Bots, device farms and facilities kidnappings. These are some of the ways that mobile fraud affects users because they infiltrate their cell phones, often depleting batteries and increasing data consumption, among other issues. And it also puts at risk billions of dollars of advertisers who are harmed by this situation.
22.6% of the 2.5 billion non-organic installations (that is to say that they are downloaded as a result of some type of advertising campaign, as explained below) of applications that are made worldwide are fraudulent, according to data of AppsFlyer that covered the period from January to June 2019.
In the case of Latin America, Brazil leads the ranking, with an average of 20% of fraud cases, followed by Mexico with 9% and Argentina, with 5%. Although in recent times the number of frauds fell, the problem persists: 2.3 billion dollars were exposed to fraud during the first half of the year.
Difference between organic and non-organic installation
There is talk of organic installations when the download of the app occurs directly in the digital store through a manual search by the user. On the other side are the non-organic installations, which are those downloads that the user carries out, driven by some advertising strategy: for example when they are redirected to the download link from an advertisement, they explained to Infobae from AppsFlyer.
The main objectives of scammers are large applications, with significant volumes of non-organic installations. And the most affected markets are usually emerging markets such as Latin America, India and Indonesia. If it is analyzed taking into account the operating system, in Android these frauds are 6 times higher than in iOS and 80% of fraudulent installations are bot products.
The main methods of fraud
Facilities Abduction: This technique uses malware hidden in real applications that fraudsters create or buy from other app developers that offer photo or video editing services, for example. When users install the infected application, the malware gains access to the installation information of all device applications.
Then, it begins to constantly monitor the installation of new applications. And when it detects the installation of an app promoted by a user acquisition marketing campaign, The fraud application generates a click from the device with a conversion ID assigned to the scammer itself. As a result, the installation of said application is self-attributed, stealing the payment that the genuine advertising source that generated the download should receive.
Device farm: It is one of the oldest types of hoaxes. This occurs in a physical place with many devices where scammers manually perform different actions, such as clicks, installations, records, views, impressions, etc. All this is done to create the illusion of legitimate activity. They are also used to generate false followers on social networks and produce false visualizations, ratings and reviews.
Bots: These are automated systems that, in this case, are used to simulate an installation on a device by sending false installation information, such as an event or transaction, to the tracking provider. However, there is no real installation on a physical device, but it is a simulation. In other cases, bots that manage to enter the device are used in some way to generate false ad impressions, fraudulent clicks and actions in an application.
Who are affected by these frauds
Users are harmed because these systems that run behind consumes battery and data. Moreover, those invalid clicks affect advertisers, agencies, content creators and companies such as Google or Facebook that are some of the most important within the digital ad ecosystem.
Google explains, in its official blog, that they use machine learning, automatic filters and manual review to block and prevent invalid or fraudulent activity. The company has a large team of engineers, researchers and data specialists who monitor and analyze traffic to prevent advertisers from paying for invalid clicks, interactions or visits.
When the company detects, either by automatic filters or after a manual review that there were invalid clicks, they are removed from the reports and payments so that they are not paid for them. The company also alerts advertisers, as creators of different types of content that have close monitoring of the traffic source and verify the implementations.
What the end user can do
As already mentioned, excessive battery or data consumption may be an indication that the mobile was affected by malware, although this does not always happen. You can also check which applications are installed and verify what permissions the apps access.
If there is any suspicion that the mobile is affected in any way with a malware or that it is being used to generate false clicks, the most convenient thing is to unpack the suspicious app, clear cache and ultimately do a factory reset, suggests Federico Teti , cybersecurity specialist, although this is not always enough.
"Sometimes it is not really known how much malware has infected. There are some demos that show that RAM is still maintaining malicious code, even after a factory reset," Teti said.
Source link
https://www.infobae.com/america/tecno/2019/09/06/bots-y-granjas-de-dispositivos-asi-pueden-infiltrarse-en-los-celulares/
