Mobile ad install fraud remains one of the biggest challenges for app marketers. Fake installs affect your app metrics, forcing you to throw more and more money down the tube. At the same time, according to eMarketer.com, only 44% of app marketers in Europe said they had a strong understanding of mobile fraud and its potential impact on campaigns.

Another problem is that the bad guys have moved past one hacker operations to more advanced organization whose main goal is to not be caught. As a result, at least 10% and up to 70% of marketing budgets are lost due to app install ad fraud. So now that I’ve made your day, what to do about it? First, understand where the threat is.

The bad guys are getting smarter

To understand and address the issues of mobile ad install fraud, we analyzed a lot of information from marketers and talked to Scalarr, a fraud prevention company.

Let's take a look what fraudsters are doing today in order to effectively deal with tomorrow’s attacks.

Fake incentive installs or fraudulent downloads coming from click farms are no longer the primary attacks used by advanced fraudsters. Those types of fraud can now be detected by fairly simple metrics, such as ID / IP / VPN / PROXY and TTI between click and install.

Today’s newest bad guys prefer more advanced techniques for fraud, like financial emulators, CPE incentive, and mixed traffic generators, which make fraud harder to detect. Scalarr reports that only 1-2% of fraud could be detected by such basic metrics.

Let’s take a look at which fraud tech are used by the most successful fraudsters.

1. Since fraudsters are stealing mostly organic installs (classic click-spamming, modified click-spamming, click injection), app marketers see them as a good source of traffic and spend more and more money. Unfortunately “last-action” attribution used in app install tracking only helps fraudsters here. These types of fraud are generally categorized in the attribution fraud category.
    
2. After a player installs an app, another fraud can be attempted programmatically. Bots can simulate average user behavior within an app, tricking the advertisers into believing that they acquired a high-value user. And while basic bots are becoming outdated, new sophisticated bots or smart bots are becoming more and more widespread. Sophisticated bots emulate a wide variety of user behavior by doing all post-install activities over a long period of time. From a human perspective, they are hard to distinguish from real users.
    
3. Real users and fake installs, or real users and different types of fraud (like attribution fraud and bots), are now being mixed together in order to mislead advertisers, creating a new and very dangerous type of fraud called mixes.
    
4. Last but not a least is financial fraud. This type of fraud is often recognized as a part of sophisticated bot fraud in order to convince a user acquisition manager that fraudulent traffic is real and encourage the manager to scale the source. A lot of payments may be made by the bot and reported to the developer, but the majority of those transactions will themselves be fraudulent, and made from stolen credit cards.

This will not be a definitive list as long as fraudsters take further steps in advancing their game, presenting fraud types like emulators, click farms, incentive injections, and so on. The presence of these fraud types is less common, but they still have their place on the app install map.

What now? Get started fighting fraud

The paid user acquisition market is already substantial ($14bn in 2017) and it’s growing. With constantly increasing marketing budgets, it’s becoming more and more attractive for increasingly clever fraudulent activity.

Fraud prevention is a constant cat-and-mouse game that requires increasingly advanced solutions that can detect current mobile ad install fraud and ideally, one that can adapt to identify new patters of fraud in the future. 

One thing is for sure: The worst thing you can do is ignore the problem or do nothing about it.