Resource Label: Fraud

We asked 1500 marketers how they choose ad networks, and the answer was ‘all of the above’

Is it scale? Quality? Lack of fraud? Personal service, or a great digital experience? Amazing technology? Or perhaps a tight focus on your particular niche?

We recently asked 1,500 marketers a simple question:

How do you choose ad networks? And what are the most important elements of that decision?

According to the responses, it’s pretty much all of the above. If they were absolutely forced to just pick one, completely compelled to isolate one single most important factor — on pain of losing their quarterly bonuses or maybe even the free triple-venti-soy-no-foam-lattes at the office — it’d probably be scale and reach.

But it’s a tight competition with the other options.

We only surveyed marketers who actively run ad campaigns. And the results make it clear that ad networks have their work cut out for them, because marketers are not easy customers. Quite simply, when it comes to choosing an ad network, they want it all, and they want it now.

As we all know, when everything’s a priority, nothing is a priority.

Looking at the results, we’d almost be tempted to say that when marketers are asked to choose ad networks, they don’t have a clue what the most important factors are.

But that’s probably unfair.

Individual marketers probably have a pretty good idea what works for them … and how to improve it. However, it is clear that marketers as a group lack consensus on what’s most important in finding new ad partners.

And that might just be the nature of the beast:

It’s not like this is easy.

Of course fraud protection is important. Of course scale matters. Of course a media source’s target tech can be a difference-maker. It never hurts when an ad network has special ability to focus on your specific vertical. And getting the best quality traffic, users, or customers is essential.

So it’s no surprise which ad networks marketers trust most.

We asked the same marketers that question, and the top four were names your grandparents recognize: Google, Facebook, Amazon, and Apple. They’re all massive companies, name brands, and have largely walled garden ad ecosystems, which typically means extremely low fraud.

But your marketing can’t end there.

Why?

We know that most marketers who are successful use many ad networks. In fact, they typically achieve 60% more conversions with 37% less cost. That’s not easy, and it takes work. Profitably scaling media sources is hard.

When everything matters, all your decisions are challenging. Because not all ad networks have huge scale, or super-strong fraud protection, or amazing targeting. But there are typically pockets of profitable growth spread in many different media sources.

Need help? Two ways we can help you choose ad networks:

  1. Get our Scaling Mobile Growth Report to find out why this matters
  2. Check out our Singular ROI Index, coming out soon. It will reveal the highest-ROI ad networks on the planet.

3 martech tools mobile marketers absolutely need to achieve outsized results

The very best mobile marketers get more while spending less than average marketers. We’ve seen it in the data.

But questions remain.

How do they achieve outsized results? Are they just smarter? Do they pick better ad networks? Did they choose the right agency that just happened to massively over-deliver?

None of the above. Instead, what our research shows is that super-successful marketers who outperform their competitors have a number of unfair advantages. To put it simply, they use the right tools.

For one thing, marketers generally recognize that working with more ad partners increases your chances of success. Research indicates that, Singular’s data proves it, and marketers instinctually recognize it.

So why aren’t marketers doing it? Perhaps the most important reason: they lack the right tools to manage multiple ad networks at scale.

Here are the three tools they need:

Essential martech tools: measurement

Without the right tools to measure, manage, and optimize your marketing spend, marketers have to deal with too much incompatible data, too many reports, too many dashboards, and too many incomplete perspectives on their overall picture.

Marketers need a way to see the big picture: all their data normalized, standardized, and visible in one place.

Essential martech tools: optimization

Once marketers’ data is assembled and accessible, it becomes a gold mine of valuable insights that the right platform can reveal. That means marketers don’t have to guess where they’re getting more value.

They know.

In addition, growth marketers don’t have to wonder how different creatives are performing: they know. They can compare ad units and creative across all campaigns and all platforms, understanding which images, text, and playables resonate with which audiences across all their ad partners.

Essential martech tools: management

When they add new networks, marketers also open themselves up to increased risk. They need a way to assess the relative quality of traffic, clicks, conversions, and installs from each ad network, and ensure they’re not paying for non-converting users.

