Deceptive pay-per-install companies are spoofing brands, promoting fake software updates and using other tricks to fool consumes into downloading software that puts ad injectors on their browser, according to a report from Google and New York University.
In what the search engine giant called the first in-depth investigation into commercial pay-per-install (PPI) networks — which essentially bundle software and get rewarded each time a consumer allows the applications to reside on their device — Google said it tracked more than three billion download attempts.
This resulted in tens of millions in downloads, the 18-page academic study conducted with NYU’s Tandon School of Engineering concluded.
“In total, we collected 446K offers related to 843 unique software packages. The most commonly bundled software included unwanted ad injectors, browser settings hijackers, and scareware purporting to fix urgent issues with a victim’s machine for $30-40,” said Google on its security blog. “While not all software bundles lead to unwanted software, critically, it takes only one deceptive party in a chain of web advertisements, pay-per-install networks, and application developers for abuse to manifest.”
As a recent explainer about ad injection on MediaPost showed, brands and agencies need to better understand this issue because it can have a direct impact on viewability and fraud within the online ad space. Injected ads can be inserted on top of or underneath ads that already appear, for example, essentially hijacking the brand experience. Ad injectors can also appear on sites that didn’t intend to serve ads or replace legitimate ads completely.
“Injected ads are sophisticated invalid traffic. They’re ad impressions that shouldn’t be counted when evaluating the effectiveness of a site,” the article said.
The Google/NYU report identified at least one Canadian company, Wajam, among the major contributors to ad injection. Others included France-based Eorezo and Israel-based Crossrider. “These ad injectors recuperate the initial sunk cost of installs by monetizing users via display ads and shopping helpers until a victim finally uninstalls the injector,” the study said.
Google said it is responding to the issue of ad injection by participating in the Clean Software Alliance and other efforts with the anti-virus community.
