Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Advertising

Smartphone Apps Fraudulently Collecting Revenue From Invisible Ads 129

JoeyRox writes: Thousands of mobile applications are downloading ads that are never presented to users but which collected an estimated $850 million in fraudulent revenue from advertisers per year. The downloading of these invisible ads can slow down users' phones and consume up to 2GB of bandwidth per day. Forensiq, an online technology firm fighting fraud for advertisers, found over 5,000 apps displayed unseen ads on both Apple and Android devices. "The sheer amount of activity generated by apps with fake ads was what initially exposed the scam. Forensiq noticed that some apps were calling up ads at such a high frequency that the intended audience couldn't possibly be actual humans."
This discussion has been archived. No new comments can be posted.

Smartphone Apps Fraudulently Collecting Revenue From Invisible Ads

Comments Filter:
  • by Anonymous Coward

    Cough.

  • by jenningsthecat ( 1525947 ) on Thursday July 23, 2015 @11:29AM (#50168731)

    On the one hand, fraudsters who steal phone users' bandwidth in order to reap revenue from advertisers, are scum.

    On the other hand, so many advertisers are scum as well, and the enemy of my enemy might be my friend. I might be willing to lose a bite out of my data cap in order to stick it to advertisers. Oops, did I say that out loud?

    • by Kokuyo ( 549451 )

      Data cap? Is that really still a thing?

      • Sure is in Canada. My theiving provider actually has the gall to charge $15/gig over the limit, too. $15! Our plans our nuts, too. I pay over $100/mo for 8 gigs... and that's a reduced rate. Normally it'd probably be closer to $150 or more for the plan.
        • by Calydor ( 739835 )

          For those who don't think to do the math, the 2 GB per day mentioned in the summary would amount to a monthly expense for you of 880 dollars - and that's if you don't do anything with the phone yourself.

    • by Solandri ( 704621 ) on Thursday July 23, 2015 @12:53PM (#50169411)
      While you may disagree with the price exacted by advertisers, they are still providing you with something in exchange. They help pay for the website you are visiting. Without their ads, the site likely wouldn't exist, or would exist in a considerably less useful form.

      Ad fraud steals money from advertisers, period. They are taking money from the advertisers without providing a good or service in exchange. This is theft.
      • by mjm1231 ( 751545 )

        While you may disagree with the price exacted by advertisers, they are still providing you with something in exchange. They help pay for the website you are visiting. Without their ads, the site likely wouldn't exist, or would exist in a considerably less useful form.

        Counter argument: Ads on a website inherently cause the website to be in a considerably less useful form.

      • WAd fraud steals money from advertisers, period. They are taking money from the advertisers without providing a good or service in exchange. This is theft.

        Tough fucking luck.

        I'm not going to load malware on my computer just to please some advertiser.

        I'm not going to pay extra money for the bandwidth they steal from me so they can load malware on my devices.

        I'm not going to wait 4 or more times as long for the webpages to load just to have "What a housewife in Pennsylvania found that has the insurance companies worried" clutter my screen.

        Small and static non-tracking ads - I'll look at those all day.

        But the right to serve ads does not include the righ

    • by GNious ( 953874 )

      There's a flaw somewhere here I think.
      The more fraudulent behaviour, the less valuable the individual ad/impression becomes, the bigger the need for fraudulent behaviour.

    • The real answer to this is for those developing the fraudulent apps to share a portion of their revenue with you! Then everybody but the advertisers wins!
    • Re: (Score:2, Insightful)

      What if they just steal the ad revenue and pretend to send the ad? If it's invisible it does no good to send it at all. Even in matters of fraud, please no half measures. We could even have a service where a host out the cloud takes your place and receives ads and even pretends to click links and thus pretends to be you for all advertising purposes, yet your phone or PC never has to receive the data at all. The advertising profile could be attached to a pseudonym, so it doesn't compromise your privacy or se

    • The enemy of my enemy is my enemy's enemy. Nothing more.

  • by StayFrosty ( 1521445 ) on Thursday July 23, 2015 @11:35AM (#50168773)

    [quote]The downloading of these invisible ads can slow down users' phones and consume up to 2GB of bandwidth per day.[/quote]

    While this is an interesting revelation, I'm not really sure what the fear-mongering is all about. What is Forensiq trying to sell here?

    • by Anonymous Coward

      They sell a platform to marketers. The platform attempts to filter out such invisible ad downloads, and it does other things like showing end-consumers the actual address of an ad if it's wrapped in a bunch of iframes.

      This story isn't aimed at you, unless you're a marketer looking to avoid paying for ads that customers never see.

    • On Verizon's network, 1 GB costs $10, so 2 GB * 30 days * $10 = $600. That would be a big deal to me if my kids were playing this game with their 4G connection turned on.

      • On Verizon's network, 1 GB costs $10, so 2 GB * 30 days * $10 = $600. That would be a big deal to me if my kids were playing this game with their 4G connection turned on.

        which proves that this is not really happening in the wild, otherwise it'd be a much bigger deal. you'd be hearing about on the local news, not /.

