Mobile apps now most common method of fraud
RSA Security report highlights the rise in burner devices and rogue apps


An undercover security unit which infiltrates groups of cyber criminals has unearthed an alarming rise in fraudulent transactions carried out via mobile apps.
The findings, published in RSA's latest global fraud report for Q2 2018, found that from 1 April to 30 June, the fraudulent activity carried out via mobile browsers and applications made up 71% of overall fraud transactions, an increase of 16% on the previous year.
The report also highlighted the rise in rogue mobile apps, identifying 9,185 that have become the most common vehicle for attacks, with fraudsters using burner devices and throwaway accounts to carry out their endeavours.
These burner devices or fake accounts used by hackers also contributed 27% of the total value of fraudulent payments despite just 0.4% of legitimate payment transactions being attempted from a new account or device.
A burner device is usually an affordable mobile phone that can be used temporarily until it is deemed 'burned' meaning it is too risky to use. These devices can be purchased with prepaid minutes and without any contracts, allowing the user/users to easily mask their identity. This method of theft is particularly lucrative, with the report stating the average fraud transaction is now valued at $355.
During the undercover operation, the unit also recovered nearly 5.1 million unique compromised cards and card previews from reliable online fraud stores and other sources - a 60% increase in the volume of cards recovered by RSA in the previous quarter.
The report also warned of "human-not-present" fraud, highlighting how autonomous machine purchases will result in new authentication challenges for consumers, banks and merchants who will have to change their behaviour to better manage the risk.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"The modern techno-philosophy seems to be moving rapidly toward increased frequency and depth of automation directed toward tasks that traditionally required human participation, thus giving rise to a new age, one consisting of 'Human-not-present' transactions," the report stated.
Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.
Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.
-
RSAC Conference 2025: AI and quantum complicate security
Organizations are grappling with the complications of adopting AI for security
-
RSAC Conference 2025 was a sobering reminder of the challenges facing cybersecurity professionals
Analysis Despite widespread optimism on how AI can help those in cybersecurity, it’s clear that the threat landscape is more complex than ever
-
RSAC Conference day three: using AI to do more with less and facing new attack techniques
-
"There needs to be an order of magnitude more effort": AI security experts call for focused evaluation of frontier models and agentic systems
News Evaluating the risks of dynamic, evolving AI networks is slow work for cybersecurity analysts
-
Cyber defenders need to remember their adversaries are human, says Trellix research head
There's a growing overlap between nation-state actors and cybercriminals, but these attackers are real people who make mistakes
-
RSAC Conference day two: A focus on what attackers are doing
From quantum to AI, experts discussed how new and experimental technologies could be used by hackers to access and decrypt sensitive data
-
RSAC Conference Day One: Vibe Is 'All In' on AI for Security
News Artificial intelligence took center stage as RSAC Conference looks at how the discussion has moved from generative AI to agentic AI
-
RSAC Conference 2025 live: All the latest from day three
Live blog ITPro is covering RSAC Conference 2025 live – find out all the day-three news right here