The Internet Giant Google is striving continuously to fight irrational traffic and puts to use several filters & machine leaning models. It further makes collaborations with advertisers, publishers, tech ad companies, law enforcement agencies & other third-party corporations in order to locate & avoid potential threats.
Still a recent report bared many popular Android apps that tracked user’s behavior & carried out a tremendous multimillion-dollar Android apps Ad scam strategy.
A report from BuzzFeed News Investigation exposed around 125 Android apps & websites that have stolen millions of dollars through a forged advertising network. In response to the incident, Google clamped down & blacklisted several apps & websites and tightened its restrictions.
Method of Operation of Ad Fraud
1. Scammers from a fake front company “We Purchase Apps” purchased established & legitimate applications on the Google Play Store from the developers. With the purchase, scammers offered services that would help them make enough revenue to stay buoyant.
2. The ownership of the purchased apps was transferred to a web of front & shell companies that would continue to manage the apps. These companies had its origin in Cyprus, Malta, Israel, Bulgaria, Germany and British Virgin Islands.
3. The scammers were then found monitoring and analyzing user’s behavior & interactions with the apps.
4. The data & behavior collected would be programmed into a broad network of bots to impersonate user’s behavior and actions, generate fake views & traffic and swindle advertisers and marketers out of millions of dollars with paid in-app ads, including those offered on Google’s ad platform.
5. In addition to that, these bots were used to run apps to expand overall app participation. This fake bot traffic was then mingled smartly with real user traffic to deceive the ad system & avoid any potential inspection.
6. Ads viewed by these disguised bots reap millions of dollars as ad revenue from advertisers & marketers.
7. The clever system used the real user data to mask the Fraudulent Advertising Network & generated traffic, which bypassed fraud detection systems smartly.
Insight into the Scam Advertising
Most of the Android apps detected by BuzzFeed News included games app, while other exposed apps included flashlight apps, health-oriented apps and selfie apps. Collectively, as per the data, these apps were installed for more than 115 million times with one of the apps being downloaded over 20 million times.
According to the detailed report by BuzzFeed News, a dozen of compromised apps targeted kids & teens. It further explained the shrewd way in which the shell companies were running the purchased & compromised apps, so as to avoid any potential scrutiny.
Asaf Greiner, CEO of Protected Media, a cybersecurity firm, commented on the incident that they are stirred by the composite & sophisticated methods put to use by the scammers to frame this sharp practice & what’s equally commendable is the potential of the scammers to remain under radar.
Another Fake Apps & Android apps Ad scam detection company, Pixalate, revealed that a single compromised app could generate $75 million earnings per year. However, another unidentified source added that the amount could actually outpace 10 times the Pixalate’s estimate.
Big G’s Response and Findings
Google was intimated of the Android apps Ad scam by BuzzFeed News last week, following which Google began to remove the compromised apps from Google Play Store. Further, it blacklisted additional Android Applications and websites that are outside its ad grid. Although, the largest app of all, EverythingMe, which showed 20 million Fake Installs, is still available on the official Android App Store.
In an official blog post, Google estimated that this operation stole roughly $10 million from advertisers using big G’s ad structure to position ads on the affected websites & apps. Google is continuously monitoring the operation & claimed to take action in case any additional invalid traffic is detected.
This Android apps Ad scam has, however, put a big question mark on the official Android App Store ecosystem’s legitimacy!