Fake ChatGPT apps have been discovered that scam users out of thousands of dollars, according to a report by Sophos, a cybersecurity service company.
Multiple applications have been uncovered that have been imitating legitimate ChatGPT-based chatbots to scam users and overcharge them. Known as Fleeceware, these apps take advantage of app store policy loopholes and coercive tactics to overcharge users for AI assistants.
The apps are prevalent on both Google Play and the Apple App Store. The ‘free versions’ have near-zero functionality and multiple ads which then ultimately coerce users into subscriptions that can cost hundreds of dollars.
The way these apps were designed is to offer users minimal usage upon the end of the free trial aiming that unsuspecting users will delete the app after the end of the free trial and not realise that they are still on a weekly, monthly subscription plan.
“Scammers have and always will use the latest trends or technology to line their pockets. ChatGPT is no exception. With interest in AI and chatbots arguably at an all-time high, users are turning to the Apple App and Google Play Stores to download anything that resembles ChatGPT. These types of scam apps—what Sophos has dubbed ‘fleeceware’—often bombard users with ads until they sign up for a subscription. They’re banking on the fact that users won’t pay attention to the cost or simply forget that they have this subscription. They’re specifically designed so that they may not get much use after the free trial ends, so users delete the app without realizing they’re still on the hook for a monthly or weekly payment,” said Sean Gallagher, principal threat researcher, Sophos.
Based on Sophos’ research, five apps were investigated, all of which claimed to be based on a ChatGPT algorithm. An app called ‘Chat GBT’ surfaced on app stores which was a move by developers to play off the popular ChatGPT name to improve app rankings.
OpenAI currently offers basic functionality for free to users, with a premium paid version for more advanced uses. However, these ‘fake’ apps were charging users anything from $10 a month to $70 a year.
The ‘Chat GBT’ version for iOS charges around $6 a week or $312 a year following a three day free trial. In March alone, the app developers made over $10,000.
These fleeceware apps are usually poorly written and implemented meaning that even after users switch to the paid option, the functionality remains low. The ratings of the app are inflated on the app store through fake reviews.
“Fleeceware apps are specifically designed to stay on the edge of what’s allowed by Google and Apple in terms of service, and they don’t flout the security or privacy rules, so they are hardly ever rejected by these stores during review. While Google and Apple have implemented new guidelines to curb fleeceware since we reported on such apps in 2019, developers are finding ways around these policies, such as severely limiting app usage and functionality unless users pay up. While some of the ChatGPT fleeceware apps included in this report have already been taken down, more continue to pop up—and it’s likely more will appear. The best protection is education. Users need to be aware that these apps exist and always be sure to read the fine print whenever hitting ‘subscribe.’ Users can also report apps to Apple and Google if they think the developers are using unethical means to profit,” said Gallagher.
All apps included in the report have been reported to Apple and Google. For users who already have the app, there are instructions available on the Apple App Store or Google Play store on how to unsubscribe. Deleting the app alone will not cancel the subscription.
Follow us on
