Two fitness apps, “Fitness Balance” and “Calorie Tracker” were recently found to be charging users without their consent and have been removed from the App Store. These apps had phony positive reviews in the App Store and were displaying pop-ups which prompted users to scan their fingerprint to unlock features. However doing so would result in an automatic charge to the user’s credit card, ranging from $99-139. iPhone X users who had double click to pay enabled were protected against the charge.
Recommendations:
It is recommended that iPhone X users enable “Double Click to Pay” and that all other iPhone users disable Touch ID for payments via Settings, Touch Id & Passcode, and disable “User touch ID for iTunes & App Store”. Victims of this scam can submit a report to Apple.
Resource:
https://www.welivesecurity.com/2018/12/03/scam-ios-apps-promise-fitness-steal-money-instead/