Beware ChatGPT curious: Fleece-ware chabot apps.

Sean Gallagher: They're either well-done applications that are actually using the ChatGPT AI. There were very few of those initially. Or they are one of these fleeceware apps.

Dave Bittner: Hello, everyone, and welcome to the CyberWire's "Hacking Humans" podcast, where each week we look behind the social engineering scams, phishing schemes, and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Bittner, and joining me is Joe Carrigan from Harbor Labs in the Johns Hopkins University Information Security Institute. Hello, Joe.

Joe Carrigan: Hi, Dave.

Dave Bittner: We've got some good stories to share this week. And later in the show, Sean Gallagher joins us. He's Principal Researcher with Sophos Xops. We're talking about fleeceware chatbot apps.

Alright, Joe, before we dig into our stories this week, we have a little bit of follow-up here. What's going on?

Joe Carrigan: So, Jon wrote in to say, "Hi, Dave and Joe. I wanted to point out an amazing podcast which relates to your podcast. It's a world-famous psychologist talking about kind of random things with another person. This week they were talking about why people scammed and thought it would be good to share." So the episode -- the podcast is actually "No Stupid Questions." It's part of the Freakonomics network. And I'm a big fan of Dubner and Levitt.

Dave Bittner: Yeah.

Joe Carrigan: So, whenever, you know, they put their brand on this, I guess. But the episode is "Episode 150 - Why Do People Get Scammed?" Check it out. I did start listening to it, it's a pretty good episode. I've enjoyed a lot of stuff from Freakonomics in the past. Read all their books and listened to a few of their podcasts. Also, Jon would like us to know, or would like us to pass along to Elliot that he's caught his wife, a non-tech person, singing the CyberWire theme multiple times even to the kid. So he's pretty sure that's a strong sign of how good it is.

Dave Bittner: Yes, indeed. Yeah, we're lucky for our -- Elliot is one of -- actually, he heads up our audio team.

Joe Carrigan: Yeah.

Dave Bittner: And not only does he do that, but he's an amazingly accomplished musician and he writes all the original music for our shows. So we're very lucky to have him onboard and really upped our game when he joined our team when it came to both audio editing and the tech behind that, but then also having great new theme music. So, happy for that. And happy for Jon and his family for enjoying Elliot's work. That's great. Well, and of course we would love to hear from all of you. You can email us. It's hackinghumans@n2k.com. If there's something you'd like us to consider for the show, send us an email. Alright, Joe, why don't we jump into our stories this week? I'm going a little different avenue this week. I actually came across something on Reddit. So, I guess it's fair to say I lurk in the piano forum on Reddit.

Joe Carrigan: Really.

Dave Bittner: Yeah. I am an amateur piano player. I enjoy playing the piano. I can't say that I'm particularly good at it. But I hold my own. And I'm one of those folks who plays for my own enjoyment and no one else's.

Joe Carrigan: You're not a virtuoso like I am, right?

Dave Bittner: No, that's right.

Joe Carrigan: I can't play a piano.

Dave Bittner: But it relaxes me, helps clear my head if I'm, you know, if I need to spend some time not thinking about the events of the day or what's going on in the world, I can sit down at the piano and just kind of noodle around for a little while and it helps. So I hang out on the piano forum. And this post there came across by my computer and caught my eye. It's titled, "Just ran into the most sophisticated free piano scam I've ever seen." And it says, "Stay safe out there, everyone. Usually these kind of scams are pretty flimsy. They cast a wide net and use pressure tactics to try and snare as many people as they can quickly. Usually I spot them immediately. But this one had me going for a while. First, it originated from a spoofed Facebook account of a real person with a story that I checked out. I didn't know the person, but an acquaintance of mine does and that's how we were connected. Story goes, this 80-year-old woman's husband was a pianist, he died about a year ago, and now she's moving into assisted living and getting rid of his grand piano. She doesn't need the money and would rather see the piano go to someone who would appreciate it." I will just interject here and say that this is not that uncommon a thing these days.

Joe Carrigan: Right.

Dave Bittner: You know, there are a lot of grand pianos out there.

Joe Carrigan: And people are downsizing. And I frequently see free piano ads and I've actually been offered multiple free pianos and have actually accepted a free piano from a friend of mine.

Dave Bittner: Yeah.

Joe Carrigan: It's now at my daughter's house where it lives. It's a spinet. It wasn't a grand or anything. But you know, I would expect that if you were an amateur pianist like yourself or someone looking to get into piano, you could probably get a free piano somewhere online fairly easily.

