How fraudsters steal your hard earned CPI commissions.

Fraud in the Performance Marketing Industry
ShareShare on FacebookTweet about this on TwitterShare on LinkedIn

What is CPI (Cost per Install) Fraud mean? How does it work? How can I protect my business from further damage?

It’s the hard truth, but Fraud exists anywhere you go. Governments, Politicians and guess what, there are also fraudsters in the marketing and advertising industry.

Especially performance based marketing is filled with suspicious activities. Fraudsters are stealing hard earned commissions from advertisers and networks like you.

According to this article by Fortune Magazine russian hackers have generated 3$ – 5$ million per day through Ad Fraud. Imagine how much money your business can lose if you don’t take the necessary steps to detect your fraudulent conversions.

What is Digital Ad Fraud?

Let’s have a closer look.

In short, advertising fraud stands for a variety of crimes such as cookie stuffing, using bots/emulators to mimic human behavior, Ad stacking, laundered ad impressions, fake installs and much more. Fraudsters steal billions of dollars every year and often the bad guys get away unnoticed.

No matter how good your campaign, the quality of your targeting or how viral your campaign will be, if you don’t pay attention to fraudulent activities, you will eventually loose money.

Due to our research over the last 10 years, we have experienced the following types of fraud as the most common ones in the industry:

Human Traffic – Click Spam, Cookie Stuffing, Attribution Fraud & Ad Stacking

Ad Stacking and Impression Stacking describes the process to hide ads behind another and ad, so ultimately only the top ad can be seen whereas the others will remain unseen. It’s almost impossible for normal users to see this type of fraud.

Click Farms is a tactic that is heavily used by developing countries, where low-paid workers are clicking on advertising that they have no interest of (Picture below). These tactics are heavily used by countries such as China, India, Bangladesh and Venezuela.


Source – QuoraChinese Bot Farm to realize click fraud on a scale.

Click Spam
is one of the fastest growing fraud problems in the industry across all verticals. We explain the tactics of Click Spam in more detail here.

Keep in mind that this problem is more complex than it looks at first glance. Don’t underestimate how many conversions are lost due to Click Spam / Click Injection, which can be a devastating threat to your business.

Non- Human Traffic through Emulators and Bots

Bots and Emulators mimic human behavior and imitate a real user by browsing the app or downloading an app. There are sophisticated bots who can move mouse cursors, click on links, watch video, and even add items to the shopping cart.

To fake an install, fraudsters use  bots or emulators to continuously install and delete the same app over and over again.

This requires the fraudster to fool the advertiser into thinking installs are coming from multiple users, most commonly by resetting either the IDFA or Android ID. This can be identified through Duplicate IPs inside your traffic.
However, it is not as simple as only checking for same IPs. In fact, in many countries a mobile device that is connected to the same phone tower can have the same IP address in the same or even in different countries.

When you compare data such as Product Offer, IP, Time and day, you can identify patterns that allows you to find fraudulent conversions as it is not possible that the same offer from the same IP at the same time and day received an install for example fifty times.

Steps you need to take to prevent your business from CPI Fraud

  • Demand transparency from your publishers and continuously monitor sourced traffic.
  • Start using bot detection services to identify suspicious actions.
  • Watch out for Click Spam and update blacklists on a daily basis.
  • Remember that fraudsters often act at night between 11 pm and 5 am.
  • Adjusting your ad campaign to that information accordingly.
  • If something looks suspicious and too good to be true, then it is (e.g. a 80% CR Rate).
  • Reveal your anti-fraud policy to the public.

As you can see, these patterns are more complex and are going to be even more sophisticated in the future. Therefore it requires advanced methodologies to detect fraudulent patterns.

Although it might be hard for marketeers to keep up with the most frequent threats, it is recommended to use an anti fraud system that can thoroughly check your traffic and give you a transparent rejection reason.



is key and there is a simple reason.

You will need a solid reason that you can show to your affiliates / partners in order to stop discussions about payouts in case you found a fraudulent conversion.

For example, a score of 80% Fraud won’t help you to win an argument with a suspicious affiliate. You need to proof them wrong and show them what happened in your traffic.

If you don’t use a fraud detection service, you won’t be able to follow the newest strategies of clever fraudsters who will always try to find away around your precaution measurements.

Keep in mind that the fight against mobile ad fraud has only just started.
We are working hard to protect your businesses and we know that the good guys will win.

Tell us about your latest fraud problem here.

We read every single email.