What is click spoofing - install attribution fraud - Impact
Close Technique Button

Install attribution fraud

Click spoofing

When advertisers rely on their publishers to self-report mobile click events server-side, they may be paying a fraudulent partner for reported clicks that never actually occurred. Unchecked, a malicious publisher may trigger a mobile click-tracking event in the absence of a legitimate click and claim attribution for organic installs or installs driven by other legitimate partners.

Technique Left Arrow 2
Technique Right Arrow

How they do it

  1. Malicious publisher registers for an advertiser’s affiliate program
  2. User navigates to malicious publisher’s mobile website
  3. User does not engage with an ad on the site
  4. Malicious publisher fires click-tracking event anyway, mimicking or “spoofing” user’s engagement
  5. After some time, user navigates to the app store organically or via a valid partner’s promotional effort
  6. User downloads advertiser’s app
  7. Advertiser attributes credit to malicious publisher, even though they provided no value in driving the install
Click spoofing

Get in touch