How Click Spam Utilizes Mobile Platforms to Commit Fraud

The internet is a treasure trove of fraudulent activity perpetrated by cyber criminals looking to get rich off the backs of unsuspecting web users and advertisers. Click spam is one of the latest tools being used to exploit mobile apps and websites. It is a difficult type of fraud to detect and stop.

Unfortunately, online fraud is everywhere. Whether it is PPC ad fraud, phishing attacks, or using computers to distribute malware, the criminals who perpetrate it think nothing of victimizing the rest of us. They will use any means necessary to enrich themselves at our expense.

A Basic Definition of Click Spam

As a form of mobile click fraud, click spam targets mobile users themselves through the apps and mobile websites they frequently visit. A scammer infects an app or site with malicious code that, when activated, displays invisible ads and videos that are automatically clicked on to drive revenue. The ads and videos are invisible in the sense that they are too small for mobile users to actually see. But they are still there.

Fraud Blocker, a company that specializes in click fraud prevention, says that the malicious code doesn’t take up a lot of space on a user’s device. It also runs in the background, so users have no idea that their phones are continually clicking on ads.

Different Types of Click Spam

The basic definition of click spam should make clear how it works. But it turns out there is more than one way to run a click spam scheme. In fact, there are multiple types of click spam that criminals can utilize. Here are just two of them:

1. Background Activity

Perhaps the most common form of click spam involves background activity. The downloaded malware generates fake ad clicks via a process that runs undetected in the background. The malware generally does its thing whenever the app is being used. This makes it appear as though the actual user is responsible for the clicks.

It is also possible to run background processes even when the infected app isn’t being used by the cell phone owner. This is because a mobile app never really shuts down unless a user manually and forcefully stops it. Unused apps just take a background position until they are opened again.

2. Reporting Impressions

Another popular click spam tactic is to report ad impressions as actual clicks. For all intents and purposes, an ad impression on a mobile device is simply an incident of display. An ad being displayed on a phone counts as an impression.

Criminals who utilize this method do not actually have to click on ads to drive revenue. Instead, their malware records impressions as legitimate clicks and then bills advertises accordingly. Advertisers are none the wiser. All they see in their analytics data is what appear to be more clicks. They pay the bill and go on their way.

Devices Are Easy to Target

Cyber criminals are paying a lot of attention to mobile click fraud these days because devices are so easy to target. They are easier to target than computers just because they offer so many more vulnerabilities. Phone manufacturers, software developers, and app store owners are all working diligently to prevent click spam. But until they reach the same level of sophistication as the criminals, mobile devices will continue to be vulnerable.

It is up to advertisers to be especially diligent about tracking and analyzing mobile ad data. Utilizing click fraud protection software and other tools designed to identify fraudulent activity is a no-brainer. If advertisers don’t fight back against click spam, it will continue.

Leave a Reply