Fleece-ware - cyber crime or not?

Sheepish sheep

 

Fleece-ware

Fleece-ware is a new category of cyber-scam.

It works by having YOU agree to pay outrageous amounts of money for things you are buying online.

It arranges that you agree to pay much more than you thought.

Fleece-ware is different from cyber-crime because much of fleece-ware is absolutely legal.

How does fleece-ware work?

It uses buyers' carelessness, trust and lack of attention to the purchase details to arrange that the buyer will legally agree to pay more than they thought they were paying.

Examples:

1. An app worth about $20 is variously priced at $20.00 elsewhere but in the checkout the price agreed by the buyer is $200.0. It relies on people being unaware, or are overly trusting, thinking something must be a typo - and then still making the legal agreement to pay.

2. Many people don't read the small print or the terms. The terms of an app or product might seem to be $20 but was actually $200.0 might also include in the terms that that amount is  "to be paid monthly". If you pay by Paypal or card and don't notice that a subscription has been set up, that payment will go out every month.

3. You notice they charged you too much and you noticed the subscription so you deleted the app?  However, the payment on the subscription keeps paying out because it was agreed to...

The fleece-ware problem

Malware protection may be in place, firewalls secure, software all up to date.

None of these are a problem for fleece-ware. They do not block fleece-ware.

 

For fleece-ware it is the buyer that is the weak link - the vulnerability


Fleece-ware is typically not doing anything illegal. It asks that a certain price be paid and the buyer agrees to it.

Fleeceware uses standard formats and settings.  Tom Merritt in Tech Republic points out it does this

"to fool you into agreeing to high charges without realizing it until it's too late. For instance, it will give you a free trial with a subscription price of $9 a week, hoping you don't notice that it was a week, not a month. Or, they may charge you $200 a month hoping you'll read it as $2.00."

In most cases, everything is legal.

Fleece-ware preys on the buyer's trust and lack of attention in agreeing to a deal that is more expensive than they think.

Many software companies have tested buyers' lack of attention in their terms of trading - some humorously.

For example, Gamestation apparently included the clause that buyers would be required,

“…to grant Us a non-transferable option to claim, for now and for ever more, your immortal soul. Should We wish to exercise this option, you agree to surrender your immortal soul, and any claim you may have on it, within 5 (five) working days of receiving written notification from gamesation.co.uk or one of its duly authorized minions.”

Only 12% of purchasers ticked the clause to "nullify soul transfer"

(GameStation graciously relinquished their rights to the souls).

Amazon apparently also once had a clause in their terms that negated a section in their agreement,

“However, this restriction will not apply in the event of the occurrence (certified by the United States Centers for Disease Control or successor body) of a widespread viral infection transmitted via bites or contact with bodily fluids that causes human corpses to reanimate and seek to consume living human flesh, blood, brain or nerve tissue and is likely to result in the fall of organized civilization.”

Protection against fleece-ware

The most obvious protection is attention and doing the hard work of reading what is being agreed to!
Other protections include:

  • Cancel as soon as you have discovered a problem.
  • Also cancel any subscriptions for the product
  • Use PayPal or a similar service that offers protection against potentially misleading product advertising.
  • Use consumer protection advice and laws against misleading contracts.

References

https://www.techrepublic.com/article/top-5-things-to-know-about-fleeceware/?ftag=TRE684d531&bhid=28081711049292795333218934793615&mid=12845183&cid=2033187217
https://www.wired.com/story/what-is-fleeceware-protect-yourself/
https://www.groovypost.com/howto/what-is-fleeceware-and-how-do-i-protect-myself/
https://news.sophos.com/en-us/2020/01/14/fleeceware-apps-persist-on-the-play-store/
https://www.securemac.com/blog/what-is-fleeceware
https://www.onelegal.com/blog/fantastic-clauses-hidden-in-contracts-and-eulas/

© 2020 Design Out Crime and CPTED Centre. All Rights Reserved.