
$80k/month App Store Scam - amima
https://medium.com/@johnnylin/how-to-make-80-000-per-month-on-the-apple-app-store-bdb943862e88
======
blhack
This is particularly annoying while my beta is "waiting for review" so I can
have the privilege of giving it to a few beta testers.

How does apple not expect that annoying developers with their app store
process (so much so that things like this exist:
[https://fastlane.tools/](https://fastlane.tools/)), _AND_ charging them 30%
_AND_ apparently not actually reviewing anything about the apps making it into
their store isn't going to eventually drive people away from it?

(Why yes, I am cranky over the amount of hoops I had to jump through to get to
the point of asking apple for permission to put my beta on my co-founder's
iPhone)

~~~
joeld42
You can use HockeyApp ([https://hockeyapp.net/](https://hockeyapp.net/)) or
just get your friend's UDID and build an IPA yourself to distribute the build
to your friend's device, even if he or she is remote.

Testflight is more intended for "semi-open" betas where you only have tester's
email.

~~~
st3fan
_get your friend 's UDID_ \- yes, you can, but there is a 100 device limit.
you can reset that list once a year. it is meant for your team, not for
testers.

~~~
st3fan
See now that the OP talked about co-founder. So that is a good use case for an
Ad Hoc build for sure.

~~~
blhack
Yeah, thanks for the advice everyone.

I'll totally admit that apple dev flow (not writing the software, just how to
get it to run on devices) is completely foreign to me. Concepts like "itunes
connect" (which seems extremely odd to me, since I always thought of iTunes as
a media player, not something I would use for software development) are
confusing.

Figuring it out, though. Thanks again for the advice (and sorry if I
accidentally threadjacked this).

~~~
weaksauce
I am pretty familiar with the hoops and even to me it's pretty much a huge
pain. It's not just you with that opinion.

------
blunte
#1 - Apple has a quarter of a trillion dollars in cash. You would think they
could afford intelligent, reasonable app review teams. Clearly they don't
bother, based on the complaints from honest developers and evidence of pure
scams like this.

#2 - Average computer/phone users are willfully ignorant. I would say stupid,
but that's a judgement call (even though I think it's true). Someone with
knowledge can advise them, but they cannot be bothered with all that fuss.
They'd rather ignore sound advice and push buttons. After all, look at the who
runs the country and the complacence of many of its people.

Have you ever had a friend who was a lawyer? Did you ever get some traffic
ticket and think, "Hey, I'll ask Bob if he can help me handle this!"? I'm
guilty of this once in a while. But "average users" are guilty of doing this
to technical people all the fucking time. And when we advise them of behaviors
to change to avoid future incidents, they nod and agree, but then repeat the
stupid behavior later.

Sorry for the rant, but perhaps it's time to just start replying to
scammed/screwed users with, "Oh wow, that's really unfortunate. I guess you'll
have to go buy a new phone/computer." Maybe that will jar them into actually
using their brains.

* Edit for wine-related typos.

~~~
CM30
Well, they're a tiny bit better than Google when it comes to app reviewing. I
mean, Google Play is literally filled to the rafters with low quality ripoffs
of known franchises that clearly break every copyright and trademark law in
the book, along with the kind of scams mentioned in the article.

But in either case, it seems like the 'submission review process' is far more
minimal than whatever Apple and Google advertise on their websites. Seems like
unless a lawyer/the police/authorities send a take down notice, the companies
don't give a toss about anything resembling quality control.

~~~
blunte
There is some responsibility as gatekeeper of applications (especially if you
make an effort to create a walled garden) to ensure some level of quality. And
as this article points out, Apple obviously made little or no effort (or is
very stupid? I doubt that.)

Consider the potential number of new apps per day to an app store. Now imagine
that each app requires 10-60 minutes of a halfway intelligent human's time to
review. That's not such a huge staff required, especially compared to the
revenue of said app store.

Or let's be generous and reduce the responsibility of app stores to just
police the top 20 or 50 apps. If, daily or weekly, the top 20 apps were
reviewed for quality, that would obviously require a very small staff... and
it would prevent situations like this.

Ultimately, situations like this will result in class action lawsuits (like
the one Amazon dealt with that resulted in them refunding a lot of childrens'
in-app purchases). Perhaps what's happening is that companies decide it's just
easier (organizationally) to handle legal problems than to manage business
better. After all, final settlements tend to be fractions of actual costs to
consumers.

