Twenty-five Android apps were detected automatically charging users hundreds of dollars after the trial ended.
Sophos security researchers have discovered a series of “fleeceware” phishing apps installed by more than 600 million Android users.
Fleeceware is a new term that appears. Sophos first used the concept last September when it discovered a new type of phishing app on the Play Store that will charge users after a trial period.
By default, those who accept an app trial need to cancel the trial ahead of time to avoid deducting money. However, most people just remove the application and forget that the trial period remains.
While most applications will consider removal to cancel the trial, fleeceware will continue to count the trial period even if they have been removed. As a result, users are deducted for renewal without their knowledge.
Last year, Sophos discovered about 15 fleeceware applications with extremely simple functions like scanning a QR code or a pocket calculator. All except the user money after a few days of trial to renew with huge amounts from 100 to over 200 USD per year package.
Although the 15 applications were removed, the security vendor continued to detect a series of fleeceware applications with the same mechanism to charge users.
Twenty fleeceware applications were detected this time, most of them with basic functions such as keyboards, messaging, cameras and video editing. In particular, the GO Keyboard Lite application was once discovered sending user keystrokes to the Chinese server in 2017.
According to statistics, more than 600 million users have installed these fraudulent applications, particularly some applications with downloads more than 100 million.
Sophos analyst Jagadeesh Chandraiah suspects that it’s a bogus download, the five-star reviews are also fake to fool users.
On the application introduction page, there are also many warning comments. Some people claim to cancel the trial but still get charged, asking Google and the developer to refund it.
To ensure no unfair deduction, Android users should be cautious when installing applications from the Play Store but only for a few days trial. When signing up for a trial, carefully read the information on the screen to detect suspicious signs. Before downloading the app, you should read the reviews below instead of just looking at the stars.
If you have already signed up for the trial, be sure about the renewal policy. Some apps require email or follow complex instructions to cancel the trial. Take a closer look and send them to Google in case of canceling the trial but the account will still be charged.