Types of fraud. Install Fraud Activities

Types of fraud. Install Fraud Activities

Types of fraud. Install Fraud Activities on Affbank.comFraud – the main problem of Affiliate Market and first of all for advertisers.

Advertiser is the end point and the budget on an advertising is fully depends on the product`s profit and if the quality of traffic is low – profit will be going down.

We are developing and opportunities of cheating are developing with us. According to the recent researches among the 100 conversions, 15ty - fraudulent. What is more important, such cheaters have their own assistants – bots. In comparison with 2016th the bot activity had beenin creased significantly and they teched to do a lot actions that belongs to human, so-to-say Artificial Intelligence in the wrong hands.

In the previous article «Types of fraud. Pre-install activities» we discussed such things as: Click Flooding, Click redirection, Clean Devices and Click hijacking. If you didn’t read it yet or you need to refresh the memories – just read it again (button «read»).

Today we will discuss the main type of fraud - Install Fraud

Install Fraud presented in the five main types:
- Bots
- Install Hijacking
- Emulators
- DeviceID Reset Fraud
- Limitadtracking

Let’s start from the most painful topic – bots. Bot – creating traffic by means of specially written programs. They can artificially increase the numbers of clicks, installs, views and since the recent time bots can make a purchase and even create an activity in the app. Sounds scare, yea?

There three existing kinds of bots:

Simple bots – scripts which are released from a certain server. They gave static IP, a user the agent and cookie ID. Simple bots are easy to find and block.

Clever bots – use random proxies and dynamic IP. They arrange CTR under the average indicators. Such bots can hold a high retention rate level up to two weeks and do deposits in the application

Botnets or Bot Farms – a large number of the hosts united in network. In each network one or several bots are activated. It is difficult to find botnets. However, cause of some features of programming, banality of behavior is also peculiar to them.

There is a possible forth type of the bots might be used – self learning bots. Such bots are able to correct their attack strategy after the attempt to block activity. The strategy can be changed without a human intervention. We are lucky, because such bots weren’t mentioned anywhere, or we don’t know about it? Anyway, the most important question right now - how to catch this malwares?

To escape from the bot attracts, you have to check the following parameterscarefully:
- Abnormally high speed of loadings
- Small period between click and conversion (target action), depends on the product
- Obviously sample behavior (for example, an equal interval between clicks)
- Different GEO of click and conversion
- A large number of clicks made from the same IP/ID;
- CR less than 0,0.. and CR higher than 60%
- Small User Life Time – up to 3 days
- Suspicious activity at night.

Target of fraud is: All campaigns

So, lets go to the last but not less important part of our article - Install Hijacking.

As usual, we already have mazing Appsflyer glossary:

Install hijacking - a class of mobile fraud that uses mobile malware to hijack attribution for an install. Install hijacking is a broad category that includes the click injection method outlined below, as well as referrer hijacking and click hijacking. Both install hijacking and click flooding are real installs from real users where the attribution was compromised or hijacking. In contrast, fraud from bots, device farms and behavioral anomalies, usually represent false installs.

In install injection, malware on devices identify when an install begins, and sends a false click reports during the install process. Like click hijacking, this malware is often hidden in apps that otherwise appear legitimate.

Target of fraud is: All campaigns

Emulators — the simulations of devices started from the central server, many swindlers in the sphere of mobile advertising use emulatorsto generate false views, clicks, installations and even involvement. Some swindlers, in attempt to give to imitations visibility of a real devices, create an extensive profile of metadata of devices.

How to prevent the emulators activity? You have check the information passed in device name. Emulators usually passed their name, for example Andy Win, this emulator is used by cheater to install app for iOS on the Android.

Target of fraud is: CPI campaigns

DeviceID Reset Fraud - a type of click, install and engagement fraud where cheaters click on real ads, install the actual apps, and engage with the apps, often for quite some time. Using massive install farms, fraudsters reset their DeviceIDs between each install, effectively generating significant numbers of “real” clicks, installs and retentionfrom New DeviceIDs, bypassing real-time anti-fraud protection measures.

The only protection system that can detect fraudulent DeviceID dumping schemes in time and protect against them is the Protect360 with the DeviceRank ™ rating (Appsflyer).

Target of fraud is: CPI campaigns

Limit ad tracking - function of privacy allows user to limit the data about their device activity passing to advertiser. If the user turns on the advertising tracking restrictions, advertisers and their instruments of measurement will see a gap instead of DeviceID of the concrete device.

Many cheaters try to hide the fraud with the settings, activating their devices as a limit ad tracking.

Target of fraud is: CPI campaigns

The methods of cheating are becoming more and more smarter, so we must be well equipped and upgraded. If you know the enemy – you know how to fight with them.


Written by


Hey, my name is Uliana, I am here to provide you with the top affiliate content, starting from Facebook arbitrage to Push traffic. Ask me anything: [email protected]

For registered users only

Your review
Clear all




Category ()



Authors ()


Recent Posts

Approach That Helped Me Increase Income in Affiliate Marketing

Almost every arbitrager faces the problem of low conversion rates and high advertising costs, which...

Read more

Sun, heat, and up to $1000 cashback on your campaigns in June with Adsterra

This June, Adsterra launches a simple as-pie campaign that will make advertisers earn 15% cashback b...

Read more

A Review of Yeezypay: A Service That Helps To End Bans In Google Ads

YeezyPay is a service that every affiliate who sends traffic through Google Ads should know about. Y...

Read more