Apple blocked $7 billion in fraudulent App Store purchases in 4 years

Apple’s antifraud technology has blocked more than $7 billion in potentially fraudulent transactions in four years, the company states in its latest annual fraud prevention analysis.

From 2020 through 2023, the company also detected more than 14 million stolen cards and blocked them from transacting on its platform along with 3.3 million accounts.

Statistics for last year show that Apple stopped $1.8 billion in suspicious transactions, slightly less than the $2 billion blocked in 2022.

The report also notes that Apple also prevented throughout 2023 the use of 3.5 million stolen credit cards for purchases made on its App Store and banned over 1.1 million accounts from transacting again.

Financial

In terms of app security and privacy policy enforcement, Apple rejected last year over 1.7 million app submissions that failed to meet App Store’s standards for privacy, security, and content.

  • Among these, 248,000 were rejected for being spam, copycats, or misleading users,
  • 38,000 were rejected for containing hidden or undocumented features,
  • 375,000 were rejected for various privacy violations,
  • 47,000 were rejected for being illegitimate apps of pirate storefronts,
  • 40,000 were remove or rejected because they engaged in “bait-and-switch” tactics,
  • and 98,000 were deemed “potentially fraudulent” and were proactively blocked.

Apps

The App Review team, which consists of 500 experts, examined 6.9 million app submissions in 2023 and discovered violations that led to rejecting 1.7 million requests.

Additionally, Apple last year terminated 118,000 accounts and turned down 91,000.

Customer accounts have also been found to be fraudulent (153 million) or engaged in illegal activities (374 million), which led to blocking or deactivating them.

Finally, out of the 1.1 billion app ratings and reviews that users submitted to the App Store in 2023, 152 million were deemed fake/fraudulent and were removed.

Apple expressed a strong commitment to continuing and enhancing its efforts to ensure the security and integrity of the App Store, investing in security, expanding its anti-fraud initiatives, and further strengthening its secure payment technologies like Apple Pay and StoreKit.

However, users can also take action to protect themselves from fraud. In this context, it is advisable to:

  • Only download apps from the official App Store, avoiding poorly vetted third-party app stores or shady sites.
  • Carefully read user reviews and look for signs of fraud, such as suspiciously high ratings with few detailed reviews.
  • Only use software from reputable developers who have a portfolio of trustworthy projects.
  • Pay attention to the permissions the app requests and reject unnecessary ones.
  • Regularly update your device’s operating system and apps to the latest versions.
  • Remove apps you no longer need and revoke permissions for apps you’re not using.

However, despite the stringent policies for apps to be included in the App Store, some threat actors still manage to bypass the review mechanisms and plant bad apps.

This year, there have been two high-profile cases of fake apps added to Apple’s repository, one mimicking the LastPass password manager and another impersonating the Leather cryptocurrency wallet.

Source: www.bleepingcomputer.com