We stand with Ukraine to help keep people safe. Join us

Tags iOS Security

How To Know You're Being Scammed by a Fleeceware App

By Andriy Slynchuk

Jun 30, 2021
15 min read
Jun 30, 2021
15 min read

Table of contents

Fleeceware is a type of subscription software (usually a mobile app) that comes with hidden excessive fees and charges.  

 

By definition, fleeceware is not malware as it doesn't target user data or an operating system's integrity. Still, it causes financial harm — total damage done by fleeceware amounts to hundreds of thousands dollars per year.  

 

Let's look deeper into the origins of fleeceware, the harm it causes, who it targets, how to tell if you're being scammed by fleeceware, and how to protect yourself from it.  

What is fleeceware?  

When compared to malware like viruses or trojans, fleeceware causes less but more tangible harm by taking the user's money. For instance, expensive paid apps that provide the same functionality as free apps (like calculators or torchlights) are fleeceware. An app that promises a free 3-day trial, then charges you the price of a full 1-year subscription the very next day is fleeceware, too. Any app that uses dark patterns to obscure its real price, overcharge you, sneak in payments that were only mentioned in a fine print, or lie about the payment schedule, etc. is fleeceware.  

 

From a cybersecurity perspective, such actions are not malicious, but it is not ethical behavior towards the app's users, even if someone can afford to waste their money.

 

How did fleeceware get its name?  

The title was created by a Sophos security company in 2019 when their research uncovered 25 apps on Google Play (with combined 600 million downloads) that were scamming the users out of their money while not being malware per se as they contained no malicious code. Similar research on Apple’s App Store uncovered 30+ fleceware apps. Essentially, 'to fleece', means to trick somebody, and that's exactly what fleeceware does. It tricks its users and takes their money.

 

How does fleeceware work?

Fleeceware apps steal your money through hidden subscription fees. They target young users (often kids), the old, or just the less technically savvy who are easily tricked into installing paid apps when they don't know how to find a similar app for free (a $104.99 QR-code scanner, anyone?).  

 

Fleeceware apps are also actively advertised on social media, pulling in users who install them without reading the terms of service or payment schedules. Subscription-based fleeceware apps often wait some time (sometimes a year, but more often — a month or a week) in an attempt to hide charges among other bills and any recurring payments users already have tied to their credit cards.  

What are fleeceware apps?

The majority of fleeceware apps fall into the "entertainment and hobby" categories. For example, these are photo editors and filters, virtual music instruments, tarot card readings, horoscopes, and all other kinds of "fortune-telling" apps. Some fleeceware apps are utilities – PDF or EPUB readers, scanner apps, calculators, etc.  

 

The common factor between them is how they charge users excess fees at the wrong time or not on the schedule they originally promised – unleashing the full price of a yearly or monthly subscription within just 24 hours of what's promised as a free 3-day trial. This behavior breaks the terms of service on the platforms that host these apps, but for whatever reason, they rarely get removed. Usually, fleeceware apps also have an outstanding number of positive reviews left by fake accounts to provide social credibility and high installation numbers.  

 

Fleeceware iPhone apps (examples)

Apple App Store's guidelines for developers who submit their software for review prohibit scams, "unreasonable pricing" and "bait-and-switch" subscription models. However, there are  still numerous fleeceware apps for iOS devices available. A total of 134 fleeceware applications have been identified by Avast on the Apple App Store. Avast also keeps a current list of iOS fleeceware apps.

 

Here are some of the fleeceware app examples for iOS:

  • Pixomatic - Background eraser
  • Facelab - Face Editor & Beauty
  • Fortunescope: Palm Reader
  • Life Palmistry - AI Palm & Tag
  • KeyTune - Custom keyboard
  • Music Zen - Relaxing Sounds
  • Guitar Play - Games & Songs
  • Scanner App - Scan & Sign PDF
Fleeceware on the App Store
Fleeceware on the App Store: you get calming sounds and white noise, the apps get your money. While the meditative music might be copyrighted, white noise can be created through numerous free generators.

