Rocket Lab Blog

What is Click Flooding and how to stop it?

Written by Rocket Lab Insightful | Jul 20, 2021 5:07:00 PM

Click Flooding, popularly known as click spamming is one of the most recurrent types of fraud in the mobile industry.

This practice has been known quite for a long time, and even though its detection is easy to do, click flooding today affects a lot of unaware advertisers, taking a huge piece of their budgets.

Click flooding/spamming as the name already says it’s when a network/publisher sends a huge amount of clicks hoping that it will be rewarded by the last click when a user downloads an app organically.

They try to manipulate the attribution of an install, by sending a lot of clicks on behalf of the user, without the user even being aware of it, hoping to be credited by the last click.

But how does Click Flooding work?

For this type of fraud to be successful, it needs the user has to enter a fraudulent mobile webpage or to download an app that has malware on it, which is a malicious code programmed to take advantage of your activity or do harm to your phone, just like a virus.

If the user enters a mobile web page the fraudsters will start sending a lot of clicks with their click bots, in the background, even though the user will not notice it. Sometimes they even generate ad impressions as click making their page look as if it has an amazing engagement which it doesn’t. They send hundreds of thousands of clicks this way.

In apps, click flooding operates a bit differently.

When the user downloads an app that has malware, once the app is opened, this malware will execute itself and will start generating clicks in the background without the user noticing it while the app is running, even sometimes the malware can generate clicks anytime, 24/7 while your phone is on, depending on how complex it’s code is.

Those hundreds of thousands of clicks will be sent to different publishers/networks to try to get paid for any install that the user does organically afterward. So instead of being labeled organic by the advertisers, this user will be labeled as if it came from a network/publisher X or Y and the advertiser will reward and pay the network/publisher accordingly.

How to detect and stop Click Flooding?

First and foremost, every app marketer needs to understand what CTIT (click-to-install time) is. CTIT is the time it takes from a user's click on an ad until they open the app after downloading it, marking the install event. This period between the click and the install event is known as click-to-install time.

Analyzing CTIT is crucial for detecting various types of ad fraud, including click spamming.

Typically, click-to-install time follows a normal distribution. Several factors can influence this, such as the app size and the type of network used for downloading. However, most users will install the app shortly after clicking on an ad.

An industry benchmark says that about 75% of the installs occur after the first hour following a click. 

There are two main factors we can identify in click spamming:

First, there is the issue of a high number of clicks resulting in an extremely low conversion rate (CR), as well as an uneven distribution of installs. Many installs occur days after the click, instead of within hours or even within 24 hours, as would typically be expected.

Now that you know how to recognize and understand click spamming activity, you can analyze the click-to-install time (CTIT) of your campaigns and different publishers. This will help ensure that you are not acquiring new users through click spamming.

Buying a mobile fraud detection tool and partnering up with trustworthy agencies it’s another good step to be safe while doing user acquisition.

Rocket Lab is one of them. If you want to know more about how to run campaigns safely and be certain that you are allocating your budget to impact real users contact us!