• Jagmeet Singh

Bots Are Evolving with Time. Is Your Brand Ready to Combat?

According to Statista, in 2021 the number of mobile users has increased to 7.1 billion and it’s estimated to reach 7.26 billion by the end of 2022. With the growing numbers of mobile users, fraudsters are also evolving their bot attacks on mobile apps.

Bot traffic is non-human automated traffic that visits a website and mobile app. While there are good bots like search engines and AI-based assistants that are required to make the work smoother. However, there is also a wide range of bad bots which are malicious and are used to commit frauds like data scraping and account takeover.

With time, there has been an evolution in bots and fraudsters are making sure that they cannot be detected easily. In this blog, we are covering the signs to detect bot traffic on apps and what are the new trends observed in bot activity.

Global share of human and bot web traffic 2020, by industry – Statista

Basic vs Sophisticated BOTs

The first generation of malicious bots operated according to quite evident strategic rules. The basic bot traffic used to come from sources like data centers and IP addresses that behaved predictably. For instance, a basic bot performs an app install innumerable times using one IP address for a consistent duration. In simple terms, their actions were not like humans, and it was easy to predict once the bot pattern was identified.

However, in the last few years, cybercriminals have developed and created more sophisticated programs of bots. The sophisticated bots can replicate human activity and compromise the walls of safety on the internet. To make the bot activity look human-like, the cybercriminals use different residential IPs instead of single data centers.

This is an example of a sophisticated bot pattern. In this graph, there are multiple abnormal data patterns detected. In reference to the above graph – In case of A, there is a sudden spike in the percentage of installs, and then it disappears. Later in case of B, there is a constant peak for a while which disappears in a few seconds. In case of C, there is a regular peak for a continuous window.

Signs to Identify Bot Traffic

1. Compare Conversion make & model

Bot activity can be detected in installs by observing the incorrect conversion make and model. In the below example, there is a discrepancy in the devices from where the conversion is made and the actual model. As visible in the data, it is possible to indicate fake devices with conversion make & model.

2. High Volume of Installs

Normal traffic is spread over, which means that the conversion time is not normally in the publisher's control. However, in the case of bot traffic, the click to install rate is very high and quite streamlined. Below is an example of the high volume of installs due to bots:

Publisher M – Click to Install Trend

3. Detecting Old Android Versions

In major cases, the malicious bots are found running heavily on old OS versions which are normally very small in percentage distribution.

Publisher M – OS concentration

Emerging Trends Captured in Bot Traffic

1. Abnormal is the new Normal

According to the observation, almost all publishers generate on an average 70% installs within the first 2 minutes.

2. No Traffic is 100% Clean Traffic

Since OEM inventory is blindly whitelisted by the attribution platform, the advertisers also end up paying for fraudulent traffic for OEM.

3. Similar Bots Across Multiple Domains

Identical traffic patterns were observed for various clients for different domains from one source indicating BOT generated traffic.

How mFilterIt Detects Bot Traffic

Every day new bots are emerging and MMPs are not able to differentiate between clean traffic and sophisticated bot traffic. In this case, partnering with an app fraud detection and prevention solution like mFilterIt can protect your ad campaigns from bot traffic.

Our Ad Traffic Validation suite ensures to evaluate the bot traffic based on different parameters. When analyzing the installation source, we have observed downloads from devices with older Android versions, a high volume of installs at small intervals, a discrepancy in the devices from where conversion is made, and the device model.

The different bot patterns were detected by us, and appropriate measures were taken to ensure clean traffic for the brands and save their money from getting wasted in invalid traffic.


As the advertisers are increasing their digital spend, fraudsters are also evolving with new types of ad fraud techniques to scam the brands. Fraudsters are using sophisticated bots to pass through the ad fraud detection systems in apps. Therefore, a full-funnel ad fraud detection and prevention solution like

mFilterit is required to detect data anomalies and eradicate them at the earliest stage.

Eliminating bot traffic will protect your app campaigns and help you focus on reaching a relevant set of audiences without wasting any ad spend.