Glossary

The Ultimate Ad Fraud Glossary

Get a full understanding of click and ad fraud. All the definitions and common terms explained on invalid traffic, fake users, bots and ad fraud.

---

A

Account Takeover

Account takeover refers to unauthorized access to and use of a user’s online account, typically through methods such as phishing, hacking, or credential stuffing.

It can lead to unauthorized transactions, identity theft, access to sensitive information, financial loss, and reputational damage.

Ads.txt

Ads.txt, short for Authorized Digital Sellers, is an IAB Tech Lab initiative designed to help fight ad fraud, especially domain spoofing and unauthorized inventory resale.

It is a text file placed on a publisher’s domain that lists the companies authorized to sell that publisher’s digital inventory. Because only the domain owner can create or modify the file, it helps buyers verify whether an inventory seller is legitimate.

Ad Fraud

Ad fraud is a type of scam in which fraudsters intentionally falsify ad engagement or ad delivery to make advertisers pay for invalid activity.

Common examples include fake traffic, fake leads, misrepresented ad placements, or ads that are served but not actually visible to real users.

Common types of ad fraud include:

• ad injection
• ad stacking
• ad tag hijacking
• affiliate fraud
• pixel stuffing
• domain spoofing

Ad Injection

Ad injection is a technique where ads are inserted into websites or apps without the publisher’s permission.

Injected ads can appear on top of existing ads, replace legitimate ads, or appear on pages that would otherwise not show ads. This can happen through malware, browser plugins, or other unauthorized software. When users click these injected ads, the fraudster may receive the revenue instead of the legitimate publisher.

Ad Network

An ad network is a technology platform that acts as an intermediary between publishers and advertisers.

Ad networks aggregate available ad inventory from publishers and package it for advertisers. This helps publishers monetize inventory without negotiating individually with every advertiser.

Ad Rotator

An ad rotator is a tool that allows a publisher to rotate multiple ads in the same placement on a website.

The rotation can happen based on time, page refreshes, or other triggers.

Ad Server

An ad server is technology used by publishers, advertisers, agencies, and ad networks to manage, deliver, and measure online advertising campaigns.

Ad servers store ad creatives, serve ads to websites or apps, and collect performance data such as impressions, clicks, and other campaign metrics.

Ad Stacking

Ad stacking is a fraudulent tactic where multiple ads are layered on top of each other in a single placement.

Only the top ad is visible to the user, but impressions or clicks may be registered for every ad in the stack. This causes advertisers to pay for fake or non-viewable impressions.

Ad Tag Hijacking

Ad tag hijacking is the unauthorized use of an ad tag from one publisher’s site on another website.

This can be used to generate fraudulent impressions, misrepresent inventory, or damage a publisher’s or advertiser’s reputation.

Adware

Adware is advertising-supported software that automatically displays ads inside an application, browser, or operating system.

In malicious cases, adware may display unwanted, hidden, or obtrusive ads, such as pop-ups or pop-unders. It can also generate fake traffic or fake ad engagement without meaningful user intent.

Affiliate Fraud

Affiliate fraud refers to false or prohibited activity carried out to earn commission from an affiliate marketing program.

This can include fake leads, fake sales, cookie stuffing, click fraud, or any other activity that violates the terms of an affiliate program.

Anomaly Detection

Anomaly detection is a data-analysis method used to identify data points, events, or behaviors that deviate from expected patterns.

In fraud detection, anomaly detection can help identify unusual traffic patterns, suspicious user behavior, or bot-like activity.

App Tracking Transparency (ATT)

App Tracking Transparency (ATT) is an Apple privacy framework introduced with iOS 14.5.

It requires iOS apps to ask users for permission before accessing the Identifier for Advertisers (IDFA) or tracking users across apps and websites.

Attribution Fraud

Attribution fraud is a type of mobile ad fraud where fraudsters take credit for app installs or conversions they did not actually influence.

A common method is reporting fake clicks shortly before a legitimate app install, making the fraudulent source appear to be the last touchpoint before conversion.

