Cybercrime remains a scourge difficult to tame, according to data from Apple Inc., the Identity Theft Resource Center, and LexisNexis Risk Solutions.
Apple Inc. late Tuesday revealed it stopped more than $2 billion in fraudulent transactions in its app store in 2022. In addition, the technology giant blocked nearly 3.9 million stolen credit cards from being used to make fraudulent purchases and permanently banned 714,000 fraudulent accounts from transacting in the online store.
Apple’s app store attracts an average of more than 650 million weekly visitors worldwide, while providing more than 36 million registered Apple developers with a global distribution platform that supports more than 195 local payment methods and 44 currencies.
In addition to cracking down on payment fraud, Apple last year terminated 428,000 developer accounts for potentially fraudulent activity, down from 802,000 in 2021. The decline reflects Apple’s ongoing efforts to prevent the creation of potentially fraudulent accounts, the company says. Apple also terminated 282 million customer accounts in 2022 for fraud and abuse.
“As bad actors evolve their dishonest tactics and methods of deception, Apple supplements its antifraud initiatives with feedback gleaned from a myriad of channels—from news stories to social media to AppleCare calls—and will continue to develop new approaches and tools designed to prevent fraud from harming App Store users and developers,” Apple says in a statement.
While online payment fraud remains a nettlesome problem, so too does identity theft. In 2022, the Identity Theft Resource Center received reports of 14,817 crimes related to identity theft, a less than 1% decrease from the all-time high of 14,947 in 2021.
Some 55% of the identity-crime cases reported were due to compromised credentials, while 40% were due to misuse of credentials. The IRTC defines misuse as evidence that a consumer’s identity has been or is actively being misused by a criminal. Fraudulent misuse includes takingover an existing account, fraudulently setting up a new account using a consumer’s identity, or perpetrating a fraudulent transaction.
The majority of reported cases stemmed from existing account takeover (61%). When it comes to misuse of consumer credentials for financial accounts, checking accounts had the highest rate of misuse (46%), followed by credit card accounts at 41%. For state-government accounts, unemployment accounts had the highest rate of misuse at 57%, followed by department-of-motor-vehicle accounts at 25%. Social-media accounts were the most targeted among non-government accounts, at 81%.
In second place in 2022 was misuse related to new account creation (32%). This type of misuse impacted 70% of state accounts, 52% of financial accounts, 38% of federal accounts, and 12% of non-government, non-financial accounts, according to the report.
“The bar for entry to identity theft for criminals has been lowered considerably,” says Eva Velasquez, president and chief executive at the ITRC. “Criminals can easily obtain the identity information they need on the dark Web, plus readily have access to tools to help them perpetrate scams. Basically, criminals need zero skill set to perpetrate identity theft and misuse of identity credentials.”
Just as identity theft shows no signs of slowing, neither does the overall digital-attack rate. The LexisNexis Risk Solutions Cybercrime Report reveals the global digital attack rate increased 20% in 2022, compared to 2021. The increase reflects the continuing trend of digital fraud rising as economies re-open following the pandemic, the report says. Attack rates on digital payments across all desktop and mobile channels increased 27% in 2022, compared to the previous year.
Attacks in the financial services sector increased 31% in 2022, while e-commerce attacks increased 29%. In e-commerce, automated bot attacks grew nearly twofold (195%) in 2022, compared to 2021. Almost half of these attacks were focused on e-commerce merchants in the United States, where bot attacks increased by 127% year-over-year. Bot attacks increased 112% in the U.S. gaming and gambling industry, a sector that’s growing due to legalization in more states.
Criminals continue to target the communications, mobile and media industries more than any other sector, according to the report.