Install attribution fraud
Click flooding
An especially pernicious publisher may use their app to hijack a user’s phone and generate hundreds of ads in the phone’s background, also triggering automatic click events for each of those ads. These click events are intended to game advertiser’s CPI attribution models and occasionally may redirect the user to an app store.
How they do it
- Malicious publisher has registered for advertiser’s affiliate program
- User downloads malicious publisher’s app
- App hijacks user’s device, loading hundreds of ads in the phone’s background and triggering automated click events for each ad
- Click event may redirect user to the app store
- At some later time, user organically downloads advertiser’s app
- Advertiser attributes credit to malicious publisher, even though they provided no value in driving the install, and pays them a percentage of revenue