Install attribution fraud
Click spoofing
When advertisers rely on their publishers to self-report mobile click events server-side, they may be paying a fraudulent partner for reported clicks that never actually occurred. Unchecked, a malicious publisher may trigger a mobile click-tracking event in the absence of a legitimate click and claim attribution for organic installs or installs driven by other legitimate partners.
How they do it
- Malicious publisher registers for an advertiser’s affiliate program
- User navigates to malicious publisher’s mobile website
- User does not engage with an ad on the site
- Malicious publisher fires click-tracking event anyway, mimicking or “spoofing” user’s engagement
- After some time, user navigates to the app store organically or via a valid partner’s promotional effort
- User downloads advertiser’s app
- Advertiser attributes credit to malicious publisher, even though they provided no value in driving the install
