When to Deem Apple Store Activity Suspicious

January 26, 2023

During our third session of Fraud Office Hours, an attendee asked, "At what point do you deem Apple Store activity suspicious or fraudulent?" Watch this video clip and read below to see how Unit21's Head of Fraud Risk, Alex Faivusovich, responded.

How to Detect Suspicious Activity on the Apple Store

"It's really about understanding how your users use your ecosystem, how they use your product, and how they make transactions using the tools you provide to them.

This problem isn’t just specific to the Apple store; in general, big brands that attract many customers also attract many fraudsters. So for a fraudster, they see a big brand as a way (and an easy one at that) to take whatever associated payment method they have and turn it into money.

So when do you deem Apple Store transactions - or another big-name store - to be suspicious? It’s really around understanding how your users use your ecosystems, how they use your product, and how they make transactions using the tools you provide them.

For example, if you have a big customer base in the New York metropolitan area, you can analyze how users buy products at big brands and large chain retailers. You can investigate their behavior and see how they actually interact with these businesses.

You’d expect to see users make large purchases like the Apple Store at certain times throughout their life, but not regularly. For example, someone may buy a Macbook or iPhone once a year, but they won’t make those purchases regularly.

If you can see patterns where users buy from the Apple Store regularly, during certain days, at certain times, and at certain volumes, this may be a red flag for suspicious activity.

If you’re seeing this larger volume of transactions for big purchases at the Apple Store, you can start to see what activity may be criminal. You may even be able to link this to organized crime that is operating within the metropolitan area you’re exploring. If you can pinpoint organized crime operating in this area, then it would make sense that those fraudsters are operating in those stores.

This is where customer segmentation comes into play. If you have brand new users who just onboarded to your platform and the first thing they do is fund the account and then immediately go and use the funded value, that’s probably a red flag of suspicious activity.

If you know your customer base and how they behave, this behavior would likely stand out as an anomaly. While it’s not necessarily illegal, most people don’t fund an account just to immediately go make a large purchase, which makes it worth investigating as suspicious activity.

Most fraud associated with these big brand stores is coming from new accounts. It’s essential to have a good strategy for new accounts and to put added effort into knowing your users. This is challenging for users that you’re less familiar with; with less information on a user it’s harder to understand how they behave.

It’s also important to investigate whether account takeover fraud is associated with these big brands. For example, if some customers lose access to their account, will the fraudster use that access to make purchases from a big brand, such as the Apple Store?

This allows you to associate a non-monetary activity (such as changing the password or a new device) with suspicious behavior. Your team can then create rules that will look for this sequence of events and flag the behavior for you.

The key is understanding how your customers behave and whether or not you have active organized crime operating in those areas. This will allow you to flag potentially fraudulent Apple store transactions and activity."

Looking for more insights? Check out our third session of Fraud Office Hours on-demand for a deeper dive into how you can use technology like Unit21 to uncover suspicious activity.

New call-to-action

Getting started is easy

See first-hand how Unit21
can help bolster your risk & compliance operations