What Exactly is Ad Fraud, Its Examples And Why Businesses Must Avoid It

Abisola Tanzako | Mar 01, 2023

With today’s remarkable growth in the digital advertising and online marketing industries, digital spending has surpassed traditional advertising as the most critical source of revenue in the US.

Of this, Facebook and Google control a large portion; Facebook’s estimated revenue growth is 32.1%, and Google Advertisers’ spending will increase by 14.8%. Google holds 40.7% of the US digital ad market, while Facebook holds 19.7%.

However, with every great innovation, the introduction of abuse inevitably follows, and the world of online advertising is currently a desirable location for fraudsters. 

Therefore, the abuse of digital is the most significant difficulty that publishers and advertising now confront.

According to research, the sole cost of ad fraud was $81 billion in 2022, and it is predicted to reach $100 billion in 2023.

What Is Ad Fraud?

Ad fraud is any effort to deceive online advertising networks into profiting financially. For financial advantage, this fraudulent conduct is carried out by tricking advertising platforms into believing that fraudulent activity on the web is user engagement.

As ad fraud comes in many forms and levels of sophistication, including some that involve actual persons, these fraudsters often utilize harmful bots to carry out their schemes. Still, there are several additional ways to trick advertisers and ad networks into paying them for fictitious activity.

Types Of Ad Fraud

Click Fraud

One of the most prevalent online threats for pay-per-click (PPC) advertisers, website owners, and mobile app marketers is click fraud. Fraudsters try to pass off fake user activity and ad clicks as accurate. Their malicious behaviors aim to make money for website owners while wasting advertisers’ PPC funds.

Click fraud is a sort of online fraud where fraudsters use bots to click on advertising while posing as actual individuals frequently. One of the easiest ways to waste ad budget is by creating misleading impressions of the relationship between clicks and purchases with these fraudulent clicks. They may be the click that initiated an app’s installation, a website visit, or a marketing conversion.

Ad Injection

Ad injection is the introduction of unwanted or malicious advertising onto a website without the owner’s permission. These fraudulent ads are either added to the website instead of the present ads or placed next to legitimate advertisements.

Malware, such as hacked browser extensions, plug-ins, and apps, often injects advertisements. Because it affects the user experience and tarnishes the reputation of the website where the ads were injected, this kind of fraud can harm both advertisers and publishers.

Ad Stacking

The purpose of this ad fraud is to increase ad impressions. Ad stacking places many unviewable ads on top of each other, with users only seeing the top ad.

Given that those ads are stacked one on top of the other, even when they aren’t visible, impressions are still recorded for all of them. Regardless of whether the user sees only the ad at the top of the stack, the fraudsters get paid for the impressions each ad claims to have received.

Click Injection

Between January and August 2020, click injection was to blame for 13.35% of all mobile ad fraud worldwide. A more sophisticated kind of click fraud is known as click injection. These concentrate on mobile apps, allowing fraudsters to track when a user downloads an app to receive credit for the installs.

This type of false ad engagement means that even though the app installs are authentic, advertisers will still spend money with the malicious advertising partner. Installing a basic, free app is how click injection operates. The program might perform its straightforward job as promised, but its true goal is click-injection fraud.

Geo Masking

Geo-masking is a trick used by fraudsters to pass off low-quality traffic as high-quality, so they can charge more for it when selling it to advertisers. Fraudsters employ fictitious IP addresses of users to provide false location information, enabling the advertisement to be seen by users beyond the target area.

Domain Spoofing

One of the biggest challenges to publishers is domain spoofing, which occurs when scammers use a premium website to hide their genuine URL. This indicates they are deceiving consumers, advertisers, and publishers into paying excellent prices for low-quality advertising space. This type of ad fraud enables fraudsters to profit off publishers’ ad space by charging whatever they like, leaving the publisher with nothing.

Furthermore, content that has been scraped and posted on a fraudulent website can also be used in domain spoofing. The goal is to make the website appear and feel as authentically as necessary so that the website can make money from displaying advertisements. 

