How To Tackle Ad Fraud

---

• Explore various fraud detection mechanisms, from simple methods to advanced tech tools.
• Learn about the role played by M&C Saatchi Performance in detecting and preventing advertising fraud.

---

In our last two episodes we discussed ‘What Advertising Fraud Looks Like Today’ and ‘How To Spot Ad Fraud’, their impact on key campaign decisions, and advertisers’ ROI.

If you missed the previous episodes, you will be able to access them here.

In this episode, we will be discussing an action plan on how to tackle the different types of ad fraud. Let’s begin!

RECAP ON CLICK HIJACKING/INJECTION

A common attribution fraud where fake clicks are sent right before an app is opened for the first time on a new device, tricking attribution tools that work on last click attribution modelling into crediting the install to an illegitimate source.

HOW TO TACKLE CLICK HIJACKING/INJECTION?

Click Hijacking or Injection is relatively easier to detect compared to other ad fraud types. If there is a significantly short time between the click and app install it is a strong indicator of Click Hijacking. As most attribution platforms capture the timestamp of events, we can detect this fraud type by simply finding the difference between the click time and the first-app-open time i.e. Click To Install Time (CTIT) difference observed for an ad campaign.

There may be several reasons behind a user experiencing varied timelines in installing the application like network connection type, internet speed, the app store being used (Google Play Store or 3rd Party App Store), and the size of the app. This is primarily why advertisers should be cautious about choosing the right benchmark deciding the threshold (probabilistically) to validate the events as non-fraudulent.

As highlighted in our previous episode, this type of ad fraud can only occur in an android environment. We can take references of CTIT observed on trusted Self Attributing Networks (SANs) like Google and Facebook to arrive at reasonable benchmarks on the fraud detection tool used.

RECAP ON SPAMMING

When a fraudster sends a large number of fraudulent clicks with the aim of hijacking the attribution for other publishers’ events, it’s called Spamming.

HOW TO TACKLE SPAMMING?

When there is a high volume of clicks (usually in thousands or millions) resulting in low click to install conversion rates at a partner and sub-publisher level, we flag it as spamming fraud. Unlike Click Hijacking, here we need to calculate the percentage of installs to click ratio recorded at different ad publisher levels to spot the fraud.

Fraud detection tools use a variety of methodologies to identify and flag Spamming events. To spot and prevent this type of fraud, attribution partners regularly monitor conversion rates at the partner level, and will completely block any partner found to be involved in fraudulent activity.

On a client-by-client basis, we at M&C Saatchi Performance, create custom fraud reports to identify Spamming events for campaign optimisation. Besides conversion rate checks, the time taken for the first-app open, or install from the time of the click, is a good measure for flagging ad fraud.

For Example: If a campaign records install events at a sub-publisher level of 85% or higher, and these installs are followed by a delay of more than two hours before the first app open, these events may be flagged as potentially fraudulent. This could indicate an unnatural user behaviour pattern, which is often a sign of ad fraud.

RECAP ON  GEO FRAUD

Geo-fraud basically refers to a situation where events are initiated from locations that fall outside the intended regions targeted by an advertising campaign.

HOW TO TACKLE GEO FRAUD?

Geo-fraud is pretty straight-forward, events surpassing a 3 to 5% threshold, outside the targeted regions, are flagged as geo-fraud. Some ad platforms may serve ads to a negligible amount of audiences outside the predetermined geofence of the ad campaign based on the targeting strength they hold.

Also, there are a few misconceptions on city or region based targeted ads, where spillovers are considered fraudulent. It’s for advertisers to understand that the accuracy of geolocation is 60%-80% and spillovers are likely when a click has multiple touchpoints.

To mitigate geo-fraud, it’s important to carefully evaluate the proportion of events originating from non-targeted geographic locations. This analysis will inform optimisation of the campaign settings and ad placements to better align with the intended geographic targets.
At M&C Saatchi Performance, we conduct regular checks on the geo targeted to avoid compliance issues at an operations level. We then analyse the percentage of spillover recorded across platforms to identify any anamolies. As stated in the previous episode, region wise spillover, found on ad tech platforms, can usually be attributed to database mismatch unless it is significant.

