Scammers Adjust as App Install Fraud Falls

According to the AppsFlyer annual report, “The State of Mobile Ad Fraud 2020 Edition,” fraud that targeted mobile apps and games fell 30%, or $1.6 billion, during the first half of 2020 compared to the same 2019 period. That’s the good news.

The bad news is that app downloads that can’t be stopped as they occur, known as post-attribution fraud, and in-app fraud are on the rise. AppsFlyer attributes the drop in fraud to increased awareness and resulting measures taken by advertisers. And those measures also point to the change in tactics by fraudsters, as they seek profitable cost-per-action payouts in addition to the cost-per-install payouts.

Post-attribution fraud grew to 24% of apps globally in January and February and peaked at 51% of apps in March. “Even though the mobile ad industry has grown exponentially to defend itself properly against ad fraud, the potential amount of damage is still extremely high, and fraudsters will always want a piece of the pie,” said Doug McMillen, vice president, enterprise strategy at AppsFlyer.

The overall app install fraud rate for the first half of this year averaged 13.2%. At 3.2% on average, the U.S. endures the lowest rate of app install fraud, compared to a 13.2% global rate. The study found that APAC markets are hit with 60% of the worldwide app fraud financial exposure.

Game developers are among the best verticals when it comes to successfully combating mobile app fraud, with only 3.8% of gaming app non-organic installs being fraudulent, compared to 32% of non-gaming apps. Additionally, among non-gaming verticals, finance (48%) and travel (45%) suffer from the highest fraud rates.

The study also found botnets remain a substantial infection catalyst, with 62% of fraudulent installs being a direct result of a bot attack. Additionally, the report found that botnet attacks are the most common form of app install fraud across all regions. “Together with device farms, bots automate fraud: They create fake users rather than hijack real users, a method that is easy to scale because it relies on an infinite number of non-existent users rather than a finite number of real users. There are also far more options to develop sophisticated scripts in an attempt to bypass fraud protection,” according to the report.

Also, the report found, install hijacking attacks and click-flooding are increasing. Interestingly, types of fraud tactics across the world, whether they be bots, device farms, install hijacking or click-flooding, are virtually consistently distributed. Fraud methodologies are no longer limited to specific regions or markets, according to the report; the reach of many apps is now global. What’s more, fraudsters readily share information and techniques.

“The lack of physical borders in online operations allows for fraud to ‘travel freely.’ Fraudsters worldwide can target a particular campaign in whatever geography or market that offers the highest payout and/or a large share of unprotected apps,” according to the report.

While it’s great news that there was a decline in overall mobile app fraud, it’s apparent fraudsters are already adjusting their tactics. And as everyone becomes increasingly dependent on mobile applications for work and fun, criminals are only going to continue to look for new ways to exploit mobile apps for ill-won profit.

Featured eBook
Identifying Web Attack Indicators

Identifying Web Attack Indicators

Attackers are always looking for ways into web and mobile applications. The 2019 Verizon Data Breach Investigation Report listed web applications the number ONE vector attackers use when breaching organizations. In this paper, we examine malicious web request patterns for four of the most common web attack methods and show how to gain the context and ... Read More
Signal Sciences