In 2016, about $7,4 billion advertising budgets were wasted on fraud, a figure that will rise to $10,9 billion in 2021 according to Forrester. Taking the necessary steps to prevent fraud has officially become a necessity.
|One way publishers tend to deceit their advertisers is through click spamming, a practice that you might know also as click flooding or organic poaching. What happens in this model of fraud? The fraudsters execute clicks for users who haven’t made them.|
|What is Click Spamming?|
|It all starts when a user enters a mobile web page or an app that the fraudster is getting traffic from. Once the user is on the page or in the app, there’s a series of options the fraudster has so that he can attribute an install to a user who has not seen an actual ad:|
|1) The mobile web page can make clicks without visible ads;|
|2) The fraudster creates clicks in the background while the user is on the page or playing a game, making the action look like coming from the user who supposedly interacted with an ad (video, banner);|
|3) They can make the app create background clicks even when the user is not using not only the app, but the device itself;|
|4) The fraudster can send clicks from false device IDs.|
|What is common to all these practices is the fact that, in reality, the user has never seen an ad promoting a specific app, but when, by chance, he will install and open that app, his install will be attributed to a click created by the fraudulent publisher.|
The hijacking of pure organic installs can be very damaging for the advertiser. If users that install an app without having seen an ad previously to this action, perform well in the app and have a high LTV, they of course are claimed by the fraudulent publisher who will get more budgets to acquire these users.
|This, of course, creates a vicious circle where an advertiser pays for getting users that would have been acquired anyway, at zero cost, until, eventually, they discover the mistake they are doing.|
|How can you detect it?|
|We have seen by now how click spamming works, but a question must be asked: how can we detect it and stop it?|
|As a general benchmark, in the industry, it is accepted that 75% of installs should occur during the 1st hour from the click and 94% of installs in 24 hours after the click, according to AppsFlyer.|
This means that a trustworthy traffic source will have a distribution pattern showing a huge number of installs in the 1st our after the click and maybe a some within a period of 2h to 24h, as you will see in Fig.1, below.
|As you can see, in a normal distribution, where the traffic has no characteristics of click spamming, we can have 100% of installs coming in less than 24 hours after the click and 99,84% in the 1st hour following the click.|
|But, when we look at a traffic source that has a generally flat distribution pattern, with almost no difference in the number of installs coming in hour 3 compared to hour 24 our 44 after the click, there is clearly something wrong and most definitely that source is click spamming, as you will see below in Fig.2|
|In Fig.2 we have the case of click spamming: a great percent of the total number of installs coming with a high CTIT.|
|Out of 1072 installs generated by this traffic source:|
|It is statistically clear obvious that this traffic is not a quality one and it is characterized by click spamming.|
|How can you avoid it?|
|Even though advertisers (and publishers) try to fight against fraudsters, there will never be 100% quality traffic through the entire ecosystem. But with the right efforts, companies in the mobile advertising business can minimize the risks of getting and supporting such fraud by carefully analyzing their data and not spending their advertising budgets on organic traffic.|
|by Alex Crisu | Ad Operations Manager @DCypher Media B.V.|