Mobile Ad Fraud Matures On Android

crimepaysWhen it comes to mobile ad fraud, everything old is new again.

“All the bad stuff we saw happen in web 1.0 in terms of trying to trick users is coming back with mobile,” said Alex Calic, CRO of The Media Trust, a company focused on ad verification and malware detection.

That’s certainly the case with click fraud, which is on the rise in the mobile space. Between January and May, there were 2.57 fraudulent clicks for every legitimate one across the globe. Between July and September, that number increased by 22%, according to data released by mobile attribution company Apsalar on Wednesday.

And a number of mobile-specific hustles are starting to come into their own, including in-app purchase fraud, forced mobile redirects and APK fraud, a relatively new phenomenon that’s picking up steam.

APK, which refers to “Android Application Package,” is the file extension the Android operating system uses to distribute apps and middleware. While Apple requires users to download apps from its App Store, the Android OS allows users to circumvent Google Play and download apps, aka APK files, from elsewhere. It’s the Android version of PC software file extensions like .exe or .zip.

Fraudsters write scripts to steal the code for apps from Google Play, making them available to download on pirate sites. Search for “APK apps” on Google, for example, and tons of websites show up where people can go to download bootlegged Android apps.

It’s also easy to find “cracked” (read: free) versions of most popular paid Android apps by simply searching for the app’s name followed by “APK.”

“Plants vs. Zombies,” for example, from Electronic Arts, is 99 cents in Google Play, but free on Swedish developer Mojang’s “Minecraft: Pocket Edition” is $6.99 if bought direct from Google, but free on a site called – ”free” in quotation marks, though, because most of these APK downloads either stealthily install additional apps without a user’s knowledge and/or have malware that can steal a user’s data.

“To begin with, the fraudsters put the stolen code in multiple places and take credit for the clicks that lead to installs and, depending on how they manipulate the code, they can also make money on the back end selling in-app purchases,” said Jim Nichols, Apsalar’s VP of marketing. “Most of the time, the people downloading these apps think that they’re downloading a legit version.”

Often enough, the stolen code retains the tracking SDKs that were integrated by the developers themselves for measurement or attribution purposes, and that gives a company like Apsalar the ability to track illegitimate downloads.

APK fraud is growing in developing countries like India, in particular, mainly because the current obsession is on increasing user counts without an attendant focus on ROI and lifetime user value, said Deepak Abbot, head of mobile growth at Times Internet, the digital product arm of The Times of India Group, India’s largest media conglomerate.

Money is pouring into the market, there isn’t enough real inventory and advertisers are turning a blind eye to lifetime value because the volume is so enticing. “In the last year, we’ve seen marketing budgets by most Internet companies grow by at least 5x to 6x,” Abbot said.

Abbot is responsible for attracting monthly active users, increasing conversions and boosting retention for 18 different apps, everything from premium video service BoxTV (conversion goal: subscriptions) to restaurant reservation app Dineout (conversion goal: booking tables). Installs are great, but they’re meaningless if they don’t come from quality users who intend to convert.

“Installs have gone up tremendously over the last six months, but forcing pushed APKs provides poor-quality users, people who were not actually interesting in downloading the app at all,” Abbot said, noting that some bad actors are pushing unwanted APK installs as a way to cover up the fraudulent clicks they’re generating.

botartIndia is No. 10 on Apsalar’s list of countries with the highest rates of in-app purchase fraud, trailing Mexico, Singapore, Russia, United Arab Emirates, Hong Kong, Israel, Saudi Arabia, Taiwan and China.

To put that into perspective, between July and September, there were three fraudulent in-app purchases in India for every real one. In Israel, there were around 14. In China, there were more than 184. But in-app purchase fraud overall is on the decline. Just three months before, the in-app purchase fraud rate was 3.8 in India, 18.3 in Israel and a truly eye-popping 273.2 in China.

The improvement is due in part to advertiser awareness of the problem, as well as efforts on the part of both Apple and Google to improve security and be more proactive around rooting out fraudulent in-app purchases.

And as advertisers get more savvy, ad networks are being forced to take action.

“They’re going back to the ad network and saying, ‘This is not working, we’re not going to pay for that,’ and when an advertiser doesn’t pay for something, the ad network starts cleaning up and down their supply chain for all their programmatic publishers,” said Apsalar CEO Michael Oiknine.

It’s a matter of keeping your eyes open and your nose clean.

“If you want tons of traffic or installs and you want them yesterday and you want them cheap: Beware. That’s when you’ll start working with potentially shadier partners which could lean to fraud,” said John Koetsier, mobile economist at app attribution and analytics company TUNE. “With hundreds or even thousands of digital ad networks springing up, it’s been a bit of the wild, Wild West. Smart marketers are protecting themselves by tracking and evaluating every purchase and optimizing for media buys that move the dials on key company metrics.”

Speaking of key company metrics, a devil’s advocate might say, “Don’t hate the player, hate the game.” Ad network and publisher incentives are all screwy, said The Media Trust’s Calic.

If an ad network is compensated after six seconds or 10 seconds of video play, then that’s what it’ll optimize toward. (Hence, in-banner video.) If it gets paid per install regardless of the acquired user’s quality or lifetime value potential – same story. (Hence, APK fraud.)

“People will create solutions to meet the incentives in front of them,” said Calic. “That is where a lot of the bad activity comes from in the ecosystem.”

Enjoying this content?

Sign up to be an AdExchanger Member today and get unlimited access to articles like this, plus proprietary data and research, conference discounts, on-demand access to event content, and more!

Join Today!


  1. Great read! I’ve been trying to figure out how some in the industry are able to achieve insanely great performance on mobile app installs and why my phone randomly redirects to Now I know why.

  2. That’s true about the majority of PK download sites, but some of them like apkmirror and they do not send malware and even gives you the MD5 of the APK, so you can verify it. Same about the not free apps – only free provided. Hope that helps.