Ad Fraud

Ad fraud refers to fraudulent practices designed to extract ad revenueGlossaryAd RevenueThe revenue an app earns from showing ads — fundamentally impressions × eCPM, after fill rate and the mediation layer decide which requests get filled and at what pr... from advertisers — faking clicks, impressions, installs, or post-install events that didn't actually happen. Mobile ad fraud is a persistent industry-wide problem; estimates suggest 5-15% of total mobile ad spendGlossaryAd SpendThe total dollar amount deployed into paid user acquisition over a defined period — the input variable that drives all UA volume. is lost to fraud, with higher rates on lower-quality traffic sources (open programmatic exchanges, unverified ad networks) and lower rates on major SANs (Meta, TikTok, Google) that invest heavily in fraud prevention.

Main fraud types

• Click floodingGlossaryClick SpamAn ad-fraud technique where a bad actor fires huge volumes of fake clicks so that, by chance, some precede organic installs — letting the fraudster claim attribution...: botsGlossaryBot TrafficAutomated, non-human activity — scripts, bots, and emulated devices — that generates fake clicks, installs, and in-app events to defraud advertisers or distort analy... fire massive volumes of fake ad clicks targeting your campaigns, hoping to claim attribution credit when users install organically from another source. Fix: short click-to-installGlossaryClick-to-Install Rate (CTI)The percentage of users who click an ad and then complete the install — typically 20-50% depending on category and traffic quality. attribution windows (1-7 days), MMPGlossaryMobile Measurement Partner (MMP)A third-party attribution provider (AppsFlyer, Adjust, Singular, Branch, Kochava) that adjudicates which ads drove which installs across multiple ad networks, with i... anti-flooding filters.
• Install hijacking: legitimate ads are intercepted and credit redirected to fraudulent networks. Common on Android via malware-style apps. Fix: MMP install-time signal validation, postback integrity checks.
• SDKGlossarySDK (Software Development Kit)A packaged set of code, libraries, and tools a developer drops into an app to add a capability — the integration unit for attribution, analytics, ads, and monetizati... spoofing: fake "installs" generated server-side without any real device. Fraud network spoofs the MMP SDK postback. Fix: cryptographic signature validation in modern MMP SDKs.
• Device farms / click farms: physical devices in offshore farms repeatedly clicking ads and installing apps. Real installs but no real users. Fix: behavioral pattern detection (device IDs, sessions, install velocityGlossaryDownload VelocityThe rate of change in an app's daily downloads — not absolute volume. The primary signal that moves an app up or down the App Store and Google Play Free charts.).
• Click injection: fraud apps installed on a device "inject" attribution claims when other apps are installed. Android-specific. Fix: Google Play Install ReferrerGlossaryInstall Referrer (Android)Google Play's official mechanism for passing referral / attribution data from the play-store click to the freshly installed app — the cleanest Android attribution si... API.

Fraud rates by traffic source (rough 2026 anchors):

• Major SANs (Meta, TikTok, Google): under 3%. Heavy investment in fraud prevention.
• Established in-app networks (AppLovin, ironSource): 3-8%. Variable by demand sourceGlossaryAd NetworkA platform that aggregates ad demand from many advertisers and matches it to publisher inventory through real-time auctions..
• Open programmatic exchanges: 10-25%. Highest fraud rates.
• Apple Search AdsGlossaryApple Search Ads (ASA)Apple's ad platform for promoting apps in App Store search results and other App Store placements. The highest-intent paid acquisition channel on iOS.: under 1%. Apple's first-party attribution is essentially fraud-resistant.

Always evaluate networks by *post-fraud-filter* install volume, not raw claimed installs.

Detection — what MMPs do

• AppsFlyer Protect360, Adjust Fraud Prevention, Singular Anti-Fraud are the major dedicated tools — each MMP integrates fraud detection natively.
• Detection methods: device anomaly detection (impossible device characteristics), click-flood detection (impossibly high click volumes per IP/device), install velocity checks, behavioral pattern analysis.
• Filtered installs are flagged in MMP reports — you typically pay only for clean installs (depending on network contract).