Sophos: there are at least 32 "fleeceware" iOS apps that are abusing App Store free trial...

nanoguy

Posts: 458   +4
Staff member

In a report published this week, British security firm Sophos revealed that more than 3.5 million iOS users have installed "fleeceware" apps, which is a relatively new kind of online fraud that is becoming very popular among people that want to take your money while you are none the wiser.

Most of these apps come in the form of image editors, QR and barcode scanners, image and video filter apps, and anything related to horoscopes and fortune-telling.

The way these schemes work is that they abuse the way trials work on mobile app stores to essentially overcharge users for functionality that is otherwise present in cheap of free alternatives. When these apps flooded Google's Play Store in 2019, it became clear for researchers that it was only a matter of time before this would become just as much of a nuisance for Apple's App Store.

When you download a fleeceware app, you get access to all of its features for a short period of time, and the app gets permission to charge you once the trial expires. And since most of these apps don't offer much value in the first place, many people end up uninstalling the app, at which point they assume they will no longer be charged.

However, the developers of certain apps take advantage of app store policies that allow them to require more work on your part before you can get off the hook. This allows them to still charge your account, which is usually a small one time payment or a cheap monthly subscription fee. Fleeceware apps take this one notch further by asking for exorbitant amounts of money, usually in the hundreds of dollars.

Last year, Sophos found more than 50 fleeceware Android apps that have been installed by no less than 600 million users. And while Google cleaned out all of them after being notified of their existence, new ones have popped up and are able to rival some of the most successful legitimate apps in the number of installs.

The firm says Apple's App Store currently has at least 32 fleeceware apps that operate in the same categories as those found on the Play Store. As soon as the 3-day of 7-day trial ends, these apps will charge $9 per week or $30 per month, which can add up to $468 or $360 per year, respectively.

It also doesn't help that these apps tend to have between 500,000 to 1 million downloads, and one in particular called Zodiac Master Plus is among the top grossing apps. Unsuspecting users can look at these numbers and download them under the impression that their popularity is a measure of their value.

Jagadeesh Chandraiah, who is a malware analyst at Sophos, noted that "app publishers also have the ability to introduce new fleeceware apps by releasing new apps with the same subscription policies, or by converting a previously free app into fleeceware by changing the app’s profile in the App Store, though Apple developer policies prohibit this behavior."

The best way to avoid getting duped is to carefully inspect description pages and reviews, as well as get into the habit of inspecting your account for subscriptions every time you uninstall an app. Below you have the full list of fleeceware apps found by Sophos.

Permalink to story.

 

QuantumPhysics

Posts: 2,698   +2,344
And this is the reason I purchase things online with a Netspend card which I can easily stop or destroy.

I had an issue with one of those fake car warranty companies and I cut them right off. They are still calling me 4 years later trying to get some more money or start a new contract.
 

Fox God Records

Posts: 18   +9
People with real, actual computers understand that just removing the software doesn't remove the agreement. There are try-before-you-buy programs all over the place, and if they force you to offer up payment details before allowing you to download - walk away.

In the alternative, if you really want to try a prepay program, as soon as it is activated, cancel the payment. You'll still have access to the program for the free trial period, and if you like it you can pay for it. If you don't, then you know you won't be charged.

It's called SHAREWARE and it has been around for decades. These kids today, I tell you what...
 
  • Like
Reactions: 0dium

PEnnn

Posts: 383   +312
I am amazed how many people quickly provide credit card numbers before even trying an app....and rely on the goodness of people NOT to charge them at will!!

It used to be you try it without payment. If you like it, you buy it, else uninstall. Then human gullibility and greed took over.
 
  • Like
Reactions: Fox God Records