What is malvertising - install attribution fraud - Impact
Close Technique Button

Install attribution fraud


Malvertising can also be used to corrupt install attribution models. This technique occurs when bad actors purchase impressions to distribute ads they’ve injected with malicious code to trigger clicks to app stores. As these malicious ads send users to app stores without their consent, the often-innocent publishers that host malvertising collaterally suffer for providing poor user experience.

Technique Left Arrow 2
Technique Right Arrow

How they do it

  1. Malicious publisher has registered for advertiser’s affiliate program
  2. User navigates to a mobile website
  3. Website renders an ad with compromised HTML5 creative embedded with publisher’s affiliate link and malicious code to trigger a click event
  4. Illicit click sends user to the Google Play store
  5. In the future, user downloads advertiser’s app from the Google Play store of their own volition
  6. Advertiser attributes credit to malicious publisher, even though they provided no value in driving the install, and pays them a percentage of revenue

Get in touch