Maybe you’ve heard of hijacked devices – the term is often used by security firms - and envision computers gone wildly awry with helpless users locked out and no longer in control. While this scenario plays well for cinema, the truth is that any computing device – whether it’s a cell phone, laptop, desktop, or tablet – can be hijacked without the user knowing. And once highjacked, a smartphone for instance, can contribute to the $6.5 billion yearly ad fraud problem from a back pocket.

Here’s how it works:

In the ad fraud world, fraudsters are looking to rack up as many clicks and page views as possible (here’s a brief overview of how ad fraud might operate in the programmatic real-time bidding (RTB) market). They make money on every fake click or fake impression generated through a bot, but if they send all this traffic (billions of pageviews and clicks) from one device or one location they’ll get caught quickly. One way they try to anonymize themselves is by routing website traffic and clicks through a network of “hijacked” devices. These devices have been infected with malware that contains malicious applications (i.e., bots) that tells the devices to do certain things – run this browser, go to these sites, click on these ads, etc. Devices can be infected with malware through a number of ways: a user may have clicked on a fraudulent link, downloaded an infected file, or possibly installed an app laden with malicious code.

Once malware is on the device, the bots it contains can be controlled by fraudsters. With the spread of malware, the fraudsters create for themselves a botnet – hundreds of thousands of bots on devices that they can control and send instructions to. In the case of ad fraud, the bots open browsers in the background and begin to repeatedly visit websites and click on ads, sometimes thousands of times a minute. The device owner doesn’t see this happening although the bots may cause performance to be sluggish, battery drain, and high data usage.

From an advertiser’s perspective, a quick look at a campaign with traffic from hijacked devices may look normal, after all, it has traffic from different users, devices, and locations, but unfortunately, it was actually fake views and clicks and the advertiser has lost money to a fraudster. In this scenario, users with infected devices have unwittingly contributed to the ad fraud problem, not to mention the risk of their personal information being hacked by fraudsters, which is possible with a compromised device.

So what can be done to prevent it? Adhering to basic security practices can eliminate most malware threats: being suspicious of unsolicited emails with links and/or downloads, only downloading files and apps from known and reliable sources, and keeping devices up-to-date with the latest security and system updates.

Visit Fraudlogix to see how we can help keep traffic from highjacked devices off your platforms and out of your campaigns: