6 of the Worst Examples of Ad Fraud in History

by | Insights

We’ve explained how ad fraud is still far more effective than it should be, thanks to a combination of continuously adaptable fraudsters, inattentive brands, and heavy, bloated ads that contribute to the issue by looking, well, fraudulent, even if they’re not.

We thought you’d like to see for yourself what the very worst of ad fraud looks like – because you need to know your enemy to be able to fight it.

6 of the Worst Examples of Ad Fraud

1. We Purchase Apps

In 2017, founders of startups producing Android mobile apps that had been identified as having a particularly high user base received emails from representatives of a company called We Purchase Apps. They were offered a meeting about possibly selling up their creation to this shadowy organisation.

On closer inspection, things didn’t look entirely legit. The company had a UK phone number, but a registered office in New York that seemed to be someone’s house. Google searches on We Purchase Apps’ earlier activities produced few, if any, matches. These things raise alarm bells for most conscientious founders.

They raised alarm bells for the founders who sold their apps, too – but the figures being offered, often for very simple selfie-manipulation apps, or unsophisticated mobile games, were too high to turn down. It became, for the founders who sold up, about making sure the cheque got banked, and letting We Purchase Apps do what they wanted.

What happened was that fraudsters associated with We Purchase Apps tracked the users of the apps, finding out enough about their typical behaviour to program bots to follow the same routines, in one of the most sophisticated examples of ad fraud the world has ever seen.

If not for Buzzfeed News uncovering this criminal activity, it might still be taking place, owing to the way affected platforms often seemed to shrug their shoulders when asked about it. Unfortunately, that is often the way when it comes to ad fraud – the perpetrators are helped by major multinationals who don’t want to get their hands dirty.

2. HummingBad

While not all of the fraudulent ad practices come from China, it is reasonable to say that there is fertile ground for potential fraudsters among the country’s enormous Android userbase and app infrastructure.

HummingBad involved Yingmob, a group of people who were experts at hacking and producing malware, and who developed a program that could penetrate the thin security on most mobiles, causing chaos for advertisers and bringing massive profits to the fraudsters.

They worked with a professional analytics company, who were able to crunch the data being harvested and establish behaviour patterns from it. The HummingBad malware would install itself on Android devices, the controlling the device for the profit of Yingmob and associates.

The result was more than 10 million devices controlled, and at least $300,000 per month in revenue diverted due to the fraudulent practices. Thanks to Android being the Wild West when it comes to unapproved and virus-laden apps, Yingmob or similar groups could still thrive in that space.

3. Chamois

A chamois is a type of mountain goat, known for its resilience, adaptability, and the way it is able to find food in the most inhospitable places; for these reasons, it was the perfect name as chosen by Google for a number of related kinds of malware housed in thousands of apps, some of which make it through to Google’s Play Store.

The apps skew traffic numbers using pop-up ads, while also committing SMS and other forms or fraud using hidden apps installed while the user was looking at the ad. The hidden apps are only really ever possible for experts at the back end of an Android OS to remove, given that they are in the phone’s registry, but not on the app list, and so getting rid of them is not simple work.

Maybe the threat could have been detected earlier, but the malware was contained within so many apps that it proved too difficult to isolate the ones which were problematic. Google eventually got rid of the worst of the Chamois-affected apps, and also now has safeguards to ensure that all apps, even hidden ones, can be removed from an Android phone, so respect has to go to Google for acting quickly on this.

The Android operating system is at considerable risk from ad fraud (photo: Greg Froning, Unsplash)

4. Coinminer

Malvertising is another way of talking about malware that gets to end users’ computers and mobile devices through advertising.

The aim of Coinminer was to help its creators mine bitcoins, using the computers of unsuspecting people who downloaded it as vessels for the effort. Typically those who had Coinminer, which came to prominence first in 2011, on their systems, would find that the performance of their computers dropped through the floor as a direct result of the extra things their systems were being asked to do.

The majority of modern antivirus systems got wise fairly quickly to Coinminer, but, showing what a cat-and-mouse game it can be to catch ad fraudsters, the time when Coinminer was active was still an incredibly profitable one for a few crafty Bitcoin speculators.

5. The Thai WeChat Click Farm

We’ve talked at length about click farms and how they can be, at best, an utter nuisance, and at worst, a revenue-destroyer companies, but what might not be clear is the sheer scale and size of the operations. Those which have been cracked by law enforcement have revealed bank after bank of smartphones, with a few people working terrible hours in order to make the maximum amount of money for themselves and their fellow fraudsters.

Thailand was the location of a click farm recently busted by the law, and the Chinese-run farm, near the border with Cambodia, was reckoned to contain 300,000 SIM cards, some of which were in 400 iPhones, placed on shelves that would look a bit too overstocked in your local mobile phone shop.

The pictures from inside the click farm, where workers’ comfort was not taken into account to any great degree, were startling to anyone unaware of the problem, but also stood to illustrate how much ad fraud is a problem for both advertisers and consumers, and one which needs to be addressed.

This particular click farm was designed to boost engagement for products sold in China on the WeChat social media platform. Staff were operating a large number of bots which were gaming the algorithm on the platform, which is a leading messaging and entertainment platform in China.

6. Zirconium

In 2017, Zirconium was the largest outbreak of malvertising, and worked through a complex system of false redirects. Zirconium’s creators would sell ad space to shady and dangerous sites that claimed to be working in affiliate marketing; while all this was happening, the user would think that they were experiencing software issues, thanks to continued bogus redirects and notifications they needed to update their Flash player.

This was all packaged up in a legitimate-seeming affiliate marketing network, in one of the most elaborate and, for a time, productive ad fraud networks we have seen. MyAdsBro promised, through some poorly-designed but still convincing-looking pages, replete with stock photos of businesspeople, the opportunity to make a share of the revenue for ad impressions. Monies were, it seems, paid out in cryptocurrencies.

Through its use of forced redirects, Zirconium was employing one of the oldest tricks in the book, but in a way that was new, novel, and highly nefarious.

What Can We Learn from All This?

It’s of vital importance not only to the public but also to your brand not to get tied up, even inadvertently, with ad fraud. In this article we’ve highlighted the very worst that fraudsters can come up with, but this is just the tip of the iceberg. Don’t be a victim, and don’t put your brand through the negative consequences of it. Safeguard your reputation through simple steps that will pay off time and time again.