Fraud Abatement Series #4—Ad Stacking

Ad stacking is a fraud technique where multiple ads are layered on top of each other in a single ad placement. While only the top ad is visible, if a user clicks on the visible ad, a click is registered for all ads in the stack.
Kochava is unique in the ecosystem because we see billions of ad impressions for a variety of ad campaigns across thousands of publishers, networks and exchanges, all in real time. Our fraud algorithms detect and report cases where multiple clicks are registered at the exact same date timestamp for a given ad placement. The following table and graph detail this behavior for a gaming app during the month of January:





When we look specifically at the site IDs, we see that there is one main offender (Site_OEP) with 698,000 ads that shared the same date timestamp, and there are 164,000 instances of stacking (at an average of 4.3 clicks for different apps per ad unit). Overall, there were relatively few installs (97).

What’s going on here?

There are several reasons fraudsters employ the ad stacking tactic:
  • Click stuffing: Once the user clicks on the visible ad, the click is registered for all the ads stacked behind it. If the fraudster is strategic, they may stack ads for similar apps, meaning apps the user is likely to install in the future. If they can register a click for what the user may eventually install, they stand a chance of receiving attribution for it. This type of fraud focuses on scamming the marketer by gaming attribution.
  • Impression stuffing: I wrote earlier about high click-to-install rates. If an impression is sent to a click endpoint, it is registered as a click even though a user never clicked. The scam is twofold: First, no actual click took place; and second, the scam sends multiple “clicks” en masse against multiple apps with the intent of 1.) Gaming attribution (scamming the marketer) and 2.) Delivering bogus impressions (scamming the network).
  • Viewability fraud: In addition, if impressions are stacked, all the impressions stacked within the ad container may be reported as “viewed.” In this instance, fraudsters are scamming viewability metrics as well.

Prevent Ad Stacking with the Fraud Console

Luckily, ad stacking is a relatively easy fraudulent tactic to catch and is one of the fundamental fraud behaviors we surface in our Fraud Console. The Fraud Console surfaces 11 indicators of fraud. Any site ID, device ID, or IP address flagged in the advertiser’s Fraud Console can easily be added to their Account Blacklist to abate fraud in real-time.

In addition, sites that execute this tactic across multiple marketers are automatically added to the Global Fraud Blacklist. The list is dynamically updated with new entities added if they regularly participate in fraudulent activity. Networks and publishers may work to remove themselves from the list by demonstrating aggressive anti-fraud processes and solutions.

In my next post, we’ll explore the Global Fraud Blacklist and how to make it work for you.

In case you missed them, read also Parts 1, 2 and 3 of the Fraud Abatement Series.

About the Author

Grant Simmons is the Director of Client Analytics at Kochava and leads the team in analyzing campaign performance and business value assessments. He is the former head of Retail Analytics at Oracle Data Cloud where he worked with over 1,500 retail directors, VPs, CMOs and agencies to develop individualized test-and-learn strategies.

For more information about the Kochava Fraud Console, Contact Us.
BlogEducationUnderstanding Fraud Abatement

3 Responses

Comments are closed.