Dave Bittner: Yeah. It's not hard to do. In fact, that's how I got my piano at home. I actually have a baby grand piano.

Joe Carrigan: Oh, do you have a baby grand?

Dave Bittner: I do. It was offered by a family friend. And I refer to it -- sort of the condition it came to me in, I refer to it as piano as furniture. In that it was beautifully refinished, but the insides, the actual instrument part of the piano was in pretty sad shape. It was a typical, you know, 100 year old piano.

Joe Carrigan: Right.

Dave Bittner: So I did a lot of work on it. I actually pulled the guts out of it. I put digital guts inside of it. And so now it's -- I call it my digital hybrid piano.

Joe Carrigan: I see.

Dave Bittner: But that's a story for another day.

Joe Carrigan: Yes.

Dave Bittner: So, continuing on with this Reddit story here, it says, "People supposedly giving away expensive items is always a red flag, but people do give away pianos sometimes and this is exactly the kind of situation where they would."

Joe Carrigan: Right.

Dave Bittner: He says, "I got a free euphonium a while back in a similar situation, and a friend got a free harpsichord this way. And again, the person they're spoofing is real, and I did some googling and found a matching obituary."

Joe Carrigan: Interesting. What's a euphonium?

Dave Bittner: Euphonium, it's kind of like a smaller version of a tuba. Kind of a -- yeah. It's a big brass instrument. But not as big as a tuba. He says, "So I email her, and it takes a few days to get back, and she says she's had several interested people and wants to know more about me. So we go back and forth a bit until she says I can have it. All of the emails are well written and even have that old person touch of being too formal and letter-like." Yeah, it's true. He says, "Absolutely no time pressure tactics that are typical for these scams." So, you know, so far so good, right?

Joe Carrigan: Right, yeah.

Dave Bittner: Yeah. It says, "But then of course, the ruse breaks down because at some point they have to get me to send money somewhere without actually delivering a piano. It's the usual situation for these scams -- the piano is already in storage with a moving company, so I just need to pay them and they'll deliver it. And of course the company doesn't have a website and there's just an email address to contact. Now, there are some sketchy moving companies that are basically just a couple of guys with a truck and their business professionalism is lacking, so I proceed cautiously while hoping it might still be legit. But they want me to send them money via bank transfer, or various apps with no buyer protection. Now I'm 99.9% sure it's a scam, but just in the off chance that they're really clueless, I ask if I can pay via PayPal, or if I can hire my own movers to come get it out of their storage. To my surprise, they say they can accept PayPal, or they can transfer it to FedEx, and even send me a shipping label with a price quote. But -- they insist on using the 'send money to friends and family' to avoid fees - which, you might not know, is not eligible for buyer protection - and anyone can make a shipping label for FedEx without actually having an item. So yeah, 100% scam now."

Joe Carrigan: I see.

Dave Bittner: They go on to say, "I was genuinely surprised they would go through so much effort and invest so much time in me, and even reveal a bank account number for me to send money to. I had a fun morning of reporting scammer accounts."

Joe Carrigan: Good.

Dave Bittner: So, what do you make of this, Joe?

Joe Carrigan: Oh, this is obviously somebody trying to get money for nothing.

Dave Bittner: Yeah.

Joe Carrigan: I do like the idea, or the -- I don't like the idea. I will say that when they say yeah, you can use PayPal, but you have to use 'send money with friends' to avoid fees, that immediately is a red flag to me.

Dave Bittner: Yeah.

Joe Carrigan: There's a number of different reasons that might be a red flag, but buyer protection being gone is one of them. And back with PayPal you can claw that money back, there's more protection than there is with Zelle or CashApp. With Zelle or CashApp, the money's usually just gone.

Dave Bittner: Yeah.

Joe Carrigan: Which, I think needs change in some way. But I don't know. I don't know the maximum amount you can send with those apps are, I don't really use these apps? I do have a PayPal account. I think I have a Venmo account or something. I don't know.

Dave Bittner: Right, right.

Joe Carrigan: But.

Dave Bittner: It's interesting to me that as this author says, how much energy they put into this specific person. How much energy they put into the scam itself to the point of actually having a matching obituary. So the story stands up to an initial level of scrutiny.

Joe Carrigan: I wonder if they found somebody -- because it says the person, the poster said they found it on Facebook first.

Dave Bittner: Right.