Fleeceware Android apps (examples)

In 2020, Google announced the start of the war against fleeceware apps via a blog post by Google's product manager Angela Ying. New policies that make it harder to get malware and fleeceware onto Google Play came into full power in mid-June 2020. Despite these actions, there are still plenty of fleeceware apps available on Google Play. The Sophos security company came up with an Android fleeceware apps list on Google Play Store that only listed those items with an installation count exceeding 100,000. Some of these apps are:

  • Astrofun
  • Easysnap
  • VCUT
  • Face X Play
  • Filmigo
  • GO Keyboard
  • Fortunemirror
  • Z Camera
Go Keyboard fleeceware app variants on Google Play Store
Look at all these variants of the Go Keyboard fleeceware app on Google Play Store!

A total of 70 fleeceware applications with 500 million combined downloads have been identified and reported by Avast on the Google Play Store. They also keep a list of all identified fleeceware Android apps.

3 signs you're being scammed by fleeceware

How to tell if one of your apps is a fleeceware app? Look for these three signs:

  • Unfamiliar charges to your credit card, no matter how small.
  • You've been charged too high (or twice) for in-app purchases, especially if you contacted the app's support and they never reply.
  • An app keeps charging you subscription fees even after you've deleted it and unsubscribed from its services.

In the next section, we'll address what to do if you have been scammed.  

How to protect yourself if you've been fleeced

Often users don't know how to cancel a subscription for a fleeceware app, meaning that the app keeps taking their money. Most developers consider a user uninstalling their app before the end of a trial period as an act of unsubscribing and stop charging the user. However, fleeceware developers don't part with their source of income as quickly. Even if a fleeceware app was uninstalled, the money will still be taken until the user is explicitly unsubscribed. And here comes the interesting part – it's not that easy to unsubscribe from fleeceware. It could be required from you that you can only unsubscribe from the paid services by:

  • Writing an email to an address that bounces your letter back stating that such an address doesn't exist.
  • Calling a landline number during some random working hours – and either no one will be picking up the phone, the line will be dead, or the call itself will result in an absurd phone bill.
  • Via a tracked/recommended snail mail letter that also never gets delivered or returns to you.
  • Via a personal visit – just imagine international travel to unsubscribe from a weather app gone rogue!

So, is there anything you can do to stop being charged by fleeceware? Yes, keep reading.

How to get rid of fleeceware

As we explained above, it's not enough to  delete a fleeceware app from your device — you'll keep getting charges. If the app allows you to unsubscribe, let's start with unsubscribing.

 

To unsubscribe from an app subscription on iOS:

  • Open the App Store
  • Tap your initials in the upper right corner
  • Tap the Subscriptions menu
  • Unsubscribe

To unsubscribe from an app subscription on Android:

  • Open the Google Play Store
  • Tap the hamburger menu icon in the upper right corner
  • Tap the Subscriptions menu to view and manage your signups
  • Unsubscribe

If you are still getting charged after unsubscribing, contact your bank regarding the card set as the payment method in your profile. Either reissue the card or ask the bank to block payment requests from this specific company. Not all banks provide this option, but it's worth a try to avoid reissuing the card. You can use temporary or disposable virtual card numbers when subscribing to suspicious paid apps in the future.

Summary

While only harmful to your finances, fleeceware is easy to fall prey to but very hard to get rid of. To avoid fleeceware, make sure you do your research before installing any lesser-known app. Maybe what you're looking for is not available for free - so check that, too, before cashing out. Read not just the five-star but 1-star reviews, too. If you do need that paid app, only download it from official stores like Google Play or iTunes. You should also consider using disposable virtual card numbers as your payment method.

 

Pro tip: Your data is more valuable to hackers than your money. When fleeceware illegally takes a few dollars here and there, malware can steal your whole identity, financial information, personal secrets, and all the passwords to your online work accounts. To prevent this from happening, you need antivirus software. Clario offers not just antivirus features but live support by security experts, too. Download Clario’s 7-day free trial now.

 

Read more:

Keep reading

White Hat Hackers (and How They Differ From Black Hat, Grey Hat, and Red Hat Ones)

Digital Wellness

White Hat Hackers (and How They Differ From Black Hat, Grey Hat, and Red Hat Ones)
What to Do if You Get Scammed?

Digital Wellness

What to Do if You Get Scammed?
How to Find and Remove Malware on Your Android Device

Android Security

How to Find and Remove Malware on Your Android Device

Your iPhone knows so much about you. Make sure it is secure.

Get started