Fraudulent VPN apps for iOS are trying to scam users
Avast discovered and reported three applications that overcharge users, do not provide the services they promote, and appear to be “fleecewares”. The apps are available from the Apple App Store as Beetle VPN, Buckler VPN, and Hat VPN Pro. According to data from Sensor Tower, a company specializing in intelligence and marketing analysis of mobile applications, the applications were downloaded more than 420,000, 271,000 and 96,000 times, respectively, between April 2019 and May 2020.
The apps masquerade as VPN apps, charging US $ 9.99 (just under $ 9) per week for a subscription once their three-day free trial has expired. The apps all have high ratings, ranging from 4.6 to 4.8, and are accompanied by positive reviews, all written in the same way, which Avast considers potentially dummy. Among the glowing reviews are a few comments that warn against these scams. Application privacy policies are also very similar in terms of language and structure.
Avast researchers installed the three apps and managed to purchase subscriptions for each. However, when they tried to use VPNs, the apps only offered paid options again. After trying to buy the subscriptions again, Avast researchers were informed that they already had one and therefore could not establish a VPN connection with any of the applications.
“The fleeceware applications are in a gray area, because they are not malicious in themselves, they simply make users pay huge sums for weekly, monthly or annual subscriptions giving access to functionalities which should be offered at great costs lower. In this case, VPNs are sold for US $ 9.99 per week, or just under nine euros, while reliable VPNs cost ten times less, says Nikolaos Chrysaidos, Director of Security and Mobile Intelligence at Avast. These applications are not malicious; they therefore bypass the filtering processes to be integrated into the official “app stores” that users trust. Many people turn to VPN apps to protect their data when working remotely, which shows how important it is for users to research these kinds of apps before installing them, especially to find out who is behind the product, their background with other services and user reviews, and their experience with security and privacy applications. ”
How can users recognize fleeceware applications?
Fleeceware applications can take any form. The comments related to it often seem fictitious, many users use formulations such as “Sensational” or “I love”, while the authentic comments indicate that the application does not work, or that it charges users. users of large sums without their knowledge. Fleeceware apps typically offer a three to seven day free trial, but they may require users to enter their payment information before the trial begins, and then automatically charge exorbitant amounts after the end of the trial. trial period.
Users must be aware of the terms applicable after the trial period of an application and the amount of fees that will be billed after a free period, in order to check whether these fees will be automatically deducted from their bank card. permanently, unless they cancel the subscription