Blog Article

Mobile ad fraud taxonomy

June 12, 2018

 In our series on fighting ad fraud, Moloco proposes a taxonomy for the major classes of mobile ad fraud.


While the web advertising industry remains relatively mature, the mobile ad ecosystem is still very much the wild west. We still see a lot of M&A activity, many of the major companies are hiring very fast, and the industry events are lavish by any standard. From outwards appearances, the industry is quite healthy.

The multi-billion dollar secret, however, is that a lot of fraudulent behavior is the norm within the industry. As traffic passes from publishers to networks to attribution providers to your reporting dashboard, there are many points of failure. In our prior article we argued that networks are the worst actor, but we note that every time traffic gets passed along this chain there is an opportunity for fraudsters to step in. If networks got cleaned up, fraudsters would find a new attack vector.

To further complicate matters, this chain will continue to grow and adapt. This already happened when attribution providers first stepped into the scene. They existed initially to provide a referee to much of the ad fraud in the space. However, if an attribution provider could hypothetically be corrupted by fraudsters, then we may see additional links added to this chain.

Therefore, when considering a taxonomy of mobile ad fraud, we looked for a framework flexible enough to account for all the myriad ways the landscape may evolve. Here is what we propose

Our Taxonomy

We propose this simple taxonomy of mobile ad fraud:


While people may argue of semantics at each stage, it is clear no install could exist outside this basic rubric. In our experience, it turns out to be quite useful, as most installs can be bucketed into these categories. Let us look:

Phantom Install

This category includes fraud where there was an actual install but no download such as existing user, SDK spoofing, attribution bug.

SDK spoofing

This is a form of bot-based fraud. Fraudsters add code to one app that sends simulated ad click, install, and engagement signals to an attribution provider on behalf of another app.

Junk Install

A junk install occurs when there’s no real user behind an install. Examples include install farms, emulator, incentivized, deviceID reset.

Device ID Reset

This is the latest and not so greatest emerging source of mobile fraud. Every mobile device has its own DeviceID, which fraudsters reset between each install, to generate what looks like new clicks and, in turn, unique installs.

Install Farm

Installs farms are physical locations with sometimes even thousands of real mobile devices. Fraudsters click, install, and engage with mobile apps providing lucrative payouts and huge drains for victims.

Poached Organic

This category includes fraud such as click injection, click spamming, fingerprint abuse. Here are some examples:

Click on impression

A rotten network sends out a fake click for every impression it serves (meaning a miraculous 100% click-through rate!) and attempts to poach organic installs.

Click injection

This is a form of attribution stealing where someone else is getting credit for 80% of the installs you drive. This means 80% of your revenue is lost! The practice began at the publisher-level among a small number of apps and spread across apps. A more advanced form of click spam, after identifying a download of an app has begun, fraudsters trigger clicks before the organic install completes effectively receiving the credit.

Real Paid Install

If an install does not fall into these other three categories, we presently assume it is a “real install” and deserves attribution.


Do you agree with our taxonomy? Why or why not? Did we forget any forms of fraud that could exist outside this framework? Please tell us your thoughts. We believe the only way we can combat mobile ad fraud is by working together.

If you are interested in fighting ad fraud, we recommend DoubleCheck, a free anti-fraud suite that syncs with your existing MMP data. Please email us at or visit for additional information.

Editor’s choice

Mobile Marketing Milestones: Q&A Interview with Apptica

In this edition of Mobile Marketing Milestones, Moloco's Q&A series with mobile advertising and marketing leaders, we chatted with Ksenia Yurkina, Head of Marketing at Apptica. In this half-hour conversation, we cover how advertisers should be approaching their ad creatives, the best performing ad formats, and so much more. Check it out!

More Tips on How E-Commerce Companies Should Think About Creatives for UA Campaigns

For even more insights on how e-commerce apps should approach their creative strategy for acquiring new app users, we sat down with Adam Widener, Creative Director at Moloco. Here are seven additional tips to consider.

Mobile Marketing Milestones: Q&A With Mobile Action

This installment of Moloco's Mobile Marketing Milestones Q&A series features Muammer Ünal, Consultant at Mobile Action. In this 18-minute conversation, we cover the current state of iOS mobile advertising, how advertisers should be approaching their ad creatives, SKAdNetwork, and so much more.

Subscribe to the Moloco Newsletter

Want to learn more?