More than 3,5 million iOS device users have installed fleeceware applications on their devices, warns British security company Sophos in a post this week.
The term fleeceware is a new addition to the phraseology of cyber security and describes applications involved in a new form of cyber fraud.
How fleeceware applications work
Google and Apple's App Stores allow application developers to create trial applications (free for a limited time).
Users can install these apps to try them out but give permission to charge the amount from their Play Store or App Store account. At the end of the trial period, the user is automatically charged to his card and to continue using the application.
Fleeceware applications benefit from the fact that application developers can charge users even when they uninstall the application from their devices.
Policies in App Stores allow developers to have their own test cancellation steps, and some do not interpret uninstalling the app as a trial cancellation, forcing users to pay or follow complicated procedures.
"As we've seen before, most of these fleeceware applications are image editors, horoscopes, QR code / barcode scanners and face filtering applications," said Sophos mobile malware analyst Jagadeesh Chandraiah, who has been looking for fleeceware applications since last year.
The researcher reports that he has identified 32 iOS apps (see table at the end of this article) that charge up to $ 30 a month or $ 9 a week for simple features that are usually available for free. Some of these amounts seem small, but reach $ 360 to $ 468 per year.
To protect yourself, you should check to see if there is a subscription on your device:
On Android devices:
Open the Play Store and see if you use the right Google Account.
Click on the hamburger menu icon and select Subscriptions.
Select the subscription you want to cancel and click on Cancel subscription.
On iOS devices:
Open Settings, click on your name and then click on Subscriptions.
Select the subscription you want to manage. Cancel Subscription. If you do not see Cancel Subscription, it has already been canceled.
List of applications