Ad Fraud Tutorial Series: What is Device Hijacking?

By John Koetsier February 15, 2016

With the tremendous costs of advertising fraud, it’s natural that advertisers are trying to learn as much as they can about how digital ad fraud is perpetrated and how to protect their businesses from its costs.

Singular wants to help. This series of tutorial blog posts is designed to provide insights and explanations into the causes of digital ad fraud and how data-driven advertisers can protect their app business from every form of digital ad fraud, including forms of ad fraud perpetrated by device emulators.

What is Device Hijacking?

We all have the assumption that what takes place on our phones is entirely under our control. We assume that we decide and are the arbiters of what is downloaded onto our devices, and what information passes from them to outside parties.


Download the Singular Fraud Index

SIngular has just released its 2017 Singular Fraud Index, which reveals the mobile industry’s Most Secure Ad Networks. The Index is the first study of its kind to examine fraud data collected from multiple fraud prevention solutions, each with its own set of proprietary detection methods. Drawing on this unique dataset, the study exposes the effectiveness of today’s most common anti-fraud mechanisms as well as the 20 ad networks driving the lowest rates of fraud.  

Get your free copy here.


Device hijacking violates every aspect of those expectations. With device hijacking, fraudsters take control of your device and manipulate both what takes place on it and what information enters and leaves it.

How Device-Hijacking-Based Ad Fraud is Perpetrated

To gain control of your device, fraudsters have a variety of tactics — each designed to convince you to download and install a malicious app. Here are two ways that this can take place:

  • The app may convince the user to voluntarily download it by offering some appealing but seemingly innocuous function like a flashlight. But inside the app is malicious code.
  • When you download an app, a second app might secretly be downloaded with it. Again, this is usually occurring on third party app stores where attackers have more leeway to deliver apps with malware inserted. Often those apps are invisible to the user.

Naturally, the major app stores spend a great deal of time and money trying to root out any would-be malicious apps. But device hijacking is all too common.

Once a malicious app is on your device, it goes to work creating problems for app advertisers, and potentially consumers as well.

Malicious apps can do many of the bad things that drive up ad fraud costs for app publishers. For example:

  • They can deliver thousands of ad impressions that are unseen by the device owner/user. The bad actor CPM-based media provider thus gets paid for ad impressions that never ran.
  • They can ad stack so that many ads are reportedly running in an ad space even though only one is visible to the user. The media provider is thus paid for many impressions at once.
  • They can (with Android apps) inject false clicks and take credit for installs when other apps are installed on a device.
  • They can accept IAP payments for virtual goods without transferring money to the publisher.

On the consumer side, malicious apps can also create real problems, including:

  • They can collect and transmit personally identifiable information that can be used for other forms of ad fraud
  • They can collect credit card details from consumers who erroneously believe that the app was issued by a reputable company
  • They can use lots of battery- and processing-power unbeknownst to the user

Detecting Device Hijacking in Your App Data

Often, the key to detecting device hijacking is in pattern recognition. When a single device ID delivers large numbers of clicks, for example, it can be a sign of ad fraud. Many times, analytics companies like Singular monitor such activity behind the scenes so that they can identify or block such activity.

Device hijacking can also be used to automatically install and uninstall apps to artificially boost install counts for a bad actor media source. Lots of installs and immediate installs from a single ID can be a vivid sign here.

These are just a couple of ways that device hijacking can be detected and its consequences flagged or blocked.

How Singular Helps Protect Ap Publisher Clients from the Costs of Device Hijacking

Singular offers an industry-leading ad fraud solutions that you can learn more about right here. For a capsule summary of some of the steps we take to detect and prevent ad fraud for our clients, read on.


Singular’s New Anti-Fraud Improvements

Learn about Singular’s new Enhanced Fraud Prevention Suite. See how working with Singular can help protect and defend your business. Click for details.


With Singular, app publishers have complete access to digital ad performance, media investment, and revenue data for their business. This also means that Singular has a broad sample of data from many large clients. That provides unique advantages in detecting and protecting clients from digital ad fraud. Our fraud detection and fraud prevention technologies are a mix of the best-known techniques today as well unique proprietary techniques only we can offer.

We constantly examine data flow into our unified analytics platform, looking for signs of fraudulent activity such as illegitimate networks, IP addresses, devices, mismatches in targeting, and more. In addition, Singular IAPs with the appropriate app store to ensure that cash has changed hands before recording a purchase. Also, with full uninstall and user retention insights right in the platform, Singular helps you identify sources and campaigns with suspiciously high uninstall rates.

Additionally, we have pioneered the use of ROI analysis as a fraud detection methodology. Measuring and optimizing to ROI can be a great way of identifying legitimate versus legitimate installs because only legitimate installs will be generating revenue.

No analytics or attribution company will reveal all of the defenses it employs to protect clients from the costs and inaccurate data resulting from ad fraud. But we’ll be happy to provide clients and prospects more insight into our approach. Contact us for more information on the Singular solution and how it can help protect your business.

Download The Singular Fraud Index to see The Industry’s Most Active Fraud Prevention Methods & The 20 Most Secure Mobile Ad Networks

Stay up to date on the latest happenings in digital marketing

Simply send us your email and you’re in! We promise not to spam you.