While there have been some questions about the safety and privacy of utilizing AI, a new scam that’s circulating on both the Apple App Store and Google Play store could put some antennas up when it comes to the new technology.
Experts from Sophos News discovered that scammers are visiting both the Android and Apple app stores to con consumers into app subscriptions with the promise of access to the latest AI technology.
What do the scams look like?
The first thing consumers should know is that they likely won’t think they’re being scammed by these apps because they’re free to download. Once on your phone, the app promises access to ChatGPT, OpenAI’s chatbot that can answer just about any question – from homework assignments to website copy, to original manuscripts – the list goes on and on.
While this technology is attractive and exciting for many consumers, and there are subscriptions available, the basic functions are accessible for free online. Scammers are hopeful that unsuspecting app store users won’t know this fact, and after downloading their free app, they restrict all access to any of the app’s features until a subscription is purchased.
In some instances, the app will offer a free trial, which unlocks the AI features that consumers most want to use. However, to utilize that free trial consumers will need to enter their credit card information, which will be used by the scammers the moment that the free trial ends.
“All of the apps were offered as free (with little or no mention of subscriptions required to unlock basic functionality), had aggressive monetization tactics, and came with default subscription rates that were in many cases not in line with the functionality they provided,” wrote Jagadeesh Chandraiah and Sean Gallagher from Sophos News.
Chandraiah and Gallagher found that these in-app subscriptions can run anywhere from $9.99 to $69.99. Often, consumers agree to the terms and end up forgetting to cancel their subscription before their free trial is up or they’re done using the app. Some users delete the app without realizing that it doesn't cancel their subscription.
This leads to consistent monthly – or sometimes weekly – charges that go straight to the scammers developing the apps.
Steering clear of fleeceware scams
Cybersecurity experts call these kinds of attacks fleeceware scams.
David Balaban from CyberTalk.org describes fleeceware as follows:
“Unlike mainstream malware oldies, fleeceware apps do not harm devices, nor do they pose an immediate risk to users’ personally identifiable information. Instead, they bait victims with short-term free trial offers and then overcharge them via expensive subscriptions.”
To avoid falling victim to a fleeceware scam, experts recommend doing extensive research on the app – including reading reviews, regularly monitoring your subscriptions to make sure you aren’t paying for things you aren’t using or have deleted, and reporting any suspicious activity directly to Apple or Google.