In short, marketers need a way to maximize ROI and control fraud.

None of this is easy

Digital marketers generally know two or three “safe” sources of traffic, clicks, app installs, and conversions. The big two, Google and Facebook, are usually in that picture. After that, Amazon is getting some play — although mostly in consumer goods — and Apple Search Ads is growing as well.

But beyond these names many mobile marketers simply aren’t sure where they should go, which networks are trustworthy, and who they should try.

“Scaling mobile partners is hard,” says Barbara Mighdoll, Senior Director of Marketing for Singular. “It requires more effort, and without the right tools, you take more risks on fraud and traffic quality.”

Scaling is challenging, but without scaling, marketers are left in the same boat as all the others: mediocre results at high cost. And without the right tools, it’s almost impossible to scale ad partners safely.

The solution? Get the right tool.

For more information and details on how the best mobile marketers are achieving outsized results, download Scaling Mobile Growth: How smart marketers pay 37% less and get 60% more today.

What online marketers and ad fraud criminals do and don’t have in common

The recent news about the Department of Justice’s takedown of the code-named 3ve and Methbot ad fraud schemes, including the arrest of three individuals and the indictment of five more, is cause for celebration.

A coordinated effort over several years from the FBI, White Ops, Google and many others shut down a hefty chunk of the $19 billion that Juniper Research estimates will be stolen this year by digital ad fraudsters.

Not only did this operation save advertisers millions in useless spending, the criminal indictment could deter smart, creative individuals from getting into the fraud business in the first place. U.S. law enforcement now has the chops to take down these white collar criminals operating in faraway places like Russia, Bulgaria, and perhaps living it up in Malaysia, where Sergey Osyannikov, one of the defendants in this case, was arrested.

Fraud makes life difficult for everyone.

In a recent survey of 1,100 advertisers by Singular, we asked: “What are the impacts of not having good marketing intelligence about your ad campaigns?”

The #1 answer?

Poor quality traffic, mentioned by 57% of advertisers. The #2 answer was high fraud, mentioned by 50% of advertisers. What we don’t know is how much of poor quality traffic is attributable to fraud, but I’m guessing a good chunk of it is.

Reading the official indictment document (pictured above) as well as the White Ops whitepaper and news coverage offers insight into the practices and mindset of these persistent and creative individuals who managed to collect an estimated $29 million from one scheme and $7 million from another.

As someone new to Singular, which offers built-in fraud protection for marketers, and who’s spent the last 6 years covering HR and recruiting topics for Simply Hired, Glassdoor, and Lever, I couldn’t help but look at the human side of how these people operated, and consider what we can learn from them.

Fraudsters are perhaps the most successful growth managers—that is, until they get caught.

Here’s an assessment of what marketers and fraudsters do and don’t have in common.

Similarity #1: Think broadly and creatively

These criminals took a comprehensive approach to create their fraudulent networks, looking at every parameter of cybersecurity requirements in order to build networks that would go undetected.

The malware they created that was installed on 700,000 computers at any given time opened hidden windows on hidden desktops in order to go undetected by users. Their bots simulated mouse moves across on tens of thousands of spoofed domains and sent fake audiences to real domains. They also make sure that the malware was installed on computers in countries that were in demand. In short, they considered everything.

Marketers today have to think broadly about their campaigns: what money is being spent where, which creatives are working and why, and consider the marketplace dynamics at play. They use their creativity to find new sources, adjust campaigns, and relentlessly pursue growth.

Similarity #2: Collaborate and assign clear roles

The investigation revealed the roles and responsibilities of each of the eight men. There were several programmers, and several who ran the business side and controlled the funds. Whether you’re a legitimate marketer or a fraudster, it takes a village of specialists to scale an operation.

From the press release:

“3ve was remarkably sophisticated,” added Tamer Hassan, CTO of White Ops. “It showed every indication of a well-organized engineering operation with best practices in software development. It exhibited reliability, resilience and scale, rivaling many state-of-the-art software architectures.”

