Install farms employ hundreds of low-cost workers with real phones to install the apps of advertisers that reward partners on a CPI basis. In other cases, a fraud operator may set up a script within a mobile device emulator that automates the process of generating fake installs and in-app activity.
How they do it
- Malicious publisher has registered for advertiser’s affiliate program
- Install farm worker uses one or multiple devices at once to navigate to malicious publisher’s site
- Install farm worker clicks through from malicious publisher site to app store
- Install farm worker downloads advertiser’s app
- Advertiser attributes credit to malicious publisher, even though they provided no value in driving the useless install, and pays them a percentage of revenue