arrow left facebook twitter linkedin medium menu play circle

DataVisor Threat Labs Report: The Underworld of App Install Advertising

By Ting Fang Yen August 23, 2017

Photo of Ting Fang Yen

about Ting Fang Yen
Director of Research // Ting-Fang specializes in network and information security data analysis and fraud detection in the financial social and eCommerce industries. She holds a PhD in Electrical and Computer Engineering from Carnegie Mellon and has previously worked for E8, RSA, and Microsoft.


Mobile marketers are in a race against fraud. Traditional cost-per-impression (CPM) and cost-per-click (CPC) advertising is unreliable since it can be easily overrun by spoofed traffic from automated software. In an effort to better define metrics that identify real and valuable users, the mobile advertising landscape has shifted to cost-per-install (CPI) and cost-per-engagement (CPE) user acquisition models. While it’s more difficult to simulate an active user, it’s not impossible, and fraudsters are always up for the challenge. We’ve  previously discussed some of the methods fraudsters we’ve seen in the wild, but with the DataVisor Global Intelligence Network of aggregated, anonymized signals across our global client database of more than two billion users, we decided to take a deeper dive into the app advertising ecosystem.
The result? Presenting the DataVisor Threat Labs Report: The Underworld of App Install Advertising.
This new report, released today, is based on the analysis of 140 million app installs and 11 billion user events between January through May of 2017 and dives into the most recent fraud techniques and attack patterns in mobile user acquisition advertising. The study analyzes fraud in the wild from more than 490 ad networks and publishers, and focuses on the widely understudied issue of app install fraud. It also provides critical steps for advertisers to effectively combat the growing army of sophisticated fraudsters.
Some of the questions we sought to answer include:

    • How does user acquisition (UA) ad fraud work?
    • How does ad fraud affect advertisers and ad networks?
    • What techniques are fraudsters using to evade detection?
    • What is motivating fraudsters to adopt certain techniques?
  • What marketers can do to protect their investment and improve ROI?

At a glance, the findings highlight a broad range of fraudster tools, techniques, preferences, and behaviors, as well as how they impact both individual campaigns and ad networks:

The main takeaway we walked away with after analyzing millions of users and billions of events is that most ad campaigns — no matter what ad network is used, or what countries and devices are targeted — include a significant percentage of fraudulent inventory and it can vary up to 90 percent fraud on any given campaign. This limits advertisers’ ability to execute, undermines the credibility of ad networks, and taxes all players in the ecosystem. It’s a problem that has often gone unchecked and is not going away soon, so it’s important for mobile marketers to keep an eye on it or risk losing millions of dollars in budget by paying for installs that are not real people.
If you’re interested in learning more about some of the tools and techniques we observed, as well as how to combat them, please download the full report here: DataVisor Threat Labs Report: The Underworld of App Install Advertising.


Popular Posts

Intelligent solutions. Informed decisions. Unrivaled results.

DataVisor Fraud Index Report: Q2 2019

Learn More

The DataVisor Q2 2019 Fraud Index Report is here.

Customers online want convenience, ease, and access. Fortunately, your business offers it all. Unfortunately, that’s what fraudsters want too. To a cyber criminal, those features means vulnerabilities. To bring you the very latest and most actionable insights about where the risks are and what you…

Dumb & Dumber vs Ocean’s 11

Learn More

Understand the range of modern fraud attacks to ensure complete coverage for your organization.

Complex and coordinated fraud attacks that are extensively planned, hard to detect, and highly scalable are the new normal for online platforms. Explore and understand the full spectrum of fraud attacks—from simple to sophisticated—and learn how you can defend against each type in this…

Diagnose and Defeat Application Fraud with the Latest AI-Powered Tools

Learn More

Learn how leading financial institutions are using ML to proactively detect card application fraud.

In this insightful webinar, you’ll explore how organizations are leveraging AI-powered fraud management solutions to get tangible, real-world benefits as they work to proactively detect and defeat sophisticated modern fraud attacks. Plus, you’ll discover strategies for empowering cross-team…


Protect your business, your customers, and your data.

Request Demo