Apple Blocks Over 2 Million Fraudulent Apps and Accounts in 2025, Preventing $2.2 B in Losses
What Happened – Apple’s 2025 Trust & Safety report reveals that more than 2 million app submissions were rejected, over 1 billion fraudulent account creations were stopped, and $2.2 billion in fraudulent transactions were prevented. The effort combined AI‑driven analysis with human review across 175 global storefronts.
Why It Matters for TPRM –
- Large‑scale app‑store fraud can expose downstream vendors to malicious code, credential theft, and reputational damage.
- Fake developer accounts are a common supply‑chain entry point for credential‑stuffing and payment‑card fraud that can affect partner ecosystems.
- The volume of blocked fraud demonstrates the importance of continuous monitoring of third‑party app marketplaces.
Who Is Affected – Mobile app developers, SaaS providers distributing via the App Store, payment processors, and enterprises that rely on iOS apps for business functions.
Recommended Actions –
- Review any third‑party iOS apps used in your environment for Apple‑store compliance and recent security reviews.
- Validate that your own app‑distribution pipeline includes code‑signing and integrity checks against Apple’s rejection criteria.
- Incorporate Apple’s fraud‑prevention signals (e.g., blocked developer IDs) into your vendor risk scoring.
Technical Notes – The crackdown leveraged machine‑learning models to detect bait‑and‑switch, hidden functionality, cloned binaries, and spam submissions. No specific CVE was disclosed; the mitigation focused on policy enforcement and AI‑driven pattern detection. Source: Security Affairs