Joe Carrigan: So if they've compromised the Facebook account of an older woman whose husband has passed away, then that would all line up.

Dave Bittner: Yeah.

Joe Carrigan: I mean, that's almost ready-made scam bait right there.

Dave Bittner: Right. The other thing that struck me here is that, for example, you could go through either on a place like Facebook or a place like Reddit, it's not that hard to find piano enthusiasts. And so, you know, that's one step toward making your scam more palatable to them. And it could be anything. It could be motorcycle enthusiasts, it could be quilting enthusiasts. You know, just by targeting a particular group of people. Having them practically hand-delivered to you by virtue of them being a member of a group like this.

Joe Carrigan: Yeah.

Dave Bittner: That makes it much easier for the scammers to do what they're doing, but I'm impressed with the amount of research and time they put into the creating the backstory, and then staying engaged with this person. Good for them for not falling for it. And reporting the scam.

Joe Carrigan: There were more than one person, there is more than one person that responded to this ad, though. And a number of people have been targeted by this scam. And everybody got the same set of emails, I guarantee it.

Dave Bittner: Yeah, yeah.

Joe Carrigan: That's how they, you know, they do the background work. But they only do it once.

Dave Bittner: Yeah. Alright, well we will have a link to that thread over on Reddit if you want to check it out. And of course, as always on Reddit, the comments are both entertaining and horrifying. So.

Joe Carrigan: Right.

Dave Bittner: So, enjoy!

Joe Carrigan: You find some of the best stuff on Reddit, you find some of the worst stuff on Reddit.

Dave Bittner: That's right, that's right. The internet giveth and the internet taketh away.

Joe Carrigan: Yes.

Dave Bittner: Speaking to taking it away, Joe, why don't you take it away and share your story with us this week.

Joe Carrigan: So my story comes from Michael Finney and Renee Koury at KGO in San Francisco. And these are the team at the News7 "7 On Your Side" out there.

Dave Bittner: Okay.

Joe Carrigan: The story is titled, "Wells Fargo bankers tell East Bay customer they're too busy to stop a wire scam." So here's what happened. This Wells Fargo customer, her name is Anyone Booras, or "booh-ras," Booras. And if I'm mispronouncing that, I'm sorry. But she says that -- she's a schoolteacher, so she works in academia. And at the end of school year, things are very busy for schoolteachers. They've got to wrap up the year, they've got to finish a lot of grading. They've got to get stuff in and they have hard deadlines. So they're already taxed. I don't know if she was targeted because she's a schoolteacher or that's just coincidence.

Dave Bittner: Yeah.

Joe Carrigan: I would guess it's probably just coincidence in this case. But I'm sure it didn't help the situation. But she got a phone call, the phone call on her phone said it was coming from Wells Fargo. The caller ID had been spoofed. And somebody asked her, "Are you trying to move $20,000 out of your savings account?" And she said no, I am not. And he said, "Well, then this is definitely fraud, let's get moving." And the man on the phone said, "You better wire $20,000 over to the bank's fraud department where it would be safe." And she said okay, walk me through this, right? So, immediately her amygdala has taken over and she's like I got to protect the money, got to protect the money.

Dave Bittner: Right.

Joe Carrigan: When that was done, he says, you know there's another wire fraud transfer coming in for $5,000. And she says okay. And he says, "Wire the $5,000 to us for safekeeping." What this is doing here is he went for the big fish first, right? The 20 grand. And then he's going to go for smaller increments because he thinks that they're going to get -- that there's going to be -- they're getting as much money out of this person as they can.

Dave Bittner: Right.

Joe Carrigan: So, he says here's another $5,000 transfer coming in, do you have $5,000, can you put $5,000 into the fraud department's wire fund for -- account for safekeeping? And she says sure, sure. And then he says someone's trying to get $3,500 out. And she, I think, I don't know, it's not clear what happened at that point in time. She may have said I don't have $3,500 in there anymore, I just wired everything to you.

Dave Bittner: Yeah.

Joe Carrigan: But she drove to the nearest Wells Fargo branch while the guy was still on the phone with her. And silently, the teller warns her that the thief is actually the guy on the phone. And she has -- she says she has tears running down her face because she just sent $25,000 to this guy. And she pleaded with the bank employees to stop the wire transfers. But to her shock, no one would help. Booras says she was told "I'm sorry, we're all busy. We're backed up with appointments back to back. You need to go to another branch, but we can't help you here."

Dave Bittner: Wow.