Interestingly, the collaboration tools they used were pretty similar to the ones used by marketers: spreadsheets in the cloud. (Fortunately, they will never have the benefit of a marketing intelligence platform like Singular that serves as a single source of truth around business results.)

Similarity #3: When you have a good thing, keep it going

These schemes ran for years, detected only by the investigators.

It was their Candy Crush Saga, a top-grossing app of all time that they kept optimizing—until their time was up. While it’s unfortunate that so many advertiser dollars were spent on fraudulent traffic, the law enforcement long game ensured the networks would be shut down for good and at least some of the fraudsters could be caught.

Twenty organizations, including Google, Microsoft, Amazon and Adobe donated resources to take down the scheme. Consider the ad dollars spent as donations to fighting crime.

Similarity #4: Retaliation will get you fired

ZDNet coverage of the Zhukov arrest says that “Zhukov exposed his operation during a fit of rage after a deal with a customer went wrong, and he turned up all his servers against that customer’s video inventory, generating millions of views, and indirectly catching the eye of advertising networks.”

It can be difficult to hold down a job if you have an anger management problem. But instead of just moving on to the next gig, Zhukov faces a maximum penalty of 20 years in prison.

Difference #1: You can be proud of your profession

These men have friends, families, partners, and spouses—all to whom they have to lie about what they do for a living. While it may be difficult to explain your occupation to those who don’t work in the industry, it’s far less pressure than having to blatantly lie.

Not only that, as a legitimate marketer you have a wealth of resources and tools such as Singular to support you, and you don’t have to manage your business in cloud-based spreadsheets.

Difference #2: You can spend your bonuses guilt-free

The 3ve defendants were indicted on two counts of money laundering, one for each scheme. It takes a lot effort to conceal large sums of money across nations.

While you probably don’t get to reap millions for your the work you do, at least you can spend your bonus guilt-free on whatever you want, whether it’s an exotic trip or home renovation.

Difference #3: Your work creates happy users, not ad fraud victims

At the end of the day, it’s nice to know that your work to acquire more customers results in moments of joy, satisfaction, or productivity as they consume your company’s product.

The 3ve defendants left a trail of victims: thousands who work in the online industry, and millions whose computers were affected. As a marketer, it’s gratifying to read this list of victims shown in the indictment:

At Singular, we’re proud to say that by offering ad fraud prevention, we’re doing our part to help fight crime.

If fewer advertisers spend on fraudulent sites, the less motivated individuals like these men will be to waste their talents working in fraud. After all, they just might end up in jail with Aleksandr Zhukov, Yevgeniy Timchenko, and Sergey Ovsyannikov.

Request a demo today to learn how our fraud prevention suite improves ROI by reducing spending on fraud.

The different faces of mobile ad fraud

Digital ad fraud is estimated to have cost US marketers $6.5 billion in 2017 (Marketing Week 2017). Fraud prevention is not only a nice to have but a necessity nowadays.

Ad fraud is when an individual or group attempts to defraud advertisers, publishers or supply partners, by exploiting advertising technology with the objective of stealing from advertising budgets. It is particularly challenging for marketers to deal with because it comes in variable forms and it has the capacity to evolve and bypass the latest prevention methods.

Today, there are two forms of fraud in particular that app marketers are grappling with: Fake Users and Attribution Manipulation.

Fake Users

Fraudsters use bots, malware and install farms to emulate clicks, installs, and in-app events, causing advertisers to pay for an activity that is not completed by a real user.

Fake User fraud is most commonly perpetrated via:

Install farms, which consist of humans who are paid to manually install and engage with apps across a large number of devices.

Mobile device emulators that simulate a large number of unique device IDs used in fake installs.

Data centers that host scripts to generate fake installs and other types of events at massive scale.

Proxy servers that are used to reset IP addresses and spoof device-level information (like location, to emulate installs in other countries)

Attribution Manipulation

Fraudsters steal credit for installs by sending fraudulent clicks, which results in attribution systems recording sent clicks as the last engagement prior to the first time an app is opened, thus assigning credit to the fraudulent source and removing credit from an app’s organic or paid sources.

