Mobile Fraud Trends at Mapendo in 2019

In 2019, mobile fraud is everywhere; this malware is becoming more sophisticated and difficult to detect. Consequently, the marketer’s and the publisher’s job becomes increasingly difficult. Additionally, while there is more fraud with the Android operating system (26.9%), Apple’s iOS seems to be closing the gap at 21.3%. “Among the most vulnerable app categories for ad fraud on iOS are shopping (32.9%), gaming (30.3%), finance (28.8%) and travel (21.1%). On Android, finance dominates (35.2%) as the most vulnerable app category, followed by shopping (32.8%), gaming (32.4%) and social (31.5%).”

In this article, we will go over the most common types of fraud according to our Account Managers at Mapendo: click spamming, click injection, mobile fraud bots, and spoofing.


1. The mobile web page can generate clicks in the background with no visible ads, or any ads that can be interacted with.

2. The fraudster could be executing clicks in the background while the user is using the app, making it seem like the user interacted with the advertisement.

3. The spammer can develop many clicks at any time if the user is running an app the background (battery savers, etc)

4. A fraudster can make believe that a user transformed an impression into a click.

5. The spammer can send clicks from “fake” device ID’s.

How to detect click spamming?

Obviously, click spamming sources all have different behaviors but installs from fraudulent sources are distributed in a constant/flat manner. Fraudsters can reproduce clicks yet they cannot generate installs. This results in having installs and click to install times (CTIT) follow a random distribution pattern.

Interested in knowing more about us and our A.I. tech? You can learn about how it can help grow your App here!


Click injection uses malicious apps to infiltrate a user’s Android device. These apps listen to an app broadcast; which is the Android Operating System broadcasting to other apps that a new app is being downloaded. While the new app is being installed, the malicious apps will reproduce clicks to campaigns from the device that is installing the new app. This gives the fraudster credit for the organic installation. Marketing campaign analytics attributes the cost of the “stolen” install to spammers who receives the payment. This is a form of sophisticated click spamming.

- How to spot click injection?

Time between click and installs are in seconds

Mobile Fraud Bots

Bots are highly sophisticated and disguise themselves easily into humans. This malicious software has only one goal in mind: it tries to imitate real traffic and generate fake events (clicks, installs, post-install events). The advertisers are then spending their budget for ads that serve bots instead of humans. When the data is being processed into the analytical system, the fraudsters are the ones being paid. In consequence, this also gives the advertiser a reputation of being affiliated with fraudulent activities.

- How to spot bots?


Fact: “It’s quickly surpassed other popular fraud schemes like click injection, click spam, etc., and now accounts for 37% of all rejections, meaning that during an analytics quality review, the attribution will be rejected.”

Spoofing uses a method called “Man in the Middle Attack”. Spammers break into the secure sockets layer (SSL) encryption, the link between the tracking SDK and the baked servers. From there, the fraudsters create multiple “test-installs” for the app they want to “corrupt” and they discover which URLs are used for certain actions. From the URL, they try to resolve which part static or dynamic. Then, they test their setup on the dynamic portions. To end, once an install is successful and tracked, the spammers have ultimately figured out the exact URL resulting in them using this link to create fake installs. This process is repeated indefinitely.

- How to spot spoofing?


  1. The attribution tool: by using short attribution windows were able to detect and avoid click spamming issues.
  2. Anti-bot tool: by analyzing technologically the traffic and the sources we can stop bot traffic, delivering only true human activity.
  3. The activation funnel: since we get paid most of the time on CPA actions that are down the funnel, by optimizing towards these actions we guarantee the advertiser investment is safe. Obviously, we check every click, every action, every IP address against strong anti-fraud criteria.

By performing some comparative benchmarks between our internal technologies and two of the most common solutions on the market, we’ve found that our anti-fraud technology does a better job both in terms of volumes and quality.

What’s the problem with other solutions? Firstly, the applied criteria are not clear and well stated (well…in part this is due to obvious reasons), but in the end the results yielded are excluding most of the conversions, not remunerating the traffic. This halts the campaign as if the traffic is not paid for (the right amount of money) it will stop sooner or later.

We believe our solution does a better job, protecting the advertiser, making him pay a fair price and letting the volumes grow.

We are Mapendo. Curious and innovative. Mobile App Marketing is what we do and w. Artificial Intelligence is how we do it. || Bologna, IT ||

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store