Joe Carrigan: Right, wow. Right? I can't believe the level of callousness. And dare I say, rank incompetence on the part of this Wells Fargo branch. This is unbelievable. She says she was dumbfounded. And this is a great way she says it, she experienced a whole other level of rage. Which I can totally empathize with here.

Dave Bittner: Yeah.

Joe Carrigan: She did manage to make it to another branch, right? And when she got to the other branch, they said okay, well we've managed to stop the $5,000 wire transfer. But the $20,000 wire transfer, it's too late. It's gone.

Dave Bittner: Wow.

Joe Carrigan: So, when she went to file a claim for it, Wells Fargo denied her claim for reimbursement saying she had authorized the transaction. And when they called her to inform her, they said no, I'm sorry, Wells Fargo will never call you. And she said, well you just called me. Right?

Dave Bittner: Yes, they did!

Joe Carrigan: So sometimes they will call you, will they not?

Dave Bittner: Brilliant.

Joe Carrigan: So the "7 On Your Side" reporters said, asked Wells Fargo why bankers said they were too busy instead of trying to stop the fraud, and the bank said, quote, "We strive to do all we can to support scam victims. When a customer reports a fallen victim, we take these situations very seriously and provide customer options. Including our fraud claim team contact information." Whoo.

Dave Bittner: Yeah.

Joe Carrigan: Yeah. Thank you, Wells Fargo, that's great. Note the sarcasm.

Dave Bittner: Yeah. I'm just imagining, I mean, imagine -- let's say you and I and dare to say pretty much everybody listening to this podcast right now.

Joe Carrigan: Right.

Dave Bittner: We're all at the bank, we're in the branch. And somebody comes in and they're in this situation and the teller behind the counter says ladies and gentlemen, I have a terrible situation here where this woman is in the midst of being scammed, is it okay with you all if I handle her thing first?

Joe Carrigan: Because it's time sensitive.

Dave Bittner: Right!

Joe Carrigan: Yeah.

Dave Bittner: We would all say please.

Joe Carrigan: Please.

Dave Bittner: Or at least one of us would! You know, I mean, come on! Right! Move this person to the front of the line! How could they do such a thing?

Joe Carrigan: So, the story goes on to talk about a lot of the stuff that, you know, goes on with these scam calls. You know, you should not anticipate that a call that says it come from Wells Fargo is from Wells Fargo. You should never act on inbound telephone calls, all these kind of things. Don't be afraid to end communication with the person who contacted you and take time to do the research. Those kind of things. It's the standard scam stuff. But what really, really irritates me about this is that Wells Fargo essentially dropped the ball or turned their back on their customer. Who was in the process of losing $20,000.

Dave Bittner: Yeah.

Joe Carrigan: Which, I don't know. That seems like a lot of money. I would be furious if I lost $20,000.

Dave Bittner: Right.

Joe Carrigan: I mean, that's not even the kind of money I keep in the savings account.

Dave Bittner: But also, like, that you know, the fact that she went to the other branch and they were able to claw back the $5,000.

Joe Carrigan: Able to stop the second one. Which means in that time, would they have been able to get the $20,000? And I think they would have been.

Dave Bittner: Well, there's certainly a chance. We don't know for sure.

Joe Carrigan: We don't know for sure.

Dave Bittner: Yeah. Didn't help.

Joe Carrigan: But yeah, their delay certainly didn't help.

Dave Bittner: Right, right. And I mean, Wells Fargo has been in the news a lot little for, you know, bad things that they've done. I mean for years now, there's been multiple stories about the bad treatment of consumers and they've been --

Joe Carrigan: Fraudulent account charges.

Dave Bittner: -- and all sorts of things they've been, people's mortgages, and this, you know, and this certainly isn't the way to go about rehabilitating your image with the public if this is how you handle somebody in the midst of a fraud. In the story with the folks with the local affiliate there, the ABC News folks were, you know, a lot of times when they get involved, the organization will then go take the extra step and try to make the person whole. I guess in this case, they didn't do that.

Joe Carrigan: Not yet, anyway. This posted the day before we recorded. Sometimes it takes a week or two. But I've sent an email to find out what they do. I'd like to know. I'd like to keep up with this. But you know, I sent an email to the media team there.

Dave Bittner: Right.

Joe Carrigan: So, you know, if we get an update, well, when we get an update I'll let you know.

Dave Bittner: Yeah. Well, and hopefully this gets more attention and if nothing else, people can you know, shame Wells Fargo into doing the right thing here.

