There has to be another step here that we're missing - such as malware that buys apps for you or subscribes to apps without your knowledge, or uses the App Store to launder money.
I can't see a scam app being a top grosser without something like that.
Scams are deceptive, if it’s completely automatic then that’s just theft. It’s the difference between cashing a fake check at a bank and just pulling a gun and robbing the place.
I can see you are being downvoted but this is literally how this works. People install things and click rapidly thru the startup screens. These apps generally get legal consent from everyone who is billed, they just either didn't read it or forgot to cancel.
A big issue I see is from the switch to Face ID from Touch ID. With Touch ID you actually had to put your finger on the sensor to confirm payment. Now with Face ID that dialog just becomes another OK you accidentally press and your face gets scanned before you even realize what’s happening.
> People install things and click rapidly thru the startup screens.
While this is true, and there are definitely cases of people not reading the text and accepting whatever, Apple has a long way to go here. On the payment screen, the text showing the price and the recurrence is way too small, and they're both located under an eminently-skippable "Policy" paragraph. It's no surprise that users are skipping this user-unfriendly screen.
I can't see a scam app being a top grosser without something like that.