Attribution manipulation is a particularly harmful form of fraud because it not only costs marketers their spend, but it also corrupts performance data, causing marketers to make misguided acquisition decisions.

For example, the damage inflicted by a fraudulent source poaching organic users is twofold: an event reduces the number of organic users in a marketer’s analytics, as well as the perceived impact of organic user traffic on revenue growth. This can cause organizations to shift marketing away from efforts that target organic acquisition such as ASO or content marketing. Additionally, this can make a marketer invest more money in the fraudulent source, thereby diverting spend away from high-performing channels that drive legitimate traffic.

Attribution Manipulation is most commonly perpetrated via:

Click Injection

When fraudsters create apps that are legitimately downloaded by a user but, unbeknownst to the user, monitor the user’s device for installs and insert fake clicks before an app is first opened.

Click Spamming

This occurs when fraudsters send large numbers of fraudulent click reports with real device IDs in an attempt to poach organic users by delivering the last engagement prior to an install. Because attribution windows are typically limited to finite time periods, fraudsters often re-send fraudulent click reports in order to maintain their clicks as the last engagements within the attribution window.

While click injection is focused on sending clicks at the moment immediately before an app is first opened, click spamming is focused on sending clicks that contain a unique device ID in the hope that an ID matches that of an organic user who subsequently downloads the app. Compared to click spamming, click injection is a more sophisticated form of fraud that is easier for fraudsters to control and to hide. Because click injection receives signals that an app has been installed directly from a user’s device, click injection attacks are more targeted and therefore deliver better results for fraudsters.

Thankfully there are indicators to detect such scenarios. Since click injection generates a click after installation is complete, it tends to result in a short click-to-install time. Click spamming, on the other hand, results in abnormally long click install time, due to clicks lingering in the attribution system until a device with a matching ID organically installs the app. TTI analysis is one of the leading mechanisms to fight attribution manipulation and fraud in general.

Other forms of Attribution Manipulation also exist, including:

Network Click Fraud

Networks that report a click when only an impression occurred.

Fingerprinting Fraud

A technique that targets organic users for fraudsters to send clicks with no advertising IDs, causing attribution systems to fall back on fingerprinting — which relies on identifiers like IP address, device model, and OS version — to perform attribution. If an organic user on the same network installs the app, and other identifiers match up, the fraudulent source steals credit for the install from the organic source.

More info

Want to get the full scoop on mobile ad fraud prevention, including a list of the most secure ad networks for app marketers, and the most effective fraud prevention methods?

Check out the Singular Fraud Index; the first of its kind to utilize mobile fraud data collected from multiple attribution providers and fraud prevention tools.

App Fraud Around The Globe

From Korea to Kentucky, mobile app fraud is costing marketers around the world a boatload of cash.

For mobile app marketers launching campaigns in different countries, it’s important to know where in the world you’re most at risk, and which types of fraud you’re most likely to encounter in certain markets in order to implement the most effective safeguards.

In this post, we’ll give an overview of the most high-risk markets, as well as the different anti-fraud mechanisms at your disposal as you launch mobile campaigns in new markets.

First, let’s dive into common mechanisms used by third-party anti-fraud solutions to detect and prevent mobile app fraud:

IP Filtering

IP (or Internet Protocol) addresses are temporary identifiers assigned to each device on a network. When a mobile app install is registered, marketers typically collect the IP address of the device that installs the app. In order to filter against IPs that don’t belong to real users or are mislabeled or masked, analytics providers maintain large, self-updating lists of IPs associated with data centers, TOR exit nodes, VPN services and other IP masking services. Analytics providers use proprietary heuristics to identify fraudulent IPs across their customer base and add fraudulent IPs to so-called “blacklists”. Any install associated with an IP on an IP blacklist is rejected, ideally keeping your campaigns free from fraudulent IPs.