Joe Carrigan: Yeah, they should be doing the right thing.

Dave Bittner: Yeah.

Joe Carrigan: I mean, it's unconscionable to me, when somebody walks into -- it should be your policy when somebody walks in and you see they're in the middle of a scam that you drop whatever you're doing and protect the customer.

Dave Bittner: Right.

Joe Carrigan: You know, protect the existing customer. That should be a priority.

Dave Bittner: Right. And if you're a representative from another bank, you may want to reach out to this person who's clearly searching for a better place with customer service.

Joe Carrigan: Stay with Wells Fargo, if Wells Fargo did this to me, I would be out of there like so fast it would make their head spin.

Dave Bittner: Yeah, sure, yeah, justifiably so. Alright, interesting story. And of course, we would love to hear from you if there's a story you'd like us to cover on the show, you can email us. It's hackinghumans@n2k.com. Joe, it's time to move onto our "Catch of the Day."

[ Soundbite of Reeling in Fishing Line ]

Joe Carrigan: Dave, our "Catch of the Day" comes from Rob, who writes, "Attached is a screenshot of an email my mom received. We were just talking about preparing to repay my student loans and opened a ticket with my provider to get some questions answered. Thankfully, she followed my advice and gave me a quick call before dialing that number. The ticket was opened under my email and not hers, but the timing seemed so strange that even I nearly assumed it was legit. The actual email was sent from a Gmail address, so we knew it was fake. Better than the usual stuff I see. Thanks for the great work you do, Rob." So go ahead and read the contents of this email, Dave.

Dave Bittner: Alright. It says, "Hello, this is Adlay Gurma on behalf of the Student Loan Debt Department. We tried to contact you at your home and did not hear back. Your student loans have been marked as eligible for forgiveness under the new 2023 guidelines. Your case number is 76451 and your file will remain open in my system for only one more day. If you could please give your dedicated eligibility line a call at 888-589 blah blah blah blah blah, we can have this applied immediately. Our office hours are 11 am to 7 pm Eastern time, Monday through Friday. Thank you, Adlay Gurma."

Joe Carrigan: Interesting that it's 11 to 7 Eastern time.

Dave Bittner: Yeah.

Joe Carrigan: Instead of 9 to 5 Pacific time. I don't know why they do that. But I picked this one for a reason. By the way, great voice, bud. Sometimes -- because this one, actually, I picked for a different reason than it being amazing. But you always make them great.

Dave Bittner: Thank you.

Joe Carrigan: The reason I picked this is because it highlights a very important point. All too often we say how could they fall for this, right? How could people fall for these scams? You and I try not to say that, but deep in our minds, sometimes that kind of slips forward. This message most likely by chance landed in Rob's mom's inbox at just the right time. They know payments are about to resume. The COVID pandemic repayment pauses are coming to an end.

Dave Bittner: Yeah.

Joe Carrigan: They know people were calling their loan services. So they're sending these emails out. And they send out millions of them. Some of these recipients are in a process similar to what Rob is in, and they may be less skeptical and call the number. But fortunately, Rob was not. Rob was very skeptical and realized this was a scam. But the timing on this, I'm sure it seemed spooky to him.

Dave Bittner: Right.

Joe Carrigan: It's like when you're driving down the road and a street light goes out. Oh! I mean, it's that kind of level of spookiness.

Dave Bittner: Right, right. It's even spookier when you're driving down the road and every street light you come to goes out. That's a whole different thing.

Joe Carrigan: That has not happened to me.

Dave Bittner: Yeah. Alright, well --

Joe Carrigan: -- has happened.

Dave Bittner: Our thanks to Rob for sending this in. We do appreciate you taking the time. Again, we would love to hear from you. It's hackinghumans@n2k.com.

Joe, recently had the pleasure of speaking with Sean Gallagher. He is Principal Researcher with Sophos Xops. And we're talking about fleeceware that's targeting chatbot apps. Here's my conversation with Sean Gallagher.

