Blog Click spam, click farms and organics poaching: Three questions from our fraud webinar answered

Click spam, click farms and organics poaching: Three questions from our fraud webinar answered

With fraud (like click spam) being such a prevalent topic in mobile app advertising, we do our best to share as much information as we can. In our newest webinar, fraud expert Andreas Naumann covered the safest ways to protect your user acquisition campaigns from fraud with Arpit Nanda, Product Manager from InMobi.

Toward the end of the talk, the pair answered your questions sent in throughout the webinar. Here, we’ve picked three of the best. If you want to hear the entire webinar, click here.

Can a click farm switch IP addresses when they have been discovered/blocked or is there a way to block them permanently?

Andreas: We’re not trying to blacklist them. This is because, by doing so, you’re entering a game of whack-a-mole that you cannot win, as it’s very easy to switch IP addresses and VPN services (the latter of which you can, in fact, pay to have more unique IP addresses, and to switch them more often.)

What we’re doing, in fact, is buying an official IP database which doesn’t make a blacklist. Instead, it provides daily updates on metadata with IP addresses. From that metadata we can train our filters; if a data center buys new IP ranges, then we’ll know about it tomorrow, and if the same datacenter loses or sells IP ranges then we’ll know about that as well. By doing so we can make sure that we have as few false positives as possible.

Blacklisting IPs makes no sense at all. IP addresses are disposable; and furthermore, a clean IP address can be used for fraudulent activities, and a fraudulent IP can be utilized for legitimate things too.

What is “organics poaching” and how is it done?

Andreas: I’m going to try to be a little more precise here because there’s two general ways to perform click-spamming.

The first is via mobile web, on undesired content that people don’t want to advertise on, such as streaming. For example, a user takes their iPad to bed and watch the latest blockbuster. In the background the page starts blasting clicks for hundreds of different offers - with the bandwidth that’s already being taken up by an HD video stream no-one would notice another couple of thousand clicks. Then, that website can cash in on the random chance of some user buying something or installing an app after they’ve finished watching their movie.

Another method (of organics poaching) is in-app. Basically, native click-spam with apps which have either lots of daily active users, or take place on apps that are resident in memory (i.e. those that constantly run). The trick is to drop clicks on users without them knowing it. Here again, it’s on the chance of a random user installing an app.

As a fraudster with an app that runs in-memory all the time, you can go to as many networks and exchanges as you can to get deals going for the top ten apps in each category, blast those clicks out and cash-in on the random chance of an install every couple of days.

Won’t limiting the attribution window solve the problem of click spam fraud?

Andreas: That’s a definite yes-no-maybe-a-little-not-really. The click spam and the click spammer is agnostic of when the install happens. So yes, you would root out a ton of random chance by making the look-back window smaller but at the same time there’s still some random chance. And in any case, people just need to spam more to accommodate for the smaller window. On the other hand, you would start cutting out on legitimate late conversions.

Late conversions are a very real thing. Some people forget about the app they installed for a day, or are on a commute now and plan on looking at it later, or just arrived at work and are going to look at it in their lunch hour. There are late conversions there, admittedly not a lot, but there are legitimate cases and if you start rejecting false positives - creating organics out of actual paid inventory that you should be paying for. Publishers then become less interested, because your ROI drops, and they’ll either drop your campaign or ask for a higher CPI to keep up the volumes.

And that is potentially quite harmful. I wouldn’t go for drastically short attribution windows because it’s going to be really hard to get proper inventory if you keep that up for a while.

And that’s all from us, for now. You can watch the rest here, which covers information on the most common fraud schemes in the modern market, how to detect them and how Adjust tackles user acquisition fraud in its software.

If you want more, take a look through our mobile fraud guide for more on click spamming and how you can fight it.

Want to get the latest from Adjust?