Ever install a free app on your iPhone or Android only to be met with countless ads or limited features unless you pay for a subscription? Then you may have already experienced fleeceware.
Fleeceware apps trick users into paying a subscription fee in order to gain full access to an app’s features, even though these “features” are completely basic and can be found for free in other apps. Using free trials and fake five-star reviews, fleeceware app developers lure unsuspecting users into buying subscriptions that can be worth $9 per week or even $240 per month.
These low-quality apps overcharge users for basic functionality and developers still make a profit even if users delete these apps. Found on the Apple App Store and Google Play Store, fleeceware apps can end up costing you a lot of your hard-earned cash.
Wondering what is fleeceware and how to get rid of it? We’ve got you covered below.
- Ransomware attacks explained: What is it and how to prevent it
- Adware explained: What is it and how to remove it
What is fleeceware?
Fleeceware is a subscription-based mobile app that overcharges users for basic functions and features. Found on the Apple iOS App Store and Google Play Store, the apps can range from photo editors to QR code readers and are free to download. The apps don’t contain malicious code like adware or ransomware but have malicious intent.
Fleeceware app developers often block their app’s content through intrusive ads, limited functionality or trial periods. They hound users with notifications to upgrade to a paid subscription to give users full access to the app’s features. However, these features are generally basic and can be found for free in other apps.
Coined by the security firm Sophos, fleeceware takes advantage of users not realising they continue paying for the app’s subscription. Even after the user deletes the app, they will continue to be charged for the service until they have told the developer they want to unsubscribe.
Using promotional campaigns on social media platforms, fleeceware app developers attract unsuspecting users into visiting the app’s listing page. There, the user will be met with glowing five-star reviews and over 100 million install counts. These are fake and generated through illegitimate means, getting the user to trust and install the app, along with boosting its app store search rankings.
These nasty apps are ones you don’t want to download, so make sure you know how to remove them.
Is fleeceware malware?
Fleeceware can be seen as a type of malware, even though it isn’t. The apps are software with malicious intent (malicious software), but they don’t have code to disrupt, damage or gain unauthorized access to a device. They are simply used to gain as much money out of a user by charging an excessive amount for basic tools and features that can be found in other apps for free.
Since it’s not malware, the fleeceware app developers have an easier time making their way past Apple and Google’s strict app platform security, as these apps don’t alter a device’s software or try to access private information. Nevertheless, that doesn’t mean they aren’t scamming users.
What is Apple and Google doing about it?
Despite Apple and Google having strict guidelines to stop malicious apps and fraud attempts, fleeceware apps are usually accepted since they don’t access personal information or use malware to evade security and infect the device.
Fleeceware apps also benefit the store owners since Apple and Google get a cut of the sales. As Sophos states, “In the case of Apple, that’s 30% in the first year and 15% from the second year. As a result, there’s little financial incentive for Apple or Google to remove them despite their near-zero functionality and abuse of stores’ reviews systems to artificially boost their credibility.”
That said, Apple and Google are taking steps to start removing known fleeceware on their app markets, such as the fake ChatGPT apps using fleeceware to scam users. In April 2020, Google introduced new policies for app developers in order to minimise the amount of fleeceware apps on the Play Store, and Apple has reinforced is policies to get rid of them.
Apple’s App Store team may have protected users from 1.7 million malicious apps, but some slip through the cracks. This includes fleeceware apps, and there are many clones. That’s why it’s a good idea to know what to do if you encounter one.
How do you remove fleeceware?
Fleeceware relies on the user to delete the app and forget they have a subscription to the service. With this in mind, removing fleeceware is simple; all you need to do is unsubscribe from the app by using your iPhone or Android device.
How to unsubscribe on iPhone
1. On your iPhone, open the Settings app.
2. At the top, tap your name.
3. Select Subscriptions.
4. Choose the subscription linked the the fleeceware app you wish to unsubscribe from.
5. Tap Cancel Subscription.
How to unsubscribe on Android
1. On your Android, open the Play Store app.
2. At the top, tap your picture profile.
3. Select Payments and subscriptions.
4. Tap Subscriptions.
5. Choose the subscription linked the the fleeceware app you wish to unsubscribe from.
6. Tap Cancel subscription.
Use antivirus software to protect your device
Fleeceware doesn’t use any malicious code, meaning security software may not recognise it as a threat. However, the best antivirus software can still pick up on apps that are out to get you.
There are many free malware removal apps that will dispatch malicious software on your device, but it’s a good idea to make sure these tools are trustworthy, as hackers can also disguise these apps on the Apple App Store or Google Play Store to deploy even more malware.
The best antivirus apps come with a suite of security features that can get rid of virus, malware, ransomware, spyware or any malicious software that burrows into your device. Some antivirus software, such as Bitdefender, offers security subscriptions specifically for devices such as an iPhone or Android, making it a more cost-effective option.
We recommend free apps from known cybersecurity companies, including Avast One, AVG and Malwarebytes Mobile Security. These will detect and remove malware on your device. Check out our thoughts on each antivirus below.