Sean Gallagher: My colleagues and I have been keeping a close eye on what we refer to as "fleeceware" for some time. Fleeceware being applications that are designed primarily to enrich whoever is behind them rather than delivering any actual value to the user. It's a trend we picked up on a few years back with some applications that advertise themselves as things like flashlights and things like that. Capabilities within the operating systems themselves or they were free functionality that one could get elsewhere. And they had attached to them these onerous subscription plans. So, a user would install one, possibly use it once or twice, and when the free trial ended, it would find themselves racking up a bill from the app store, whichever platform they were on, if they paid attention to their credit card bill. That went up into the hundreds of dollars per year for apps that they didn't use. So these apps are things that we frequently look out for. We're looking for in the mobile space. What we refer to as "potentially unwanted applications." And I have a couple of colleagues who focus on mobile. Jagadeesh Sandri, who was a co-author on this piece is the one who first started our research on fleeceware. And we were curious about some of the new AI chat apps that were coming out on the app stores over the past few months as ChatGPT got more public attention. And pretty quickly, we found a number of them that, well in fact, in this case, the particular app that we started our research on, my colleague, Andrew Brant found an ad for it in an online publication in a major national news platform. And for the Android version of it. And followed it to see what was going on. And then he forwarded it onto us.

Dave Bittner: Wow.

Sean Gallagher: And so, and most of these applications, we find that they're advertising both through traditional advertising channels, low-cost, you know, double click type ads. Or they're advertising through social media platforms. Especially Tik-Tok. I've seen a number of them advertised in Tik-Tok with influencer ads. Low-cost sponsored Tweets. It'd probably be sponsored. Low-cost sponsored Tik-Tok videos that hype up their capability. And pretty quickly, once you start looking at them, you realize that well, there's nothing, while they're advertised as free, you cannot do anything with them unless you allow for a free trial to start. And those free trials tend to last three days. And once the free trial is over, regardless of whether you've used the application or deleted it, once you've started the free trial, you will then start getting billed for the actual default rate for those applications. Which, on Google, is a per-month charge. On the Play Store, it's a per-month charge. And on the Apple App Store, can be as frequently as a per-week charge.

Dave Bittner: Now, how do these apps make it onto Apple's App Store and the Google Play Store? I would think that they would want to try to keep these things off so their users can have a better experience.

Sean Gallagher: They do, and they have to some degree. Once we started reporting on these a few years ago, they started changing the policies on what was required of an app. But what these apps do, what these app developers do, is they hew very closely to the letter on policies, but they abuse the policy heavily in terms of what they do to implement it. And then, the other thing is that most apps that go into the App Store, they are only screened for security purposes to make sure they aren't attempting to steal private information, aren't doing anything that's against policy as far as accessing the rest of the apps on the user's device. So, these apps are quote, "safe," unquote, because they don't do anything that violates security policy. Very rarely do these apps get viewed for what their actual function is.

Dave Bittner: I see. Well, let's dig into the specific apps that you were talking about here. I mean, they're, it seems as though these are sort of piggybacking onto the popularity of ChatGPT?

Joe Carrigan: Yes, exactly. So, all of these claimed in some way to be based on ChatGPT. They used misspellings of ChatGPT in their advertised names frequently. So if somebody typoed looking for ChatGPT and put in "ChatGBT" or something like that, they would get these as their first returns. They are all claiming to use -- to be official ChatGPT apps. Some of them, they actually are using ChatGPT's API as far as I can tell. Others are using earlier versions of the GPT, large language model, running on their own servers, or they are using some other language model to respond or using canned responses to some degree. There were very few of those. Even just using the ChatGPT API, the ones that we found were using the ChatGPT API in initial usage without enrolling in the free trial, and saying yes, I'd like to be in the free trial, and yes, I will pay for it when the trial is over. The use of them was very limited in terms of what was returned to the user as far as the text that comes back to them. In some cases it was like just one line of text with a "you need to pay to see more." In others, it was you can only get a certain number of responses per day, three or five responses per day, without starting the free trial. And there was lots of advertising popping up and frequent ads to buy the full subscription model that popped up between queries. Also, they all followed other similar techniques that we've seen in fleeceware in that they would ask right away for you to review the app. And --

Dave Bittner: Before you've had a chance to hate it?

Sean Gallagher: Exactly, exactly. And there was also requests for them to track all of the other activities on your phone, all the apps that you're using in your phone, and the websites used on your phone.

Dave Bittner: Wow.

Sean Gallagher: Things like that, that a user if they're just clicking through, might not pay attention to. So, there were all sorts of ways that they were trying to monetize even the least functional use of their apps. And then those things tended to drive people towards starting the free trial.

Dave Bittner: And the free trial runs out very quickly, at which point you're getting billed.

Sean Gallagher: Right, exactly.

Dave Bittner: Yeah. Can we walk through together, I mean, let's say I'm someone who's interested in ChatGPT, I've heard about this thing, I want to check it out. You know, I go visit, let's say in my case, Apple's App Store. And I do a search for ChatGPT. What's likely to come up?

