Fleeceware has grown in the last couple of years and has raked in close to $400 million in revenue, but what is it?
Fleeceware isn't a simple threat as in it doesn't have an malicious code in it, it doesn't try to take over your device, it doesn't try and steal personal information. Fleeceware is after your money, but it does it in a sneaky way and when people discover that they are a victim of fleeceware it is often too late.
Fleeceware are apps on mobile phone stores like Google Play and the Apple's App Store that have hidden recurring fees. These apps will target children with their parents phone that have a default payment source set. These apps will often be simple games meant for children or simple utility apps like a flashlight app targeted towards the elderly that will have a clause in the Terms of Service that the app has a free trial but will then start charging each week.
In the case of Apple's App Store, these apps will use the TouchID authorization feature to often trick the user into authorizing payments by looking like they just needed to confirm a minor Terms of Service agreement or a setting.
As for the children, there have been many cases of parents giving their kids full access to devices that have a payment method linked to them and the kids raking up thousands of dollars in charges. Apps that are targeted towards kids will be simple and often poorly made. These games can often mirror other popular and legitimate games and well known franchises like Minecraft and Marvel Superheroes. Kids will install these apps and often unknowingly authorize the payments and soon the parents will start getting charged for the app.
The people that make fleeceware will also often utilize fake reviews to boost the rating of the app and to hide the negative reviews that are trying to warn people of the scam. To look for fake reviews, look for some minor details in the review like very general language like "This is the best!" or "Great" being the entire review. Also look at the date that the review was left if you notice that a majority of the reviews were left on the same day, chances are that the reviews are fake.
Another reason why fleeceware can be tricky is because simply deleting the app from your phone won't often stop the payments. To stop the payments you will have to go into the subscription settings with in the appropriate app store can cancel the subscription to the app, and that process might not be something everyone is aware of, like children or the elderly.
To protect yourself from these apps, make sure to triple check the apps you download and to make sure they are from reputable developers. The developer's name is often included in the app's store page. Also look out for fake reviews by looking for the details previously mentioned.
To protect your kids from falling for this, when you give them access to a device make sure that device has automatic payments disabled or better yet, no payment methods linked to the device. Also monitor your child's device usage and enable parental controls on the device that they are using.
Comments