MTTI Outliers

Meantime to install or “MTTI” refers to the mean time between a user clicking an ad and installing an app. MTTI tends to vary by app vertical and network — for example, some apps tend to have a low MTTI because users download the app right when they need it.

Advertisers and fraud mitigation experts monitor MTTI closely as irregular MTTI distribution for a given app can be an indicator of click injection or click spamming fraud. For instance, in the case of click injection, fraudsters detect when apps are downloaded on a device and trigger clicks right before an install completes, thereby stealing credit for the install from the rightful source. In such instances, conversions may appear to occur within an extremely short MTTI, signaling suspicious activity.

Yet, as with most detection mechanisms, sophisticated fraudsters have caught on to MTTI outlier detection and have become increasingly adept at outsmarting this form of detection by obscuring MTTI anomalies. In response, app fraud mitigation experts must constantly upgrade their distribution modelling in order to catch this type of trickery.

Geographic Outliers

The majority of installs happen within very close proximity to an attributed click. Thus, a common indicator of a fraudulent activity is when an install occurs far from the geographic location of the corresponding click. Some analytics providers perform statistical analysis on the geographic distance between installs and clicks for a given app, and when statistical anomalies arise, providers flag these installs for inaccurate geo-targeting (when a source fraudulently runs ads outside the geographic target specified by an advertiser) or as downright fake installs.

Too Many Touch Points

When an app receives an irregularly high number of clicks from a given source it can be a sign of click spamming. Click spamming is a fraud scheme designed to poach organic or paid installs. Bad actors send fraudulent clicks to an advertiser in the hope that by random chance one of the clicks is credited as the last click before an app install. To prevent this form of fraud, advertisers and their analytics providers often measure the number of matching clicks for a given install and flag app installs where the number of clicks exceeds a certain threshold.

Now that we’ve established the most common fraud detection mechanisms, let’s dive into some markets around the world where advertisers are most at risk of app fraud.

Across the globe, mobile app fraud is distinctive from financial fraud in that app fraud is actually more prevalent in developed nations. Research shows that countries with the highest cost per action (CPA) and cost per install (CPI) payouts have higher fraud rates. After all, the incentives for fraudsters are the highest in these regions, while the consequences of getting caught remains the same.

Such high-reward regions include countries like Germany, Australia, the US, UK and China. Meanwhile, countries with relatively low payouts have a lower fraud rate — including countries like Indonesia, India, Brazil, Vietnam and Thailand.

China, in particular, has seen digital ad fraud surge in recent years. According to China-focused analytics solution AdMaster, in 2016, invalid traffic increased from 28.9% to 38.7% of total advertising traffic.

Another study, produced by fraud solution WhiteOps, compared ad fraud rates among European sources to fraud rates among U.S. sources. The study found fraudulent traffic from the U.S. is “significantly higher” than European nations. Specifically, 21 percent of impressions from U.S. domains appear to be fraudulent invalid traffic from non-human sources, concluding fraudsters have “infiltrated the U.S. advertising ecosystem to redirect large amounts of advertisers’ budget and traffic to bots.”

Traffic sources in Latin America fared relatively well, especially compared to North America, various studies have shown. One such study, conducted by antifraud solution DoubleVerify, found just one percent of display ads in Latin America are fraudulent, compared to the U.S., where six percent of display ads are fraudulent.

Notably, DoubleVerify found that across the globe, fraud arising from bots has started to decline as anti-bot solutions and ad-blocking software have started to take effect. Yet “infected browsers” are emerging as the new leading cause of fraud. Instead of bots creating “ghost” browsing sessions, fraudsters are now manipulating a user’s active browser, making it harder to pinpoint and prevent.

Wherever you’re targeting new users or user re-engagement via paid ads, app fraud will inevitably rear its ugly head. And while it’s somewhat counterintuitive, data shows that regions with the highest-spending users are actually the most susceptible to app fraud. Sophisticated marketers must keep these trends in mind while launching global campaigns, and equip their teams with the latest detection tools to prevent fraud from harming performance and adapt to fraudsters’ constantly evolving attack patterns, wherever they might emerge.