The wallet-draining blight of ad fraud has hit our phones—and hit them hard, according to a new study from DoubleVerify.
The research found that invalid impressions on mobile has doubled year-over-year since 2017, and the total number of “fraudulent apps” has increased more than 150% between 2017 and 2018. Of these apps, more than half were categorized as either “games” or “utilities,” the researchers said.
Part of the reason for this boost comes down to consumer psychology, according to Roy Rosenfeld, head of DoubleVerify’s Fraud Lab. For bad actors to exploit a user in the digital space, he explained, users typically need to download adware from a website that might be under the guise of an innocuous chunk of software—something most savvy web users know to avoid, he said.
“But if you think about the mobile space, we’re used to installing apps all day, every day,” he added. “And not only that, but your phone is always on and always being used. All the pieces are there to turn you phone into a hot mess of mobile fraud.”
App-generated fraud has the same goal: generating fake impressions while draining a phone’s battery and running up its data mileage. It can take a number of different shapes. Recently, the fraud-detection firm Protected Media found a scheme where ads ran hidden behind legitimate banners on certain particular apps. That same month, Oracle unearthed a fraud ring they’d dubbed “Drainerbot,” which embedded malicious software into millions of apps and ran unseen video ads onto spoofed publisher’s sites.
The ever-morphing shape of fraud in the mobile space is part of what makes it so difficult to tackle—not to mention the multiple moving parts of every piece of fraud, with different actors at each step of the supply chain.
“Often, with this kind of fraud, you don’t see just one specific entity conducting the entire operation,” Rosenfeld explained. “You’ll have different actors with different specialties: one person creating the malware, one person distributing, one person with deep connections with the ad networks and ad tags. And each of these components needs to be handled differently.”
It’s no surprise that scammers are itching to jump into the mobile fraud ring. By 2020, this stream will represent more than 40% of media spending in the US—a greater percentage than all of traditional media combine, according to an October eMarketer report. For context, television is predicted to reach roughly $69.5 billion that year, and radio is expected to scrape by at $14.4 billion—but mobile is expected to surpass $113 billion. And that number will only continue to skyrocket as consumers spend more time on their mobile devices: The same study predicted that spending in the mobile space will more than double that of television by 2022 at a whopping $141.36 billion.
The most recent publicly available estimates of how much of that cash will end up lost to fraud are all fr0m 2017. That year, analysts at Juniper Research estimated that $19 billion of the money advertisers spend on digital devices of all kinds—including mobile phones—will actually go into fraudster’s pockets by 2018’s end. By 2022, they expected that number to jump to $44 billion.
Rosenfeld, for his part, is confident that initiatives like the IAB’s recent rollout of app-ads.txt will fight against fraud in the mobile space. But he was quick to point out that these preventive measures will never reach their full potential without the cooperation of app stores and developers. As of this writing, only Google—which has been a vocal proponent of ads.txt in the past—has adopted the app-friendly version for its mobile app store. Apple and Amazon, meanwhile, are staying mum on the subject.
“The app store’s participation is integral to the fraud-fighting process,” said Rosenfeld. “Until they fully support this standard, everything is going to be a little more difficult.”