Sean Gallagher: Up until recently, there wasn't an official open AI ChatGPT app. So, when you go into the app store and you type in "AI chatbot" or something like that, you're most likely to get in the return from the search bar on your device or if you look in the App Store on the Mac itself, you're most likely to get apps that fall into one of two categories. They're either well-done applications that are actually using the ChatGPT API. And there were very few of those initially. Or they are one of these fleeceware apps. And there are some well-established chatbot apps that have been out for some time that don't use the ChatGPT API. And those come up as well. Many of those are from other AI companies. But the ones that are offered for free, for the most part, many of them are these fleeceware GPT apps.

Dave Bittner: And what about the reviews? You know, lots of times if you're looking for an app, that's a good place to see if it's legit or not. Have these folks found a way to game that as well?

Sean Gallagher: They have. And there is a large volume of fake reviews that get put onto these. Some of these, I swear they used GPT to write. I think they use GPT to write a lot of these reviews.

Dave Bittner: Okay.

Sean Gallagher: But there are, so there are numerous fake reviews. Many of them less than one or two words. Works great! Or something like that. They're all five stars. Or you know, maximum level reviews. And then very deep in the reviews are the people who actually installed the apps and realized they were crap and gave it one star or two stars. And you have to look for those reviews specifically to find them, to find people who used them and said this app doesn't work, I paid for this and then it didn't work, I paid for this and it's only getting charged, it still keeps interrupting me. Things like that. So, you have to be very careful when you look at something in an app store and you see it's got a lot of stars, a lot of five star reviews, four star reviews. But there's a distorted view of saying if you look at the number of reviews of each type and then you see there are all of these one star reviews, it's important to take a look at those. One of these apps I looked at had an average of 3.5 stars. And that was because they had dozens and dozens and dozens of fake five star reviews. And then everybody who actually used the app had given it a one star review.

Dave Bittner: What are your recommendations, then? For folks who want to try to weave through this and get the actual legit apps, are there any telltale signs here or best practices?

Sean Gallagher: Yes. So first of all, you want to look at the in-app purchases side of things when you go into the App Store. So on both Play and on the Apple App Store, you have to click through to find out what the in-app purchases are, what the subscription plans are, and understand that once you subscribe to one of these things, it's going to be charging you a certain amount every month. Now, and also remember that Open AI offers the same capability for free on their website right now. And you can run it as a web app for free. So you just have to register. So, that should be taken into account to begin with. The second thing is that you should look at the reviews and really look at how many one star reviews there are. Read some of the reviews and see if they make any sense. If you install the app and the app has a different name than the app that it's advertised with, that's another sign. Many of these apps, once you click to install them, they install as something that is named completely different from what the name in the advertisement on the App Store was. And that's a sure sign that somebody has been gaming the system a bit and may have advertised the same app in multiple ways. And then if you do subscribe, if you do start a free trial with something and realize it's not what you want to have, you need to make sure you go into manage your subscriptions on your platform, on the platform you're on, and end your subscription so that you do not continue to pay for these things.

Dave Bittner: Yeah. It's -- it's so frustrating, you know. Because you like to think that one of the reasons that we have these app stores is to make them a bit of a walled garden. But you know, these folks consistently find ways to game the system.

Sean Gallagher: Certainly. And then, you know, on a similar vein, there's other research we've been doing recently around fake applications tied to cryptocurrency scams. Those apps have made it into the app stores as well by posing as having other functionality. And one of the things, the concerns about these apps, is that a lot of them are essentially web applications wrapped as mobile apps. And so they are heavily dependent upon web content sitting some place. So it's a small matter of switching what's going on in the back end a little bit after the application has passed Apple or Google's review to change what is an innocuous app to something that is potentially a malicious application.

Dave Bittner: Alright, Joe, what do you think?

Joe Carrigan: I like it when Sean comes on. I like the reminder, the constant reminder that we should all have, is that the bad guys are looking for opportunities in the news. And the dawn of ChatGPT is no different. When that hit the news, that was big talk.

Dave Bittner: Yeah.

Joe Carrigan: Everybody was talking about it. So these fleeceware guys, there's a market for these. They're no different. They see the opportunity, and they say let's go for it. Fleeceware is an easy model. All you have to do is build some crap app that does something and then charge a lot of money for it. And it doesn't even have to be technically malicious. I mean the only thing that's malicious about it is their pricing model.

