DataVisor Report: Rampant App Install Fraud is Costing Mobile Marketers up to $300M Per Year

New DataVisor industry report exposes the underworld of app install advertising

Mountain View, California, UNITED STATES

MOUNTAIN VIEW, Calif., Aug. 23, 2017 (GLOBE NEWSWIRE) -- More than five percent of app installs from non-premium ad networks are fraudulent, costing mobile marketers up to $300M in ad spend every year, according to a new report released today by DataVisor. This report, The Underworld of App Install Advertising, is based on the analysis of 140 million app installs and 11 billion user events between January through May of 2017 and dives into the most recent fraud techniques and attack patterns in mobile user acquisition advertising. The study analyzes fraud in the wild from more than 490 ad networks and publishers, and focuses on the widely understudied issue of app install fraud as well as provides critical steps for advertisers to effectively combat the growing army of sophisticated fraudsters.

Over the past several years, the user acquisition strategy of mobile marketers has shifted to a cost-per-install (CPI) and cost-per-engagement (CPE) model to enable direct attribution of marketing investment to user growth. Fraudsters, to capitalize on this new opportunity and net rewards nine times that of a fraudulent clicks, are inserting themselves into the ad supply chain in the form of fake sub-publishers and farm or steal clicks and installs using a variety of tactics and techniques, including install farms, mobile device emulators, click injection apps, and more.

“As we look at fraudsters across various industries, one thing remains the same - there are more tools available than ever for sophisticated criminals to skirt detection and they are taking full advantage of them,” said Ting-Fang Yen, director of research, DataVisor.  “As more money is poured into mobile advertising, the incentive to try and steal it grows. Mobile marketers around the globe have to be vigilant in protecting their ad spend and making sure the users they pay for are legitimate, otherwise millions of dollars are wasted on fake users, seriously impacting both your budget and bottom line.”

Bad Actors Give Oscar-Worthy Performances
As marketers have grown less trusting of “per install” incentive ad campaigns, they have increasingly used campaigns that pay for active users rather than simply installs. To go undetected, sophisticated fraudsters are becoming really good at simulating the behaviors of normal users and performing in-app events, or opening the app multiple times after download. DataVisor found that more than 84 percent of fraudulent installs generated at least one in-app event after downloading. Additionally, 29 percent of fraudulent installs return to the app during the second day, and 18 percent return in seven days. The fact that fraudsters are artificially generating app opens and other retention events at a rate even higher than that of legitimate users demonstrates the lengths criminal organizations will go to cash in on ad budgets, using a combination of human labor farms and bot-based scripts to emulate real engagement.

All Campaigns Are Not Created Equal
While the overall fraud rate average across all ad networks is 5.3 percent, fraud rate varies widely  within each ad network, fluctuating by more than 50 percent over time. More importantly, many of these ad networks can have upwards of 90 percent fraud rate for individual campaigns, so an ad network that worked well for a previous campaign is not guaranteed to work well for another. Therefore, marketers must remain hyper vigilant during each ad campaign to ensure that the inventory they are receiving is coming from legitimate users.

The Issue is Worldwide
Using data pulled from the DataVisor Global Intelligence Network, it was clear to see how this type of fraud impacts countries around the world. DataVisor discovered install fraud originates from more than 240 countries and territories, demonstrating this is a problem that plagues advertisers worldwide. Of the top countries by install volume, DataVisor found that the countries with the highest fraud rate include developed countries in North America and Europe, likely due to bigger payout for installs in those regions. The top countries with the highest fraud rate during the period of study are Saudi Arabia (15.8 percent), India (7.8 percent) and the USA (6.5 percent).

DataVisor also analyzed the most popular device types and cloud services for fraud, finding that use of cloud services for user acquisition fraud is three times higher than that of social or financial fraud and more than 20 percent of all fraudulent installs originated from a cloud hosting provider. From a device standpoint, Android devices are the preferred tools for conducting install fraud, used five times more often than iOS devices.

To download the full report, please visit:

About DataVisor
DataVisor is the leading online fraud and financial crime detection service utilizing unsupervised machine learning to identify attack campaigns before they conduct any damage. DataVisor protects more than two billion user accounts within some of the world’s largest online properties. For more information, visit



Contact Data