Why Apple Is So Popular With Cybercrooks

Martha C. White, The Big Money

Mac geeks estimate Applepresold 120,000 iPads last Friday alone, but it’s not just aficionados who are gearing up for Cupertino’s next big thing: The iPad is expected to be a target for credit-card thieves and online scammers of all types. Antivirus software company McAfee is already warning consumers not to fall for e-mails or ads promising a free or reduced-price iPad if they enter an address … and a credit card number.

According to the Internet Crime Complaint Center, online fraud of all kinds rose 22.3 percent between 2008 and 2009. Credit-card fraud made up about10 percent of the total number of complaints referred to law enforcement. Last year, companies and individuals lost a total of more than half a billion dollars to cyberthieves, nearly double the amount of losses last year—and a disproportionate share of that was Apple-related.

Why is Apple so popular with scammers? Its business model gives them two different ways to use stolen credit-card numbers. First, electronics are a hot category for thieves.  Of course, Apple isn’t the only company that makes or sells hardware; electronics retailers and big-box stores are also targeted by thieves. Wal-Mart seems to be another popular mark; security experts say overseas scammers gravitate toward it because they’re familiar with the brand name (8,000 stores in 15 countries will do that) and because of the company’s recent foray into more name-brand electronics. Domestic scammers like the Bentonville behemoth because it offers a nearly limitless variety of merchandise that can be bought with a stolen card and either resold on the street or returned for credit.

Electronics are popular with international crooks in part because they’re an easy way to get money overseas. Crooks who want to avoid the scrutiny that comes from schlepping briefcases of cash across borders can essentially treat electronics as currency, using a stolen credit card to buy Apple products or other hot electronic goods and have them shipped to another country where they’ll be resold, employing U.S.-based mules who get a small kickback for their participation. Also, computer hardware is valuable because when thieves get their hands on the newest equipment, they can keep up their end of the arms race with banks, retailers, and other developers of security features aimed at locking them out of the marketplace.

Apple might be particularly vulnerable because of the price disparity between the United States and the rest of the world when it comes to its iconic hardware. This chart shows how laptop prices in Brazil, for instance, can be up to $1,200 higher than they are in the United States. Discrepencies like this can be tempting to black-market buyers and sellers alike.

Citing security reasons, none of the major issuers or big banks would tell TBM just how prevalent Apple-related credit-card scams are, but one bank rep did point out that computers and high-end electronics can be a magnet for thieves because of their high resale value. A Visa representative said it’s up to the issuing banks to target merchants or retail categories for extra scrutiny.

There’s a second reason why Apple could be at risk. When professional credit-card scammers get card numbers, they don’t get just one. They get dozens or even hundreds, of which only a handful might still be valid. One of the easiest ways to test if a number has been “switched off” is to make a small, innocuous purchase. A 99-cent mp3 file of Ke$ha or Taylor Swift does the trick nicely, and the ubiquitous nature of iTunes means such a purchase is less likely to trip an automatic fraud monitor at the card’s issuer. If an iTunes purchase goes through, the thief has the green light. Then, experts say, it’s usually only a matter of hours before the crook goes on a spending spree with the illegally obtained number. A variation on this is for scammers to donate an amount as small as a penny to a charity such as the Red Cross to test whether a card number is working.

Technology has raised the stakes on the cat-and-mouse competition between retailers and criminals, and the data show that cyberthieves display no signs of slowing down. If the iPad turns out to be as much of a blockbuster as Apple hopes, it’s safe to assume the device will play a starring role in online scams for some time to come.