What are fleeceware apps and why are they dangerous

Fleeceware apps are a very dangerous and sneaky new type of app. Here's how they work

There's malware, there's spyware, there's adware, there's ransomware and, lately, there's also "fleeceware". Although, to be honest, it's a bit of a mistake to lump fleeceware in with all the other threats to the security of users, their devices and their bank accounts.

The term fleeceware was coined in September 2019 by cybersecurity company Sophos and comes from the union of the English verb "to fleece", which means "to peel" or "skin", but in common parlance is used in the same sense as the Italian "spennare", and the term software. Fleeceware, in practice, is software that fleeces the user, in an economic sense of course. If Sophos has decided to coin a special term it's because it has found enough fleeceware apps, both on the Google Play Store and on the Apple App Store, to group them all in a new category, with a new name. Because, we repeat, fleeceware apps are dangerous for the user, but in a completely different way from the classic apps stuffed with viruses of various kinds.

Fleeceware apps: what are they

As the term implies, fleeceware apps aim straight at the money of the user who downloads and installs them. As a matter of fact they are absolutely "clean" and legitimate apps, we will never find a line of code inside them that could make us think of a virus. The problem with these apps is simply the fact that in a way they "cheat" the user by asking him to pay a sum, sometimes quite high, for absolutely trivial features, which can be obtained for free through other apps.

Most of the time these features are initially free, but become payable (and the payment is automated because the user has authorized it during installation) after a trial period of more or less lengthy. For example, an app to create animated GIFs that is free for the first three days and then scales from the user's account, in one go, 214.99 euros of monthly subscription.

Fleeceware apps: why they are not deleted

These apps are not always removed from Apple and Google stores, despite reports. Because, in theory, there would be no violation of the two stores' policies: if the app clearly says it has a trial period and a cost after the expiration of that period, it is in fact legitimate. It's up to the user to read the terms and conditions well. And it's still up to the user to grant permission for payment after the trial period (otherwise the app couldn't touch our credit card at all). In light of all this, then, it's clear that the only way to defend yourself from fleeceware apps, while waiting for Google and Apple to put official limits on the publication of such apps, is to read very well what the app offers, at what price and after how long you pay.