Click Flooding, popularly known as click spamming is one of the most recurrent types of fraud in the mobile industry. This practice has been known quite for a long time, and even though its detection is easy to be done, click flooding until today affects a lot of unaware advertisers, taking a huge piece of their budgets.
Click flooding/spamming as the name already says it’s when a network/publisher sends a huge amount of clicks hoping that it will be rewarded by the last click when a user downloads an app organically. Basically, they try to manipulate the attribution of an install, by sending a lot of clicks on behalf of the user, without the user even being aware of it, hoping to be credited by the last click.
But how does it REALLY work?
For this type of fraud to be successful, it needs the user to enter on a fraudulent mobile webpage or to download an app that has malware on it, which is a malicious code programmed to take advantage of your activity or do harm to your phone, just like a virus.
If the user enters a mobile web page the fraudsters will start sending a lot of clicks with their click bots, in the background, even though the user will not notice it. Sometimes they even generate ad impressions as click making their page look as it has an amazing engagement which in fact it doesn’t. They send hundreds of thousands of clicks this way.
In the apps, the click flooding is a bit different. When the user downloads an app that has malware, once the app is opened, this malware will execute itself and will start generating clicks in the background without the user noticing it while the app is running, even sometimes the malware can generate clicks anytime, 24/7 while your phone is on, depending on how complex it’s code is. Those hundreds of thousands of clicks will be sent to different publishers/networks to try to get paid for any install that the user does organically afterward. So instead of being labeled organic by the advertisers, this user will be labeled as if it came from a network/publisher X or Y and the advertiser will reward and pay the network/publisher accordingly.
How to detect and stop it?
First of all, every app marketer needs to know what a CTIT is, a click to install time. It’s the time it takes from the user’s click until he opens the app after it’s downloaded, (when the install occurs). This is the lag time between a click and the install event, it’s called click to install time. This analysis of CTIT helps detect several ad frauds, click spamming is one of them.
On average, click-to-install time is normally distributed, of course, several things impact this analysis, the app size of the app, type of network used to download, etc… But most of the users will install the app right after clicking on an ad. An industry benchmark says that about 75% of the installs occur after the first hour following a click. A normal CTIT distribution of installs on a graph should look like this:
There are two main factors we can identify on click spamming, the first is the huge amount of clicks, which generates an extremely low conversion rate (CR), and also an uneven distribution of installs, having a lot of installs after days from the click, instead of hours or even 24h as it usually should. A CTIT distribution of installs with click spamming activity should look like this:
Now that you already know how to recognize a click spamming activity and even know how it works. You can analyze the CTIT of your campaigns and of the different publishers and be certain that you are not getting any new users from click spamming. Buying a mobile fraud detection tool and partnering up with trustworthy agencies it’s another good step to be safe while doing user acquisition. Rocket Lab is one of them. Contact us if you want to know more about how to run campaigns safely and be certain that you are allocating your budget to impact real users.
In our next blog post, we’re going to show how to be protected from another type of fraud very common in the mobile industry. Stay tuned!