    • I guess I haven't been presented one of these ads, because I don't use 2 GB in a year. But then if they presented an invisible ad to me I might be more likely to buy their product than if they presented a visible ad at me, because that would likely make me not want to do business with that company.
  • First, morality has been in the trash can for quite some time. Some is my own cynicism as I age, but I don't remember corruption being this open when I was younger. I don't see many people even try to hide it today.

    Now the easy part. How hard is it to spoof data? I could write code in seconds which builds BS HTML strings and pumps them to wherever I want. I don't believe the advertisers are too shocked about this either, or they would have done something long ago to ensure better security.

    • Just like everything else in the world, it's always the victims fault for falling for a scam. It's not my fault they made it technically easy to break contractual agreements. And it is a contract, because advertisers are paying money for a service (in common law that would be called considerations, and it is the first hurdle in determining if a contract is valid, written or verbal).

      • No matter which way I read your post I disagree. I never stated that the victim is at fault, and don't agree with that position. The point I made was that if you keep the candy jar open and in a spot where it's difficult to monitor, you should not be surprised that people grab a piece without your knowledge.

        In other words, we have known for as long as Web ads have been around that "click to pay" can be spoofed. Advertisers kind of forced things in that direction because it looked cheaper on the surface.

        • If you have a contractual arrangement to be paid for clicks or views, and you rip off the other party. It doesn't particularly matter how easy or difficult it is to accomplish the breach of contract. If they catch you, they can make a case against you.

          Of course if you base your business around bad technology that is easy to trick, I totally agree you shouldn't be surprised if there is rampant abuse.

          Senior SW Engineer/Architect - IANAL

          • by s.petry ( 762400 )

            You are either implying that I approve of illegal behavior through sarcasm, or that you approving the illegal behavior. If the latter, I disagree. If the former, see the latter.

            Morality is not the same thing as ease of access.

            • Yes, it's clear that you disagree with something. Not that you've been able to respond to any statements without more than a vague disagreement. If you don't want to answer the arguments, then I guess you don't have to respond. But please don't try to setup a strawman for me to attack, because I won't go for it.

              • by s.petry ( 762400 )

                What specific are you missing? Morally theft is wrong. Stealing something can be difficult or complex. The easier it is to steal something, the more likely it is to occur. That has been my assertion since the first post and every subsequent post.

                I never stated that the victim is at fault, and don't agree with that position.

                That comment was in regards to your assertion (sarcastically) that the victim is to blame for the crime.

                You seem to have great difficulty in reading and comprehending English. What straw man has been set up or could be set up? You continue to conflate morality

                • You continue to conflate morality with the ease of an access to a crime. "Morality is not the same thing as ease of access."

                  I never have. Nor have I mentioned morality as an issue here.

                  You have repeated ignored my opinion and substituted your belief of what my opinion actually is.

                  I sympathize with your frustration. Best we part ways before you project further.

        • Advertisers know about click fraud, just like retail stores know about shoplifting and employee theft. They build it into their rates and prices: if that candy bar cost the store 10% more because about one in eleven is stolen somehow, the store sets the price to account for that. It would be possible to build in a lot of protections against shoplifting and employee theft, but they may not be worth what they cost. It isn't a matter of looking cheaper on the surface, it's a matter of expected cost. Acco

          • by s.petry ( 762400 )

            I agree. My original point was that the situation should not be shocking to anyone. This is especially true of alleged "Nerds" who should know how these things work.

  • by perpenso ( 1613749 ) on Thursday July 23, 2015 @11:39AM (#50168807)
    I wonder if a 3rd party lib is responsible for any of this, quietly committing the fraud without the app developer's knowledge? Unless those 5,000+ apps are coming from a relatively small number of developers.
    • by thsths ( 31372 )

      That is a very good question. And I wonder whether 3rd party libs do anything else illegal - such as spying on the user, stealing passwords etc...

    • by RyoShin ( 610051 )

      Considering how many things are straight-up clones, especially in the Android market, I wouldn't be surprised if it was a handful of companies that pump out cheap (to develop), crap, copy+paste games and put this kind of stuff in them.

  • I have eliminated Safari and other data intensive app connections to cellular (WIFI only now) and I'm still getting atrocious data use.

    This is called FRAUD.

    • Do you use the Podcast app? It's terrible for using cell data. If you go under Settings -> Cellular you can see which apps are using up your data.

    • In android you can view the data usage per app. Is there something similar in iPhone? It easily pinpoints which is the app(s) that is use more data than they should.

      • Yes. Go to Settings -> Celullar and it will list all your apps and how much cellular bandwidth each app has used.

        You can also enable/disable cellular access for each app.

  • Hosts on the Android (Score:5, Interesting)

    by TheDarkMaster ( 1292526 ) on Thursday July 23, 2015 @11:40AM (#50168821)
    The first thing I do after a system update or rooting is changing the host file to block all know ads servers.
  • by Anonymous Coward

    This smacks of the ad bombs I've been dealing with on a particular streaming site. The site tries to display an ad, which adblock promptly blocks. The site sees this and decides to send ALL of the ads, in what I'm calling an ad bomb.