Attribution Tool

An attribution tool helps marketers understand how much credit each marketing channel, campaign, or touchpoint should receive for a conversion.

These tools are used to measure campaign performance and analyze the customer journey across digital channels.

Auto-reload / Auto-refresh

Auto-reload or auto-refresh refers to automatically refreshing ad slots within a single page view to increase ad impressions.

Refreshes may happen after a set time interval or as a result of user actions such as scrolling or clicking. Users may not notice the refresh, but additional ad impressions can still be counted. In CPM-based campaigns, this can lead advertisers to pay for impressions that were not meaningfully viewed.

Automated Traffic

Automated traffic is any website, app, or API traffic generated by software rather than by a real human user.

It can come from legitimate sources, such as search-engine crawlers or uptime monitoring tools, but in the context of ad fraud it often refers to bots used to inflate impressions, clicks, or visits.

Automation Tools

Automation tools are software tools designed to automate tasks, often for testing or development purposes.

Examples include Selenium and Puppeteer. While these tools have legitimate uses, fraudsters can abuse them to visit websites, load ads, click ads, or imitate human behavior automatically.

---

B

Behavioral Analysis

Behavioral analysis examines how users interact with a website, app, or ad environment.

In bot and fraud detection, behavioral analysis compares user actions against expected human behavior to identify suspicious patterns, such as unnatural movement, perfectly timed events, or repeated automated actions.

Blacklisting / Blocklisting

Blacklisting, also called blocklisting, is the use of lists of known or suspected malicious IP addresses, domains, apps, or other identifiers to prevent ads from being served to them.

This helps advertisers reduce exposure to fraudulent or low-quality traffic sources.

Bots / Fake Users

A bot is an automated software program designed to perform tasks on the internet.

In ad fraud, bots are often programmed to imitate human behavior. Depending on sophistication, they may be able to:

• visit web pages
• view ads
• click ads
• watch videos
• install apps
• accept cookie banners
• add products to a shopping cart

Botnet

A botnet is a network of computers, smartphones, servers, or IoT devices that have been compromised and are controlled by a third party.

Botnets can be used to carry out malicious activity, including ad fraud, DDoS attacks, fake traffic generation, and credential attacks.

Bot Detection

Bot detection is the process of analyzing traffic to identify automated, malicious, or non-human activity while allowing legitimate human users and authorized bots.

It can involve technical, behavioral, network, and contextual signals.

Bot Prevention

Bot prevention refers to actively stopping bot traffic before it can affect websites, apps, ad campaigns, analytics, or inventory.

In advertising, this can help prevent wasted spend before inventory is bought, served, or measured.

Bot Traffic

Bot traffic is traffic generated by automated processes rather than real human users.

In ad fraud, bot traffic is often designed to mimic real user behavior, inflate audience numbers, trigger ad impressions, click ads, or distort campaign performance.

Bot Traffic Detection using Analytics

Bot traffic can sometimes be detected through unusual analytics patterns.

Possible indicators include unusually high page views, unfamiliar referral sources, high bounce rates, traffic spikes from unusual regions, abnormal time on page, very high or very low session duration, repeated content refreshes, unusual event timing, or unusually frequent visits from the same IP address.

Bounce Rate

Bounce rate is a web analytics metric that measures the percentage of visitors who leave a website after viewing only one page.

A bounce is a single-page session. A high bounce rate can be normal in some contexts, but in fraud analysis it may also indicate low-quality or automated traffic.

Broken Lookalike Audiences

Broken lookalike audiences are audiences modeled from polluted or fake traffic.

If a source audience contains many bots or fake users, lookalike models may learn from the wrong signals and target more low-quality or invalid traffic.

Browser Pre-rendering

Browser pre-rendering happens when a browser loads or renders content before a user actively opens or interacts with it.

This can improve user experience, but it may also trigger ad impressions for content the user never actually viewed.