RECAP ON OUT-OF-STORE EVENT FRAUD

These are downloads of an outdated app version, compared to the latest version of the app on the Google Play Store.

HOW TO TACKLE OUT-OF-STORE EVENT FRAUD?

As stated in our previous episode, this type of ad fraud only occurs in an Android environment when apps are downloaded from third party app stores, as iOS doesn’t support APK installation. These third party app stores are owned by different mobile manufacturers.

To identify fraudulent out-of-store apps, we need to set coherent fraud benchmarks for each mobile manufacturer while creating campaign rules. This can be an arduous task as mobile manufacturers often update the app versions on their stores without any public notice.

When verifying installations through the Google Play Store, we utilise tools such as data.ai to confirm the latest version of the app used during the active campaign period. For apps acquired from out-of-store sources, we typically take the last three updated versions as valid. Apps older than this may lack new app features, which could potentially render certain advertising communications irrelevant.

At M&C Saatchi Performance, we employ data.ai to authenticate the installed version of the app alongside OEM validation.

RECAP ON AD STACKING

Ad stacking occurs when fraudsters layer multiple ads on top of each other. Regular checks on the click-through-rate and publisher ad placements help in identifying any fraudulent activity.

HOW TO TACKLE AD STACKING?

A few measures that can be taken to tackle ad stacking are:

• Make it a habit to frequently review the backend of your campaigns. In case you are running multiple campaigns simultaneously, you should be able to detect instances where the same device clicks on multiple ads at the same time.
• Monitor the conversion rates of your campaigns consistently. If you notice a significant number of impressions but low conversion rates, it could indicate ad stacking.
• Notify your agency about the fraudulent events in your campaign for assistance in investigating the matter.

RECAP ON SDK SPOOFING

SDK Spoofing occurs when fraudsters manipulate data to present false events that never actually occurred.

HOW TO TACKLE EVENT SPOOFING?

SDK Spoofing is a highly sophisticated form of ad fraud, manipulating the communication between an app and its tracking platform to create fake events within the app’s environment. This makes it challenging to detect as these events are produced without the involvement of any actual devices. To combat SDK Spoofing, several methods can be implemented including ensuring secure SDK communication, verifying event data using CRM tools, and maintaining continuous optimisation and regular feedback loops with customer data. Over time, these actions can help to reduce instances of such fraud. Importantly, keeping SDKs updated and integrating them with secure tracking platforms can significantly enhance your defences against SDK Spoofing.

KEY TAKEAWAYS

In this article, we covered:

• A recap of Click Hijacking, Spamming, Geo-fraud, Out-Of-Store Events, Ad Stacking and SDK Spoofing.
• We examined how each type of fraud can be combated with specific techniques, such as monitoring CTIT for Click Hijacking or utilising data.ai for Out-Of-Store Events.
• We highlighted how M&C Saatchi Performance play’s a crucial role in detecting and preventing ad fraud for our clients.
• To combat ad fraud it’s vital to conduct regular data analysis and optimisation as it ensures your campaigns remain effective and secure.
• By monitoring these ad fraud types and employing the detailed prevention strategies, advertisers can enhance campaign integrity and maximise their return on investment.

WORKING WITH M&C SAATCHI PERFORMANCE

At M&C Saatchi Performance, we’ve a thorough understanding of the performance marketing ecosystem. We have established a robust fraud prevention methodology to minimise the impact of advertising frauds on our clients’ advertising spends.

Reach out to us to know more about our performance marketing services.

COMING UP IN OUR AD FRAUD SERIES

EPISODE #4: HOW TO MAINTAIN A LOW FRAUD LEVEL LONG TERM

• Review methods of fraud prevention and discuss the use of benchmarks, optimisation techniques, and checkpoints to keep advertising fraud levels low over the long term.