App StoreSource: Joe Keller / iMore

What you need to know

  • A security report claims the 3.5 million people have downloaded fleeceware from the App Store.
  • Sophos reports that it has found more than 30 apps considered to be fleeceware.
  • Fleeceware is an app that uses a free trial to sucker people into downloading it, but which often has an expensive subscription if you forget to cancel.

A report from Sophos claims that 3.5 million people have downloaded apps that are considered fleeceware from the App Store, and that it has found more than 30 such apps on iOS.

'Fleeceware' is a new trending type of scam that's been around for a few months now. It involves you downloading an app that you think is free, usually, it comes with a free trial lasting anywhere from a week to as little as three days. At the end of the free trial, a massively inflated subscription price kicks in, and of course if you forget to cancel the free trial, or are unaware of the impending subscription cost, you could end up getting "fleeced" for a lot of money.

From the report:

In this latest round of research, we found more than 30 apps we consider fleeceware in Apple's official App Store.

Many of these apps charge subscription rates like $30 per month or $9 per week after a 3- or 7-day trial period. If someone kept paying that subscription for a year, it would cost $360 or $468, respectively. For an app.

$468 a year to subscribe to an app. Worse than the price though, is the fact that fleeceware apps tend to be nonsense like horoscopes, fortune-telling, and palm readers, as well as QR code/barcode scanners and image editing apps that show you how you would look when you're 80 years old. The report continues:

Many of the fleeceware apps we see are advertised within the App Store as "free" apps, which puts the apps at odds with section 2.3.2 of the App Store Review Guidelines, which require developers to make sure their "app description, screenshots, and previews clearly indicate whether any featured items, levels, subscriptions, etc. require additional purchases."

If you think one of these apps is free and install it, the app presents you with a "free trial" notification immediately upon launching the app for the first time. This notification prompts the user to provide payment card details. In some cases, most of the useful features of the app will only be usable if you sign up for the subscription. Some users may sign up to subscribe without reading the fine print, which includes the actual cost of the subscriptions.

One such listed app, Zodiac Master Plus, is the 11th highest-grossing app on iPhone, and the report estimates it has pulled roughly $500k in revenue. A full table of culprit apps estimates that these apps have been downloaded 3.5 million times (3.68 million to be precise), generating $4.5 million in revenue. Remember as well that in some cases, 30% of that is going to Apple. Users are often targeted by ads that encourage people to download these apps on Instagram, TikTok and more. Furthermore, many of the apps are littered with one-star reviews and complaints about high subscription prices.

The report questions whether these apps are flouting App Store guidelines by failing to advertise clearly that they require a paid subscription to use. Given the massive amount of money that is seemingly being generated, it would certainly appear that many people are falling for this unfortunate tactic.

You can manage and cancel subscriptions within the Settings app on iOS, tap on your name, then subscriptions to manage and cancel subscriptions you might have.

You can read Sophos' full report here.