~~~
CM30
I'm more wondering whether Apple and Google's review processes might make them
unable to be protected by safe harbour laws. I mean, there was a case where a
forum type site got in trouble because members had posted illegal content and
the moderation team had apparently approved every submission manually.

So I'm almost wondering whether at one point, we might either see a copyright
holder sue Apple (or Google given Google Play is even worse here) for allowing
infringing apps or the authorities treat them as complicit in fraud.

------
notadoc
How does garbage like this get through the App Store? I thought Apple was
notoriously strict on approvals?

Also, do people still use the App Store? I don't think I have casually browsed
for apps in 5 years or more.

~~~
DanBlake
Years and years ago when we first launched a video chat room app, they denied
it. They said it wasnt allowed to have a listing of rooms. So we simply had
the app request a file from our server on app launch. If the file was present,
we hid rooms. Once we got approved we just removed the file. We kept that up
for a few months but it seemed like after the initial approval apple never
bothered to check again so we just abandoned it after that.

~~~
hellbanner
What was their reasoning "listing of rooms"? I'm somewhat familiar with the
developer guidelines and not familiar with that one.

------
chatmasta
These App Store ads are the Wild West right now. I've seen multiple cases
where I search an exact app name, and that app's competitor has the top "spot"
due to buying an ad. It's like if you searched for Uber and saw an ad for Lyft
above it.

How long will apple allow this? At the very least it should be impossible to
bid on trademarked terms, and no ad should ever outrank an exact match result.

~~~
jasongill
Contrary to what other commenters believe, this is the way that all PPC
systems work - search for "Uber" on Google, Bing, etc and you're guaranteed to
see a Lyft ad.

~~~
ikeboy
just did in incognito and saw an uber ad but no lyft one

~~~
jlarocco
No doubt Uber paid a lot of money for that to be the case...

~~~
Buge
They're paying money so that I don't see ads? That seems quite nice of them.

~~~
jlarocco
Not sure if you're being facetious or not, but they're paying Google to not
show ads for their competitors when a person searches for "uber".

~~~
Pyxl101
As far as I'm aware, that's not something that Google allows you to do. Is it?

It seems more likely that:

\- Other services have decided not to bid on "Uber". It may be more useful to
bid on general keywords like "taxi" or "black car", etc.

\- The price for that keyword is too high to be worth it

\- The performance of the ads is poor such that Google doesn't show them.

\- It's also possible that Lyft _is_ bidding on the keyword "Uber", but only
in certain geographical areas where they're trying to grow their presence.

~~~
idunno246
It's indirect. Lyft sets a max price of $0.05 for an ad placement, so uber has
to set $0.06 to ensure that they get the ad and lyft doesnt.

~~~
omarchowdhury
What's with everyone chipping in knowledge of things they have no clue about?
In your scenario, Google would just put the Lyft ad below the Uber ad in the
search results, not make it invisible.

~~~
pbhjpbhj
What stops Uber from making a third party company that outbids Lyft for the
2nd ad? Presumably it's just not worth it, people click the first ad or skip
to the results?

~~~
omarchowdhury
That is against Google TOS.

~~~
ikeboy
[https://www.google.com/search?q=credit+card+report](https://www.google.com/search?q=credit+card+report)

Ads for both freecreditreport.com and experian.com display, owned by the same
company

------
kennydude
Some keywords need to return help topics instead. If you search "virus
scanner", Apple should tell users their device really doesn't need one

~~~
tyingq
In hindsight, this seems obvious, and a great idea. Are there any "banned
search keywords" now, or is it completely unrestricted? I'm curious if there's
just no mechanism for this at all, or if they just aren't using it when they
should.

~~~
kennydude
I don't think there is, or I haven't come across any

------
_pmf_
One thing of note: the spelling errors are deliberate to let only the most
gullible people through to the last step (improving the odds that the person
in question will not know how to report this as a scam or initiate a
chargeback). The same tactics are used by ads on porn sites[0].

[0] Or so I have heard ... from a friend