5 Examples of Ad Fraud that have plagued the advertising Space


Zirconium is an ad fraud operating more effectively than many large corporations. It was put together in a way that looks natural in affiliate marketing. Meanwhile, it used ads promoting fake Adobe Flash updates for Windows and Mac. Mac users are becoming more concerned about security. As the success of the affected Adobe Flash campaign waned, Zirconium targeted Mac owners with fake antivirus campaigns. Companies linked to Zirconium include; phone spying software, a fake cryptocurrency exchange, a credit card processor, and Ponzi scams. Many of these were disclosed by the company in its UK corporate filings.

Zirconium targets user traffic and landing pages using the technique of forced redirect, which takes the user to a page corrupted by affiliate fraud or malware. 

The Thai WeChat Click farm

WeChat is China’s most prominent online social media platform; it was created in 2010 and incorporated a text-messaging service similar to WhatsApp and marketing for online stores. Click farm is a sort of online fraud where fraudsters illegally use hundreds of smartphones as bots to increase readership numbers of the pages on the internet falsely.

Although it was raided in its location in Thailand in 2017, where the Thai police found hundreds of smartphones on metal frames connected to computer monitors, as well as almost 350,000 unused SIM cards.


Users of the Coinminer app continued to lament of poor performance of their computers. Unknown to them, fraudsters gained access to their computers through Coinminer to carry out botnet campaigns.


Chamois is a fraud botnet on Android that can generate invalid traffic through ad pop-ups with deceptive graphics inside the ad, perform artificial app promotion by automatically installing apps in the background, and perform telephony fraud by sending premium text messages after downloading and executing additional plugins.

Unfortunately for Chamois, google’s Verify Apps helps users discover and delete them. Google also has ways to ensure all apps, including the hidden ones, can now be deleted.


HummingBad malware was created to trick users into clicking on mobile and web ads, which generates advertising revenue for its parent company, Yingmob.

HummingBad went as far as gaining root access to Android devices and was used to do virtually anything the attacker wanted, from spying on your personal information to stealing your bank login details. The malware is synonymous with a burglar who gains a secret passage to your home, leaves writing on the way, eats all the food you have, and later shares knowledge of the private course with someone else willing to rob you.

For safety purposes, it is advised for Android users to go only to trusted stores and vendors, run some threat prevention software, and have a great backup of their data ready in case they need it.

The Impact of Ad Fraud on Businesses

Ad fraud is a significant problem that affects people and their businesses. It drains ad budgets rapidly, which is, of course, a massive hindrance to business efforts, but there are also other consequences of ad fraud on businesses of all sizes.

Damage to Business Reputation

A company’s reputation is a general view of the company, and how it operates can change over time, either for good or bad. Now the impact of ad fraud, which is harmful, rubs off on the company’s reputation. This particularly applies when fraudsters use a business product as a means to commit ad fraud, such as the Coinminer example.

Also, when customer details like names, emails, and phone numbers are acquired through fraudulent traffic from the company’s site, the image of that company can be soiled.

Higher Customer Acquisition Cost (CAC)

The customer acquisition cost is the estimated total cost required to obtain an additional customer. A higher customer acquisition negatively impacts business growth because it reduces the bottom line.

Fraudulent clicks and bot clicks significantly increase ad spend by at least 20%, thus increasing the average CAC via advertising by the same %.

Wasted Sales Team Resources

It is quite upsetting when the sales team spends valuable time and resources following up on fake leads. Even if they decide to make the phony lead calls as quickly as possible, there is a delay, and this reduces the many opportunities they have to convert real prospects into legit customers. Negative feedback from bad lead calls can increase stress in employees, which, in turn, drives an increased rate of employee burnout.


Fraudsters are evolving and growing more skilled, especially when exploiting technology like bots to commit ad fraud. Fraudsters are a real threat to your high conversion rates and well-managed ad budget because they have a wide variety of efficient techniques, such as domain spoofing, ad stacking, and click fraud, that they use to ruin your business efforts.

ClickPatrol © 2024. All rights reserved.
* For dutch registerd companies excluding VAT