With 600m downloads, ‘fleeceware’ remains an issue on Google Play store

21 Jan 2020

Image: ©PixieMe/Stock.adobe.com

Some of the ‘fleeceware’ apps discovered by cybersecurity firm Sophos include a horoscope app that charges more than $3,600 per year and a GIF-making app that costs €214.99 per month.

Back in September 2019, UK cybersecurity company Sophos discovered a collection of Android apps in the Google Play marketplace which had the sole purpose of overcharging users for mobile apps that provided very simple functionality.

Sophos explained that a number of app developers were taking advantage of a business model available within the Play store’s ecosystem, in which users download and use apps at no charge for a short trial period.

When the trial expires, if the user hasn’t both uninstalled the application and informed the developer that they do not wish to continue to use the app, the developer charges the user.

Sophos wrote: “In the case of a normal app, this might cost only a few dollars, but the publishers or developers of the apps described … routinely charge users hundreds of dollars (or euros, depending on the geographic region in which the user resides).”

A $3,600 horoscope app

The cybersecurity company pointed out that the apps do not appear to be malicious or contain malicious code, but they usually provide a relatively simple service that is available on existing low-cost or free apps.

The first time Sophos published a blogpost about these apps, the company said: “Because these apps exist in a categorical grey area that isn’t overtly malware, and isn’t a potentially unwanted app, we’ve coined the term ‘fleeceware’, because their defining characteristic is that they overcharge users for functionality that’s widely available in free or low-cost apps.”

When Sophos contacted Google in September, the company decided to pull a number of apps from the Play store.

Some of the apps that Sophos described as fleeceware included a GIF-making app that cost €214.99 per month after a free three-day trial expired. Another was a horoscope app that cost $69.99 per week after a free three-day trial, which amounts to the annual cost of $3,639.48.

Nearly 600m downloads

Now, months later, Sophos has published another article about fleeceware and how it remains a persistent issue for Android users. This time, the cybersecurity firm said that a group of fewer than 25 of these apps collectively have nearly 600m installations.

Sophos said: “A few of the apps on the store appear to have been installed on more than 100m devices, which would rival some of the top, legitimate app publishers on Google Play.

“We have good reason to believe that the install count may have, in some cases, been manipulated. But some of the apps, including a popular keyboard app that allegedly transmits the full text of whatever its users type back to China, may legitimately have that many downloads.”

The cybersecurity company said that it wanted to highlight the business model of fleeceware because it can “cause significant harm to users, and there’s little recourse”.

Sophos added: “The Google Play store policies are significantly less consumer-friendly than US credit card policies. Those who managed to get refunds have been able to obtain them only with great difficulty. Some of the unhappy customers who wrote negative reviews claim they even followed the subscription model’s rules to unsubscribe and were charged anyway.”

Advice for consumers

Sophos said that customers need to be extremely vigilant when downloading any app with a free trial, especially if it offers subscription-based charges after a trial ends. The company said that, although nobody likes to read fine print, extra care should be put into reading every detail on the trial prompt.

The company wrote: “It pays to treat apps like this with suspicion. Read reviews before you install the app; keep in mind that app publishers might also be manipulating reviews by filling them with five-star ratings that don’t tell you much.”

Make sure that friends and relatives who aren’t as well-versed in technology are aware that uninstalling an app does not cancel the trial period, as some publishers require an email or ask users to follow complicated instructions to end a trial.

Sophos added: “Finally, even if one of these apps looks great, it pays to search for similar apps from developers and publishers with a good reputation. In most cases, free alternatives abound.”

Kelly Earley was a journalist with Silicon Republic