With so many people working remotely now, and that situation likely to remain for quite some time, VPNs have soared in popularity. Political situations have also caused interest to spike, with Surfshark seeing a 700% increase in sales in the week following China’s announcement that it will undercut Hong Kong’s autonomy.
And VPNs are extremely useful tools for both purposes – and others besides. But watch out, because they’re not all legit.
We already saw back in April how
some free VPN apps can be worse than using no VPN at all and in March that
some apps were stealing your data without you realising it.
Now, there’s another scam to avoid: fleeceware. Researchers at Avast have discovered three apps available on Apple’s App Store which claim to be VPNs but overcharge without providing any sort of service whatsoever. They’re called Buckler VPN, Beetle VPN and Hat VPN Pro.
Collectively, they’ve been downloaded almost 800,000 times in the past month and charge $9.99 per week (around £8) after the three-day trial expires. However, when the team subscribed and attempted to use the VPNs, they were asked to subscribe again, then notified they already had a subscription and were unable to connect to any server.
Check the reviews on the App Store and all three apps have top ratings and the actual reviews are almost convincing if you’re skim-reading. Pay more attention and they are all surprisingly similar, with the same excited tone and occasional nonsense about how the VPN gives you “free Wi-Fi everywhere”. It’s extremely likely they are fake.
More importantly, you’ll see a few scattered reviews warning others of the scam. Because the charges are in-app purchases, you might only notice when you see your bank balance at the end of the month, having forgotten you agreed to subscribe once the three-day trial expired.
Again, if you know anything about VPNs, you’ll immediately spot the danger as $9.99 per week is up to four times more than many reputable VPN services charge per month. And let’s not forget, these apps aren’t even providing a usable VPN service.
A quick look at the privacy policies of the three services (
Hat VPN Pro) shows they are remarkably similar: not identical, but using exactly the same structure. Although the developer name for each app is different, it’s likely that all three are part of the same scam.
Another red flag is that they’re only available on the App Store: you won’t find them on Android, Windows or other platforms.
Hopefully Apple will remove the apps, but at the time of writing they were still there in the US and UK App Stores.
Don’t get fleeced
If you want a good VPN, then check out our recommendations of the
best VPN services. Independent reviews on multiple websites are the best way to find out if an app or service is genuinely good. User reviews, sadly, can’t always be trusted.
Fleeceware isn’t limited to fake VPN apps. It can masquerade as any kind of app and typically offers a short trial before the subscription kicks in – but you have to enter your payment details before you can use the trial.
This isn’t a definitive sign that an app is Fleeceware: plenty of apps and services use the same approach and rely on you forgetting to cancel your subscription before the end of the trial period.
What you should do, though, is to carefully read what you’re agreeing to before paying for any in-app purchase, and setting up your kids’ devices so that they require your approval before they can install an app. Our sister site, Macworld, has a
guide to configuring an iPad for kids.