Security researchers have discovered a new set of “fleeceware” apps that appear to have been downloaded and installed by more than 600 million Android users. A new set of 25 Android apps were caught illegally charging users at the end of a trial period, due to them being able to abuse the ability for Android apps to run trial periods before a payment is charged to the user’s account.
https://twitter.com/Panda_Lv0/status/1218111252674830336
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
Fleeceware’s deceptive practices border on fraud and violate a wide spectrum of consumer protection laws in most of the Western countries. Such unscrupulous practices are unlawful and should be reported. In the vast majority of cases, users will not have to pay and are eligible to get their money back with some interest and penalties paid by the seller, depending on the jurisdiction. Some countries go further and require scammers to reimburse legal costs to the plaintiff. The problem is that most of those sellers are judgement proof by being insolvent or located in foreign countries without any treaties of international law.
To avoid falling victim to the fraudsters, users should consider using a dedicated credit card with a small limit for buying apps, and carefully monitor charges and immediately report violations to Google, competent law enforcement agencies and consumer protection organizations. Google Store should likewise consider to urgently introduce a better app policing mechanism, to detect and block such applications. Otherwise, one day they risk becoming a defendant in a multi-million class action lawsuit.