Brute Force Attack

A brute force attack is a method of systematically trying many possible password, credential, or encryption-key combinations until the correct one is found.

It is commonly used to gain unauthorized access to accounts, systems, or encrypted data.

---

C

CAPTCHA

CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”.

It is used to distinguish human users from bots and to prevent automated abuse on websites, apps, or APIs. CAPTCHAs are commonly used on forms, login pages, checkout flows, and comment sections to prevent spam, brute-force attacks, and automated submissions.

Common CAPTCHA types include:

• reCAPTCHA
  A Google tool that asks users to solve a challenge, such as identifying objects in images or entering distorted text.

• No CAPTCHA reCAPTCHA
  A simplified version where users often only need to confirm that they are not a robot.

• hCAPTCHA
  A CAPTCHA service focused on privacy and security that works similarly to other challenge-based verification systems.

CAPTCHA Bot

A CAPTCHA bot is automated software designed to bypass CAPTCHA challenges.

CAPTCHA bots can work in different ways:

• Automatic mode
  Simple CAPTCHAs, such as distorted text or numbers, may be solved automatically by the bot.

• Human-assisted mode
  More complex CAPTCHAs, such as image-selection tasks, may be sent to CAPTCHA farms where real people solve the challenge and return the result to the bot.

Click Farm

A click farm is a group of people paid to click ads, like posts, follow accounts, subscribe to channels, or otherwise generate artificial engagement.

Unlike botnets, click farms involve real people using real devices. This can make them harder to detect than purely automated bot traffic.

Click farms are often used to inflate:

• ad clicks
• social media engagement
• app installs
• video views
• website visits

Because the activity comes from human workers, detection often requires behavioral, contextual, and traffic-quality analysis rather than simple bot checks alone.

Click Fraud

Click fraud is the practice of artificially inflating the number of clicks on a pay-per-click (PPC) advertisement.

This can be done by bots, click farms, competitors, or fraudulent publishers. The goal is usually to drain an advertiser’s budget, generate illegitimate revenue, or distort campaign performance.

Click fraud causes advertisers to pay for traffic that does not represent genuine user interest.

Click Injection

Click injection is a form of mobile ad fraud where fraudulent clicks are inserted into the user journey to take credit for app installs or other conversion events.

A common method is using malicious software on a mobile device to detect when an app is being downloaded and then quickly generate a fake click before the install is completed. This makes the fraudster appear to be the last-click source of the conversion.

As a result, legitimate marketing channels may lose attribution, while the fraudulent source receives credit and compensation.

Clickjacking

Clickjacking is a technique where users are tricked into clicking something different from what they think they are clicking.

This is often done by placing an invisible or transparent layer over visible page content. In ad fraud, clickjacking can be used to generate fraudulent clicks on digital ads without the user’s knowledge or intent.

Connected TV (CTV)

Connected TV (CTV) refers to a television or device that can connect to the internet and stream digital content.

Examples include smart TVs and devices such as Roku, Amazon Fire TV, Apple TV, or similar streaming devices. CTV allows advertisers to reach audiences through digital video ads in streaming environments.

Connected TV (CTV) Fraud

Connected TV fraud refers to fraudulent activity in internet-connected TV advertising environments.

This can include:

• device spoofing
• bot-generated impressions
• misrepresented inventory
• fake app or channel traffic
• non-human ad delivery

CTV fraud can mislead advertisers into paying for impressions that were not delivered to genuine viewers or were not served in the claimed environment.

Conversion Fraud

Conversion fraud refers to fraudulent activity that creates or manipulates conversion events.

Examples include fake purchases, fake form submissions, fake app installs, or bot-generated leads. The goal is to falsely claim commission, inflate performance metrics, or make a campaign appear more successful than it really is.

Conversion fraud can distort reporting and cause advertisers to optimize toward low-quality or fake outcomes.

Cookie Stuffing

Cookie stuffing, also known as cookie dropping, is a type of ad fraud where unauthorized cookies are placed in a user’s browser without their knowledge or consent.

