risks and to cut off the fraud at the very beginning. Well done, guys!
    Olga Saburova, Account Manager at MobioNetwork
  • There are lots of manuals about earning money over the internet. Most of them are about making fraudulent mobile installs. As soon as new “manual” comes out we see peaks of low quality traffic. But as soon as we began using FraudScore service we cut managers who were working on checking traffic quality two times. Using their convenient report with set of filters, you can generate different type of reports showing you the traffic quality in different contexts. This helped us to find lots of cheaters and poor quality affiliates.
    Nickolay, CEO at Mobiaff.ru
  • FraudScore’s fraud monitoring system is particularly useful in this regard as it allows daily check on affiliates conversions and indicates the level of fraud detected for each conversion. The fact that the system not only monitors normal desktop traffic, but, also tracks and accurately reports on mobile traffic in relation to Emulators, VPN’s, Bot farms and IP pattern recognition allows us to make informed decisions when reviewing assigned affiliate caps and encouraging more traffic.
    Darren Williamson, Managing Director at CAN
  • FraudScore has easy to handle and fast APIs which permitted us to integrate fraud analysis findings into our own dashboards. Their own interface is very intuitive and offers infinite possibilities in terms of filtering and digging into data. FraudScore team is very receptive to users feedback and continuously introduces improvements to their product.
    Luis Barrague, COO at Headway Digital, Spain
  • For more than two years of working with mobile traffic we have been tried a lot of anti-fraud services offered by the market. Therefore we can confidently say that the truly worthwhile solution is the FraudScore. Strong technologies, convenient interface and the most effective support – it’s all about FraudScore. Since we started collaboration with this service the volume of fraud traffic in Zorka.Network has been almost reduced to zero.
    Oleg Gorelik, Affiliate Director at Zorka.Network
  • Fraudscore has been our first line of defense against measuring questionable traffic. As the mobile digital advertising landscape continually expands, it becomes complex as it relates to user attribution measurement. The need for precise data has never been more important to the success of our business and our clients marketing efforts. FraudScore’s engineers made integration seamless and user friendly. The user interface allows us to interpret the data correctly and in real-time to make the right decisions as it relates to protecting our clients brand integrity. I highly recommend their services.
    Moufid Al-Joundi, Curate Mobile
  • FraudScore has easy to handle APIs which permitted us to integrate fraud analysis findings into our own dashboards. Their own interface is very intuitive and offers infinite possibilities in terms of filtering and digging into data. FraudScore team is very receptive to users feedback and continuously introduces improvements to their product.
    Luis Barrague, HeadWay Digital
  • At Brisk Ads we take drastic measures to combat fraud, and with the help of FraudScore we are able to detect and eliminate any suspicious traffic. With the in-depth reports provided, we are able to identify any questionable sources; making sure that our clients only pay for legit and profitable users.
    Omar Mostafa, Brisk Ads