If you take a moment to look around you, wherever you are, you will be hard pressed to find one person without a mobile phone. Chances are that you may even be reading this from your mobile device.
Because of their convenience, mobile devices have become a popular tool with which to view all sorts of content from news to TV shows. Enterprising businesses quickly cottoned on to the usefulness of mobile devices for marketing and targeted mobile advertisements to cater for this shift in user behaviour, creating means to deploy their ads in different formats. Hackers have been enterprising too, and have adapted attacks that are aimed specifically at mobile devices.
“Mobile ad fraud takes advantage of the means the system uses to measure how effective the ads are. Most of the ads have a payment scheme tied to the systems used and hackers trick these systems to steal advertising funds from the advertisers,” explains Indi Siriniwasa, vice-president of Trend Micro, Sub-Saharan Africa.
Threat actors use a number of techniques to trick their victims. One of these is ad stacking where the criminals place multiple ads one on top of the other so that the user will only see the first ad at the top of the stack. They then use the system to steal credit for each advert below the first one, and each ad is still billed to the advertisers.
Cybercriminals also use click fraud, manipulating the system into counting fake clicks and so earning more money. Hackers use their own malicious downloadable app that detects a download on the device and generate a number of clicks.
Click flooding is a method in which fraudsters try to determine the last click or engagement just before the installation of an advertised product. They then send many fraudulent clicks through, siphoning funds in the process.
“We saw a lot of mobile fraud in 2018. The hackers are doing this mainly for money, but the hacks also corrupt data on the mobile device and compromises the privacy of the user. The priority for enterprises is to make protecting against ad fraud part of their security measures,” advises Siriniwasa.
Awareness of the various mobile ad fraud schemes is a start and allows you to get familiar with various techniques the fraudsters use. Of course, the main line of defence is to be highly cautious when it comes to installing apps onto a mobile device as some of these may be malicious. It’s safer to stick to apps from legitimate sources.
“There are security solutions available and users are advised to install a multilayer mobile security solution that protects against adware and potentially unwanted applications. The far reaching effect of cyber fraud is that it effectively torpedoes the trust people have in the digital community. It’s not just about protecting your privacy or finances, it’s also about protecting the very fabric of the digital revolution,” says Siriniwasa.