Fraudsters use this tactic to falsely claim credit for online sales, leads, or other actions, even if they had no meaningful role in driving the conversion.

Credit Card Fraud

Credit card fraud is the unauthorized use of a credit card or card details to make purchases, withdraw funds, or conduct fraudulent transactions.

It can happen through stolen cards, phishing, data breaches, account takeover, or other methods. Credit card fraud can lead to financial loss for cardholders, merchants, and issuing banks.

---

D

Denial of Inventory

Denial of inventory is an online attack where bots rapidly reserve or hold available items, tickets, services, or inventory, preventing legitimate users from accessing them.

This can lead to lost revenue, distorted demand signals, and poor customer experience. It is commonly seen in sectors such as ticketing, travel, retail, and e-commerce.

Distributed Denial of Service (DDoS)

A Distributed Denial of Service (DDoS) attack is a cyberattack where multiple compromised systems flood a target with traffic or requests.

The goal is to overwhelm the target’s infrastructure and make a website, service, or network unavailable to legitimate users.

DMP (Data Management Platform)

A Data Management Platform (DMP) is a centralized system used to collect, manage, and analyze data from different sources.

In advertising, DMPs help marketers build audience segments and customer profiles that can be used for targeting, personalization, and campaign optimization.

DSP (Demand-Side Platform)

A Demand-Side Platform (DSP) is a technology platform that allows advertisers and agencies to buy digital ad inventory programmatically.

DSPs help advertisers bid on impressions across ad exchanges, networks, and publishers. They allow targeting based on criteria such as audience, device, geography, behavior, and campaign objectives.

Device Farm

A device farm is a setup where many physical devices, such as smartphones or computers, are operated together to generate digital activity.

In ad fraud, device farms can be used to create fake ad clicks, impressions, app installs, or engagement events. Because the activity comes from real devices, it can be harder to detect than simple server-side bot traffic.

Device Spoofing

Device spoofing is the practice of making one device appear to be another by sending false or manipulated device information.

Fraudsters may manipulate identifiers such as the user agent, operating system, browser type, screen resolution, or device model. This can be used to bypass detection systems, imitate valuable users, or misrepresent traffic quality.

Domain Spoofing

Domain spoofing is a form of ad fraud where fraudsters misrepresent the website or app on which an ad is served.

For example, low-quality or fake inventory may be made to appear as if it comes from a premium publisher. Advertisers are then misled into paying premium prices for placements that are actually served on low-quality, fraudulent, or unauthorized inventory.

---

E

Exchange

An exchange is a digital marketplace that facilitates the buying and selling of online ad inventory between advertisers and publishers.

Ad exchanges enable advertisers to purchase ad placements, often through real-time auctions, across websites, apps, and other digital platforms.

Exclusion Lists

Exclusion lists, also known as negative lists, blocklists, or blacklists, are lists of IP addresses, domains, apps, placements, or other entities that advertisers choose to exclude from campaigns.

They help prevent ads from being served in undesirable, irrelevant, low-quality, or fraudulent environments.

Exclusion lists are commonly used to:

• improve campaign performance
• reduce wasted ad spend
• protect brand reputation
• avoid association with malicious or inappropriate content
• reduce exposure to invalid traffic sources

---

F

Fake Apps

Fake apps are apps that load ads in the background when the app is not actively being used — or even when the device itself is not in use.

For example, an app may load ads while the user is asleep or while the app is running silently in the background. Some apps also pre-load hundreds of ads for performance reasons, even though those ads are never actually displayed to a real user.

This can drain device resources and create fraudulent ad impressions.

Fake Bid Requests

Fake bid requests occur when fraudulent entities generate fictitious auction requests in programmatic advertising.

These requests imitate legitimate ad inventory and attempt to trick advertisers or demand-side platforms into bidding on non-existent, low-quality, or fraudulent placements.

The result is wasted ad spend and distorted campaign performance.

Fake Data

Fake data refers to fabricated, altered, or misrepresented information used to deceive ad platforms, advertisers, analytics systems, or networks.

