February 22, 2017 | by Vuk Stan

Mobile 'Click Injection' Fraud: The Latest Weapon Against Advertisers?

If you're an online advertiser, you'll know only too well the cost of click fraud. Every year it seems the cyber criminals out there are devising increasingly complicated systems to steal the budgets of well meaning advertisers.

While this is certainly nothing new, what is interesting and alarming to note is the sophistication which click fraud attacks have taken on in recent years. The latest threat, it seems, is coming, not surprisingly, to mobile advertisers. The vehicle chosen for the newest menace in town is the Android operating system.

 

The threat is known as 'click injection' and it occurs when an Android user downloads some free third party application on their device. Common examples of apps used for click injection might be a flashlight, or simple game. The open source nature of the Android market when compared with that of Apple makes it easy for malicious programmers to slip these pieces of click fraud software onto unsuspecting users' mobile phones and tablets.

 

Once infected, fraudulent “visits” are made to advertisers' websites every time an additional application is downloaded. The reason Apple, and Windows products are exempt from the dangers of click injection is thanks to a difference in the operating system's core programming.

Android devices utilize an “installation broadcast” which their Apple, and Windows counterparts do not. The broadcasts alert all the other applications on the device to the installation of an additional app. This allows for the click injector to target every single advert in all the new applications the user installs to the system.

 

Can't we stop it?

Owing to the lack of virtual fingerprints left by the click injector, detection is very difficult indeed. For the advertisers affected, they just look identical to other, legitimate clicks, and as such will be almost impossible to police.

This is highly worrying for advertisers who themselves are seeking to develop their own weaponry to do battle with. Unfortunately, for the time being, there does not exist an effective method for fighting mobile click fraud. It is for this reason that we don't recommend advertisers run pay-per-click advertising campaigns on mobile (particularly Android) devices.

 

The bottom line for advertisers is that scams like the mobile click injector cost lots of money. It's estimated that the annual global bill is in excess of $5 billion. These fake campaigns siphon money from budgets, making the campaign vastly less effective and leading advertisers to be wholly unaware of the true efficacy of their efforts.