App Spoofing- The Big Pretend Game

For the past few years the world of online advertising has seen its fair share of fraudulent methods. Similar to almost every aspect in modern life, if there’s money involved you can bet on someone to try and use illegitimate means to try and get a piece of the action.

After going through the more obvious methods during the early days of the industry, fraudsters have slowly but surely adapted and evolved over time with more sophisticated forms of trickery, while the industry kept trying to push them back and developed tools to overcome almost each new method, in a back and forth- cat and mouse game, estimated to reach a cost of about $50 Billion by 2025.

Domain spoofing has taken the majority of attention lately as one of the more popular ways to divert advertising funds to fraudsters- with them trying to mask their poorly rated traffic from unwanted (sometimes non-existent) domains and present them to buyers as high-end, high-demand domains. While domain spoofing is already in everyone’s awareness, we’re currently experiencing the next wave of this phenomenon as app spoofing.

Similar to domain spoofing, In-app fraudsters try to gain programmatic bids for their poor in-app traffic by pretending to be a different app.

Knowing the media buying, RTB-based landscape it’s easy to understand how this type of fraud could take place and how easy it would be to conduct it.

Taking a minute to think about this type of fraud, it’s easy to come up with the apps most likely to be spoofed and copied. One only needs to go back to the infamous Methbot case study from 2016 where the largest fraud scheme to date was uncovered with millions of dollars flowing to sources pretending to be popular sites like CNN, ESPN, Vogue and The New York Times.

But we have to remember that fraudsters are usually one or two steps ahead of us- and while pretending to sell traffic from the biggest household names had its clear expiration date- they have now moved on to the next phase of this scheme- the programmatic platform “gems” buyers love so much in the form of small to medium scale publishers, usually very niche and unlikely to trigger any red lights, as they usually fall under the radar in large scale examinations- more specifically in-app based niche publishers.

As mobile tracking and protective measurements are still trying to catch up and provide a full protection suite, mobile is still considered to be a relative “wild west” with its variety of device types, OS’s and manufacturers, and this wild west is currently plagued with fraudsters- pretending to be something they’re not, affecting potential revenue for small to medium publishers as much as they did exclusively with large scale publishers not too long ago.

Using device emulators, bot farms and even simply manipulating post-backs and tags given to them by legitimate advertisers, fraud methods are varied and will continue to plague the advertising eco-system until publishers and advertisers, big and small alike, start realizing that they hold the power in this game- joining forces to eradicate this sickness from their business rather than coming to peace with its existence.