On the surface, this sounds like an issue that has more to do with user negligence than anything else, but a closer look reveals that several app publishers are abusing the app subscription business model for financial gain. Part of the problem has to do with what constitutes a cancellation. Simply uninstalling a subscription-based app is not enough in some cases.
How to cancel a subscription is not the only issue. Sophos found a large number of apps and app publishers to be overcharging for certain tasks, like QR code scanning. In one example, the security outfit pointed to an app that displays daily horoscopes for $69.99 per week, which works out to $3,639.48 per year. Some apps charge excessive fees for services that can be had for free, such as reverse image searching (Google offers his as a part of its own Search).
"Confusing things even further, some of the apps prompt users to pay for a monthly subscription rate on one screen, and a much different, weekly rate on another screen. It’s impossible for consumers to make an informed choice under these kinds of circumstances, even if they really wanted to pay more than the cost of any but the most expensive new phones each year for the privilege," Sophos says.
According to Sophos, just over two dozen fleeceware apps account for 600 million installations in total. Some of them have been installed over 100 million times (though the install count may have been manipulated in some instances).
Sophos alerted Google to the problem back in September and it responded by removing the offending apps, but "fleeceware remains a big problem on Google Play," the security outfit says. And unfortunately for users who get scammed by fleeceware, there is not much recourse.
"The Google Play Store policies are significantly less consumer-friendly than US credit card policies; Those who managed to get refunds have been able to obtain them only with great difficulty," Sophos says.
Some users who left negative reviews claim they followed the subscription model's rules for cancelling, but were still charged.
Fortunately, Google is aware of the problem and is actively removing fleeceware apps from the Play Store. However, it's akin to squishing fleas from your pet as you spot them—there's some relief, but it doesn't solve the problem. Stay safe out there, folks.