What to Be Aware of in 2024
In 2022 alone, the Apple App Store prevented over US$2 billion in potentially fraudulent transactions, as well as rejected nearly 1.7 million app submissions for failing to meet the Store’s high standards for privacy, security, and content. While there are standards in place, however, scams are still an issue that have been recently present on the Apple App Store. From the dangers of fleeceware to ‘cryptoRom’ scams — and how both utilize social media to get to their victims, here’s how you can spot the signs and protect yourself.
The Dangers of Fleeceware
According to Wired, researchers from the security firm Sophos are warning of fleeceware activity showing up in both the Google Play and Apple App Store, “where scammy apps are pretending to offer access to OpenAI’s chatbot service Chat GPT through free trials that eventually start charging subscription fees.” Fleeceware apps, according to Wired, involve getting victims to pay a regular or monthly fee. Apps involving fleeceware are noted to be particularly challenging to ‘stamp out,’ as they don’t feature the invasive and malicious behavior that typically comes along with more obvious scams. Sean Gallagher, a senior threat researcher at Sophos puts it simply, explaining that fleeceware is defined as “something that charges an extraordinary amount of money for a feature that is available freely or at very low cost elsewhere.”
Gallagher explained the prevalence of fleeceware scams online. “I saw multiple ads for these types of apps on social media platforms where it’s cheap to advertise, and sometimes they use tactics like typos in the name — calling the app ‘Chat GBT’ or others — to screen out people who might be a bit more savvy.” According to Gallagher, the scams try to screen out those who would do the free trial, then cancel due to poor quality. “They want the people who are not focused enough to know how to unsubscribe.” In some cases, those who sign up for the subscription may delete the app without canceling payment — thus continuing to pay over time. Carefully managing subscriptions to apps is just one way to identify what you’re paying for, though doing your due diligence regarding the apps you download is also paramount in avoiding such scams.
Crypto Scams Bypass Apple’s Vetting Processes
CryptoRom scams typically begin on dating sites, with scammers attracting their victims via fake dating profiles, according to Infosecurity Magazine. After a rapport is built via unmonitored messaging apps, it’s explained that victims are then persuaded to download the scam app and start trading or investing in cryptocurrency. The 2023 Infosecurity Magazine article highlights two cryptocurrency applications, titled Ace Pro and MBM_BitScan, which were found on both Google Play and the Apple App Store. However, it’s noted that the apps’ presence on the Apple store, which is usually governed by stricter protocols, is what is particularly alarming. “In general, it’s hard to get malware past the security review process in the Apple App Store,” explained senior Sophos threat researcher, Jagadeesh Chandraiah. “That’s why, when we originally began investigating cryptorom scams targeting iOS users, the scammers would have to persuade users to first install a configuration profile before they could install the fake trading app.”
The way that cryptorom scams find their way onto the App Store can be confusing. In the case of Ace Pro, Infosecurity Magazine notes that scammers created and actively maintained a fake Facebook profile of a woman ‘supposedly living a lavish lifestyle in London,’ Sophos explained. It’s further explained that malicious developers connected the app (disguised as a QR scanner) “to a benign remote website when originally submitted to app Store reviewers.” From there, the app is approved — and redirected to an Asia-registered domain, which is linked to the fake trading interface that is designed to resemble a legitimate crypto firm.
The Value in Preventative Measures — and Research
In 2021 alone, more than 95,000 people reported a social media scam, according to the US Federal Trade Commission (FTC). The FTC stated that over a quarter of those who reported financial losses from a scam said that the transaction started with an ad, message, or post on social media. Social media is a major component when it comes to Apple App Store scams, further highlighting the importance of staying safe online. From the use of messaging platforms in cryptorom scams to advertisements found on social media for apps that utilize fleecewear, there’s no question that social media allows scammers to reach their victims with ease. In fact, it’s a tactic that goes well beyond the App Store — business owners, for example, may deal with tech fraud scams that involve ‘tech support’ workers claiming to be calling from well-known companies (who end up defrauding customers to criminals who contact people pretending to be from banks to steal money). Tech fraud results in significant consequences, as both the companies being impersonated and the unsuspecting customer stand to lose financially and reputationally. Paul Davis, the Director of Fraud at TSB, points out that social media and tech companies need to show the same level of responsibility and investment as banks are providing.
Apart from the responsibility of social media and tech companies, it’s imperative to utilize tools on such platforms in order to stay safe. Privating your accounts and refraining from messaging those who you don’t know are just two ways to safeguard yourself against scams. In the case of advertising, doing your research on the app in the App Store before downloading is imperative — scanning the reviews for genuine variety is just one key aspect of this (as many scams will have an excessive amount of five star reviews). Checking online for any reviews or news can also help, especially if it’s not clear on the app store whether or not the application is a scam. If you do happen to suspect a scam via social media or the Apple App Store, reporting it immediately is always the best action to take.
Scams on Apple’s App Store may sound like a nonissue. However, despite the regulations in place, apps with fleecewear and those that involve cryptorom scams have found their way online. By doing your research on the App Store and taking precautions on social media, you can effectively ensure you’re protected from these types of scams.
If you liked this article, please consider sharing it with your friends and leaving a comment below. Also, don’t forget to “Like” us on Facebook, “Follow Us” on Twitter and add the Apple Tech Talk channel to your Apple News app.
And if you haven’t subscribed to Apple Tech Talk, now would be a great time to do it so. Just scroll down to the form below and enter your name and email address. Then you’ll receive a notification whenever we post new articles. Don’t worry, we never sell or share your information. While you’re at it, check out our YouTube channel (here) where you will find video on interesting products any Apple enthusiast would love.
Working as a motoring writer gave Jacqueline Cowell the chance to put her past experience as a mechanic to good use, once she became a mother and decided to stay at home with her two young children. She now puts together pieces for a range of different motoring websites, but in her free time restores classic vehicles with her husband. She is also a regular contributor to Apple Tech Talk.