Click hijacking is a very common mobile ad fraud of mobile clicks and installs that sends deceptive click reports a few moments after the actual click pops up. Generally, it is activated by malware that is easily hidden in apps that are completely legalised apps or those that are downloaded via third-party app stores.
How does Click Hijacking work?
Click hijacking is a type of attribution fraud triggered by mobile malware. The malware is often embedded and hidden in legitimate-looking apps, making it difficult for users to detect. After a real click is identified, a false click report from a different ad network is sent, claiming the last-touch position for the app install event. As a result, the real legitimate click is hijacked.
User clicks on the ad to download an app.
The malware embedded in app on user's device monitor user’s device for all new installs.
Malicious publisher’s app detects that user is downloading an app.
Malicious publisher hijacks the organic install.
User opens the app for the first time.
Advertiser attributes credit to malicious publisher, even though they provided no value in driving the install, and pays them a percentage of revenue.