In an advertising context, fraudsters may generate fake data such as:

• non-human traffic
• counterfeit clicks
• false impressions
• fake conversions
• bogus leads

Fake data can mislead campaign reporting, drain budgets, and cause advertisers to optimize toward invalid or low-quality activity.

Fake Sites / Cash-Out Sites

Fake sites, also called cash-out sites, are websites created primarily to serve ads to bots and generate ad revenue.

A typical process looks like this:

1. A fraudster creates a fake website.
2. Cheap bot traffic is purchased and routed to the site.
3. Ad networks observe the apparent traffic volume and include the site in their inventory.
4. Advertisers buy ad space on the site.
5. The fraudster receives ad revenue for fake or low-quality traffic.

This makes fake sites a common monetization method in ad fraud.

Form Spam

Form spam refers to unwanted, automated submissions of online forms by bots.

Fraudsters may use bots to submit fake contact forms, subscription forms, lead forms, or demo requests. These submissions can use false information or leaked personal data from the dark web.

Form spam can:

• inflate lead generation metrics
• pollute CRM systems
• waste sales-team resources
• distort campaign performance
• create fake conversion signals

---

G

Geo Masking

Geo masking is a form of ad fraud where fraudsters manipulate or disguise IP addresses to make low-quality traffic appear as if it comes from a higher-value geographic region.

By misrepresenting the location of the traffic, fraudsters can sell it to advertisers at higher prices. This can cause advertisers to overpay for low-quality traffic and reduce the effectiveness and ROI of their campaigns.

---

H

Hidden Ads

Hidden ads are ads that are served in a way that makes them invisible or nearly invisible to users while still being counted as impressions.

This can include:

• ads placed behind other page elements
• ads stacked underneath visible ads
• ads rendered in tiny placements, such as a 1 × 1 pixel
• ads loaded outside the visible viewport

Advertisers are charged for these impressions even though a legitimate user never actually saw the ad.

Hijacked Device

A hijacked device is a user device that has been taken over by a fraudster, often through malware or other unauthorized means.

In ad fraud, hijacked devices may be used to generate fake ad requests, impressions, clicks, installs, or other interactions without the user’s knowledge.

The real device owner may not be aware that their device is being used for fraudulent activity.

---

I

Impression

An impression is counted when a digital ad is displayed or served on a web page, app, or other digital platform.

Impressions are used to measure the reach and visibility of an ad campaign. In many advertising models, especially CPM-based campaigns, advertisers pay based on the number of impressions delivered.

Impression Fraud

Impression fraud is the generation of illegitimate ad impressions to artificially inflate advertising costs or revenue.

Fraudsters may use bots, hidden ads, pixel stuffing, ad stacking, fake sites, or other tactics to create impressions that do not represent genuine human exposure to an ad.

This causes advertisers to pay for non-genuine or non-human traffic and can distort campaign performance metrics.

Invalid Traffic (IVT)

Invalid traffic (IVT) refers to clicks, impressions, sessions, or other ad interactions that do not come from genuine user interest.

This can include:

• bot-driven traffic
• non-human activity
• artificially refreshed pages
• manipulated impressions
• misdirected users
• other fraudulent or non-compliant traffic

Invalid traffic reduces campaign efficiency because it drains ad spend without creating real engagement or meaningful conversion opportunities.

---

L

Last Click Attribution (LCA)

Last Click Attribution (LCA) is a digital analytics model that assigns the full conversion value to the final click before a transaction or conversion.

In this model, the last ad, channel, or touchpoint a user interacted with before converting receives 100% of the credit.

While simple and easy to understand, Last Click Attribution can oversimplify the customer journey because it may ignore earlier touchpoints that influenced the user’s decision.

Location Fraud

Location fraud is the manipulation or falsification of geographic location data for ad impressions, clicks, visits, or transactions.

Fraudsters may use techniques such as IP spoofing, VPNs, proxies, or falsified GPS data to make traffic appear as if it comes from a different location.