    Here's how it works. I go to the site and start a video stream. Adblock reports 4 blocked ads. The stream plays fine for awhile until whatever script is running decides its time for an ad.

    Then the fun begins.

    Watching the ad block counter in realtime in about 45 seconds or le

  • by Anonymous Coward

    Modern advertisers use apps. Oh wait.

  • by zarmanto ( 884704 ) on Thursday July 23, 2015 @11:53AM (#50168947) Journal

    I'm pretty sure I had one of these offending apps, at one time -- though, in my case it may have been a legitimate error on the part of the developer, rather then malicious: It was an alarm clock app for iOS, which displayed a banner ad when you had it in portrait mode but not when you had it in landscape mode. Funny thing is, I learned in the course of time that it was still downloading those ads regardless of orientation, because there's an odd quirk in the way some (or all?) iOS apps download ads; they retain the ad on the device for some indeterminate period of time. Since I just left the iPad charging and sitting on that alarm clock app whenever I wasn't actively using the iPad, this caused that one app to bloat to ridiculous proportions over time, eventually filling up multiple gigabytes of space -- that is to say, all of the remaining space on the iPad.

    (Naturally, I eventually ditched that app and sought out one which was entirely ad-free.)

  • The sheer amount of activity generated by apps with fake ads was what initially exposed the scam.

    It is positively amazing how many criminals manage to wreck a good scam by getting greedy.

    • ^^^ THIS.

      I too am frequently amused at how often these guys trip themselves up through sheer greed.

      If they had just been willing to throttle it down a bit they'd be safely reaping their profits as we speak with no one the wiser, but now the hunt is on.
  • Story is interesting but without naming the apps... whats the point. I use an ad block on my rooted device, but many are not rooted and can't.

  • Most websites appear to contain invisible ads. Of course, I use adblock.

  • Considering that even an app like HTC's "Kids Zone" (a vendor preinstalled, unremovable app with activities for kids to keep them occupied) requires permissions like: "In-app purchases", "Phone calls", "Contacts", "Calendar", etc - aka everything that could run up an enormous bill or exfiltrate your monetizable personal information while your offspring are playing - it doesn't surprise me at all that someone tries to scam the advertising douchebags too ...

    Today's smartphone is a device for siphoning persona

  • by Moof123 ( 1292134 ) on Thursday July 23, 2015 @12:41PM (#50169307)

    Similar to how you don't pay to receive a call on your land line, the laws around cell billing need to be changed so that advertisers must pay for their bandwidth usage rather than the user. If I don't ask for it, I should not have to pay for it (radical concept...).

    Wasting cell data is not a bother to your provider, rather it just lines their pockets. More transparency on the real cost of data might show how big their incentives to let this crap go on are.

    • I'm trying to figure how that could work. If somebody has to pay for data (possibly data over a cap; my family has a 10 GB monthly cap), how do the cell providers bill the advertiser? How do they tell the difference between bandwidth for data you explicitly ask for, bandwidth for data an app actually needs, and bandwidth for data the app or website is doing against your wishes and without your knowledge? Is there a way for the advertiser to tell if the last hop is cell data or not? If the advertiser do

  • As someone who has spent money on the Google Display Network and normal search advertising, I can confirm that 100% of ads on mobile and third party sites use click trick / scams to collect CPC revenue with none of the clicks being intentional by potential customers.

  • How come this has been written like there's someone stealing from somebody else? I'll try and be crystal clear about something advertisers and their supporters fail to grasp every single time it matters: ADS STEAL PEOPLE'S VALUABLE TIME IN EXCHANGE FOR THINGS THAT SHOULD BE TAKEN FOR GRANTED, but ultimately aren't because of your models. Nobody that is an honest-to-goodness COMMON USER reads ad-based use policies, and most of them would rather NOT have ads, but abides to them anyway, because well, it's eith
  • I wonder if my pc has a few programs like this. It seems whenever I turn on my pc at home, just having it on and idle, slows my network to a crawl. It forces my roku to stop streaming. I have a 25mbps connection. Anyone reccomend a good ip sniffer to see who or what is cramping up my pipes?
  • That way you don't get to see those flashy ads, but the ad business still finances the app.
  • You cannot find over 5,000 apps displaying unseen ads!
  • Forensiq, an online technology firm fighting fraud for advertisers, found over 5,000 apps displayed unseen ads...

    If the ads were unseen, how do they know they were displayed in the first place?

  • The sheer amount of activity generated by apps with fake ads was what initially exposed the scam.

    This is why the "honest" scammers can't have nice things.

    Someone got greedy — a deadly sin.

  • "Forensiq .. found over 5,000 apps displayed unseen ads on both Apple and Android devices."

    What are the names of these apps and how do they get onto the downloaded devices?
  • ...I feel terrible about having an ancient Nokia that can't download data-sucking apps that paw through my personal data in order to exploit me.

    Oh, wait...
  • the intended audience couldn't possibly be actual humans

    Yet another proof of extra terrestrial life

Any sufficiently advanced technology is indistinguishable from magic. -- Arthur C. Clarke

Working...