Dave Bittner: Yeah.

Joe Carrigan: And these guys go hey, why not make some ChatGPT fleeceware?

Dave Bittner: Right.

Joe Carrigan: And they go ahead and do that. Sophos found an ad in an online publication for a major news platform. That also doesn't surprise me. Because of the nature of the ad networks that are out there. These guys probably just bought the ad on some third party ad service, that then this media company sold some space to through some back-end auctioning. They may not even know, in fact I guarantee you there's no human anywhere that knows, what the chain of process was that that ad came into their system.

Dave Bittner: Right.

Joe Carrigan: It's just such an automated system now, it doesn't involve people anymore. They all have the same, if not very similar business models. You get three days of free trial and then you begin the monthly or weekly billing cycle. They stick close to the policies of the stores. You know, the Apple store or the App Store, the Google Play Store. So they are technically secure apps, right? So they can get listed. Funny that they go for typo squatting. And if I was going to do a typo squatting app on this I'd be ChetGPT. Hey, I'm ChetGPT. Because Chet always sounds like some cool, you know, the guy you didn't like in high school that was way too popular.

Dave Bittner: Right, right. Who had a really cool car.

Joe Carrigan: Right, yeah. ChetGPT. Some of them even went so far as to actually use the ChatGPT API, which I think is pretty audacious. And then of course once you install them, they immediately go to being nagware. Right? Sign up, hey, review us, hey, let us track everything. Yeah, sure, that's a good idea. I don't think I will. Some of these apps are also interfaces to web apps. That's something I think that's a solvable problem if the app stores would enforce it. You know? Making sure the content is more moderated. Maybe it isn't, I don't know, maybe I'm speaking --

Dave Bittner: It's hard to do. It's hard to scale. Yeah.

Joe Carrigan: It is. Because if they're just phishing content or pulling content from the web from some web service somewhere, then that content can change at any point in time and it could easily be replaced with malicious content.

Dave Bittner: Right.

Joe Carrigan: No problem.

Dave Bittner: Right.

Joe Carrigan: Some suggestions on what to do. My suggestion is always look for the tell-tale C distribution. That is lots of five star reviews and lots of one star reviews, but very little in between. So that when you're looking at the reviews, it may have a long five and then a long one and kind of look like a C. You know?

Dave Bittner: Yeah.

Joe Carrigan: The letter C. Sean has a great suggestion. He says check the in-app purchases. And I hadn't ever done this before. So I figured out how to do this, and on Android there's a section called "About This App" where you go and you can see the cost of in-app purchases. And I found one of these fake ChatGPT apps. And its in-app purchases ranged from 7 dollars to 40 dollars. So, that's a pretty big fleecing.

Dave Bittner: Yeah. Especially if it's per week.

Joe Carrigan: Right, yeah. Per week or per month, either way. Well, I mean, per month it would be not much. But another red flag is if an app installs with a different name, that's bad news. And then go to your account and manage your subscriptions. You know, Dave, just this past week I went to my Amazon account and canceled two subscriptions that I was unaware I had signed up for.

Dave Bittner: Huh.

Joe Carrigan: When I signed up for them, I was like yeah, I remember signing up for that. Forgotten about it. Haven't used it. I canceled like 16 dollars of monthly costs for myself.

Dave Bittner: Okay.

Joe Carrigan: It was, you know, not a big win but I like it.

Dave Bittner: No, take your lovely wife out to dinner.

Joe Carrigan: That's right. After about three months I can do that.

Dave Bittner: There you go. Alright, well once again, our thanks to Sean Gallagher from Sophos Xops for joining us. Always a pleasure to have him on the show. And we hope he will take the time in the future to join us once again.

That is our show, we want to thank all of you for listening. Our thanks to Harbor Labs at the Johns Hopkins University Information Security Institute for their participation. You can learn more at harborlabs.com and isi.jhu.edu. We're privileged that N2K and podcasts like the CyberWire are part of the daily intelligence routine of many of the most influential leaders and operators in the public and private sector. As well as the critical security team supporting the Fortune 500 and many of the world's preeminent intelligence and law enforcement agencies. N2K's strategic workforce intelligence optimizes the value of your biggest investment, your people. We make you smarter about your team while making your team smarter. Learn more at n2k.com. Our senior producer is Jennifer Eiben. Our executive editor is Peter Kilpe. I'm Dave Bittner.

Joe Carrigan: And I'm Joe Carrigan.

Dave Bittner: Thanks for listening.