This can make low-quality traffic appear more valuable or relevant than it actually is and can mislead advertisers into paying for traffic from supposedly high-value regions.

---

M

Malware

Malware is malicious software used to infiltrate, damage, disrupt, or control user devices, systems, or networks.

In ad fraud, malware can force affected devices to load ads, click ads, visit websites, or generate fake traffic without the user’s knowledge or consent.

This can create illegitimate ad revenue for fraudsters, distort analytics data, and waste advertising budgets.

---

N

Naked Ad Calls

Naked ad calls are ad impressions served without a surrounding webpage or meaningful content environment.

Fraudsters use naked ad calls to save time and bandwidth so bots can interact with more ads at scale.

Because the ad request is not tied to a legitimate user-facing page, naked ad calls can generate impressions that do not represent real human exposure to an ad.

Non-human Traffic (NHT)

Non-human traffic (NHT) is online traffic generated by bots, scripts, automation tools, or other automated programs rather than legitimate human users.

In ad fraud, non-human traffic is often designed to imitate real user behavior, such as:

• clicking ads
• visiting websites
• initiating video views
• generating impressions
• triggering events or conversions

These inflated metrics do not represent genuine engagement and can lead to wasted ad spend, inaccurate reporting, and poor campaign optimization.

---

P

Pay-Per-Click (PPC)

Pay-Per-Click (PPC) is a digital advertising model in which advertisers pay a fee each time their ad is clicked by a user.

Instead of earning visits organically, advertisers can buy visits to their site. PPC ads can appear on search engines, websites, and social media platforms, and are often targeted based on user behavior, preferences, demographics, keywords, platforms, or audience type.

Performance Max

Performance Max is a Google Ads campaign type that allows advertisers to access all Google Ads channels through a single campaign.

It uses automation to create and serve ads based on the assets provided by the advertiser and determines when and where ads appear in order to reach campaign goals.

Performance Max campaigns can run across Google-owned inventory, including:

• YouTube
• Google Display Network
• Google Search
• Google Discover
• Gmail
• Google Maps

Phishing

Phishing is a cybercrime in which attackers use deceptive communication, often via email, to trick people into revealing sensitive information.

This may include passwords, login credentials, credit card numbers, or other personal data. Phishing messages often impersonate trustworthy organizations and direct users to fraudulent websites designed to look legitimate.

Pixel Stuffing

Pixel stuffing is an ad fraud tactic where fraudsters load a full-size ad into a tiny pixel, such as a 1 × 1 pixel, or place it in a non-viewable area of a page.

The ad is technically loaded and may count as an impression, but it is invisible to users. Advertisers then pay for impressions that had no real chance of being seen.

Pop-unders / Pop-ups

Pop-unders and pop-ups are additional browser windows or pages that load automatically, often without clear user intent.

Pop-unders open behind the active browser window, while pop-ups appear in front of it. In low-quality or fraudulent environments, these formats can be used to generate ad impressions that users did not intentionally request or meaningfully view.

This type of traffic is often associated with low-quality, piracy, or adult-content sites.

Private Marketplace (PMP)

A Private Marketplace (PMP) is an invitation-only advertising marketplace where selected advertisers can purchase inventory through real-time bidding.

Unlike open auctions, a PMP allows publishers to offer premium inventory to a restricted group of buyers. This gives publishers more control over who buys their inventory and at what price, while advertisers can access higher-quality placements that may not be available in the open market.

Proxy Traffic

Proxy traffic is web traffic routed through proxy servers to disguise the original IP address of the user or device.

Fraudsters use proxies to simulate traffic from different geographic locations, hide malicious activity, bypass geolocation restrictions, or make automated traffic appear more legitimate.

Proxy traffic can generate false impressions, clicks, or visits and distort campaign performance.

Publisher

A publisher is an individual, company, or organization that creates and distributes digital content and offers advertising space on its platform.

