I am aware that with Jailbreaking, there are tools such as APCrack or iAP Cracker that are able to purchase in-app purchases without paying.
How would I prevent this?
You have to have a server component that you can withhold from the client if your server contacts Apple's App Store to verify the receipt and the verification fails.