Click fraud is something that has been going on for a while on computers, but a study from Forensiq indicates that this type of ad fraud has moved to mobile devices. On PCs, this process works by having malware programs that run in the background of someone’s computer view and click ads. The programs usually are designed so that mouse movements and clicks emulate that of regular Internet users, so on the surface, the clicks and views appear legitimate to advertisers and display networks.
Replace malware with apps and clicks with taps and you’ve basically got the gist of what’s going on with fraudulent apps that are displaying upwards of 20 ads per minute without ever being seen. It’s harder to get people to install malware apps on a mobile device without a user’s permission, so fraudulent app developers simply piggy back them onto valid apps.
Bloomberg reports that a breastfeeding app for iOS and several games made by Girls Games Only have been flagged as potentially engaging in these activities. The apps are used and often have solid ratings, but users also frequently complain of crashes and the apps slowing their devices.
Forensiq discovered that a significant number of apps available through the Google Play Store and the Apple App store displayed high levels of risk, nearly 15% and 12%, respectively. Of the 16.2 billion daily impressions that were analysed, just over 13% were identified as high-risk. This indicates about $857 million will be spent on fraudulent ad views and clicks this year, and it is expected to go over a billion in the next.
Along with being a huge source of wasted money for advertisers, individuals who install these apps aren’t in for a good time either. Since they run all the time, they can slow a mobile device down and drain a battery quickly.
However, one easy way to filter out potentially risky apps is to look at the permissions the app requires as opposed to just looking for the OK button (something I am totally guilty of). Forensiq determined that the permissions required by these apps tended to go way beyond what would be required to run them. Examples of excessive permissions included needing the the app be allowed to prevent a device from sleeping and being given full network access.