Publishers may operate websites, apps, video channels, newsletters, or other digital properties. They monetize their audience by selling ad inventory to advertisers, agencies, ad networks, or programmatic platforms.

Common monetization models include:

• Pay-Per-Click (PPC)
• Cost Per Mille (CPM)
• affiliate marketing
• sponsored content

---

R

Real-Time Bidding (RTB)

Real-Time Bidding (RTB) is the instantaneous auction process that happens for each ad impression as a webpage, app, or digital placement loads.

Advertisers bid in real time for the opportunity to show an ad to a specific user based on available context, such as audience data, browsing behavior, placement, device, or demographic signals.

The winning bidder gets their ad displayed to the user. This entire process happens in milliseconds and allows advertisers to efficiently buy impressions that match their targeting criteria.

Residential Proxy

A residential proxy is an intermediary server that uses an IP address provided by an Internet Service Provider (ISP), rather than a data center.

Fraudsters use residential proxies to hide their real location, bypass anti-fraud systems, and make automated or malicious activity appear more like legitimate user behavior.

Because the traffic appears to come from real residential IP addresses, it can be harder to detect than traffic from data-center proxies.

Retargeting

Retargeting is a digital advertising strategy where ads are shown to users who have previously visited a website, viewed a product, or interacted with a brand online.

Advertisers use cookies or other tracking technologies to recognize these users across different websites or platforms and show them relevant ads in an attempt to re-engage them.

Retargeting Fraud

Retargeting fraud is a scam where bots are sent to an advertiser’s website so they become tagged for retargeting ads.

The bots are then sent to the fraudster’s website, where they “view” the retargeting ads that the advertiser pays to display. This allows the fraudster to monetize fake retargeting traffic.

Return on Advertising Spend (ROAS)

Return on Advertising Spend (ROAS) is a metric used to measure the effectiveness of advertising campaigns.

It is calculated by dividing the revenue generated from an ad campaign by the cost of that campaign.

A higher ROAS usually indicates that a campaign is generating more revenue for each unit of advertising spend.

---

S

Scalper Bots

Scalper bots are automated software programs designed to purchase high-demand items quickly before legitimate users can access them.

They are commonly used for limited-stock products, event tickets, sneaker drops, or other high-demand goods. Scalper bots can also hoard inventory and resell it at inflated prices.

This creates artificial scarcity, distorts market demand, and harms both businesses and consumers.

Scraper Bots

Scraper bots are automated scripts or programs designed to extract content or data from websites, apps, or digital platforms.

In ad fraud and digital abuse contexts, scraper bots may steal valuable information such as pricing data, product information, customer data, or publisher content.

Unauthorized scraping can lead to:

• skewed analytics
• compromised user experience
• data misuse
• financial losses for advertisers or publishers

SDK Spoofing

SDK spoofing is a type of mobile ad fraud where fraudsters simulate ad views, clicks, installs, or in-app events inside a spoofed app environment without real user involvement.

Fraudsters manipulate communication between the app and the advertising or attribution SDK to generate fictitious events that appear legitimate.

As a result, advertisers may pay for interactions that were never performed by real users.

---

U

User-Agent Spoofing

User-agent spoofing is the manipulation of the user-agent string sent by a browser, app, or device to a website or server.

The user-agent string describes information such as browser type, operating system, device type, and software version.

In ad fraud, malicious actors use user-agent spoofing to imitate legitimate devices, browsers, or locations. This can help them generate fraudulent impressions, clicks, or visits while hiding the origin of invalid traffic.

---

V

VPN (Virtual Private Network)

A Virtual Private Network (VPN) routes internet traffic through another server and can mask the user’s true IP address and location.

In ad fraud, malicious actors may use VPNs to make traffic appear as if it comes from a desired country, region, or audience segment.

This can manipulate geographic data, distort reporting, and cause advertisers to allocate budget toward traffic that is not actually from the intended market.

---

Note

Do you still have questions or require further details? Contact our support team for assistance: support@fraud0.com

---

Imprint Privacy Policy Terms & Conditions DPA