~~~
slig
There's a paper from Microsoft IIRC explaining this behavior. I'm on mobile
right now, otherwise I'd find it and link it here.

~~~
fgandiya
This one [https://www.microsoft.com/en-us/research/publication/why-
do-...](https://www.microsoft.com/en-us/research/publication/why-do-nigerian-
scammers-say-they-are-from-
nigeria/?from=http%3A%2F%2Fresearch.microsoft.com%2Fpubs%2F167719%2Fwhyfromnigeria.pdf)

------
downandout
There has got to be more to this story. People would refute accidental
purchases of $400/mo. Perhaps these guys are using tech support scams etc to
drive traffic to this thing, or they're simply using stolen credit card
numbers to setup Apple App Store accounts. Perhaps that's why the spelling and
layout is so bad...it's possible that they don't intend anybody outside of
themselves to actually use it.

~~~
ceejayoz
> There has got to be more to this story. People would refute accidental
> purchases of $400/mo.

There are plenty of folks out there who pay little to no attention to what's
being billed on their cards.

As an example:
[http://www.nbcnews.com/id/14838642/ns/technology_and_science...](http://www.nbcnews.com/id/14838642/ns/technology_and_science-
tech_and_gadgets/t/spent-rented-rotary-phone/)

~~~
gagege
Poor lady. It sounds like she may have been fully aware of what she was
paying, she just never did any research to find out that she was overpaying by
about 500x. Which, is almost as bad as never looking at your bank statements.

------
htormey
wow, I'm pretty pissed off by this. One of my clients is a medical marijuana
startup and we have had to jump through so many hoops to stay compliant with
Apple's random app store rules. We have been rejected on several occasions and
pulled from the app store.

I also had another app that was accepted into the app store then when I pushed
an update release I was informed that my logo had to change because it used
Apple's camera emoji. I only did this because another popular app did the same
thing (down for lunch). In order to stay compliant, I had to change my logo.

I'm fine with said rules existing as in theory they are meant to protect lay
customers from junk like this. How on earth did this thing make it through a
review process that's so hard on some apps?

I wish Apple would apply it's rules and vetting with more consistency.

------
tyingq
I was under the impression that the approval process for the app store was
somewhat rigorous.

How did this app get through that?

~~~
valuearb
Apple is rigorous (I've been rejected close to 20 times). But app review is
also hard, especially when there is a flood of new app submissions every week,
day and hour. Validating that an app does what it says it does isn't really
what App Review is for. Most of my rejections were for how I described a
feature, not how a feature worked.

Also there are ways to defeat App Review. Geo-fencing, time-boxing, etc so
your illegal code never runs during review.

~~~
notadoc
Shouldn't it be a giant red flag to a reviewer when the app is focused on an
entirely fictional premise?

If the app was claiming to grow a dinosaur in your backyard after you pay
$400/mo would it be treated any different?

~~~
bartread
> If the app was claiming to grow a dinosaur in your backyard after you pay
> $400/mo would it be treated any different?

Honestly, that already sounds like a significantly better app than “Mobile
protection :Clean & Security VPN”.

I do agree though. It's quite odd that something as clearly bad and misleading
as this could get past the review stage even assuming timeboxed code and so
forth. That would imply that it would have to do something both useful and
congruent with its description during the review process, and presumably not
be full of spelling mistakes and badly described features. That seems
unlikely.

~~~
megablast
>Honestly, that already sounds like a significantly better app than “Mobile
protection :Clean & Security VPN”.

They are both scam apps, that take your money and give you nothing, so not
sure how that is any better?

~~~
mastax
The dinosaur app doesn't hijack your internet traffic or (presumably) sell
your contacts.

------
microcolonel
You know, it's sad that people are eager to pay Apple nearly a thousand
dollars for a phone, buy an iCloud subscription to go with it, and maybe buy a
MacBook (Pro?); and then content that after _all_ of that money changes hands,
Apple _still_ wants to fill 80% of your screen with an advertisement. Then, if
it wasn't bad enough, they don't vet the advertised applications for basic
legitimacy (meanwhile legitimate apps frequently get caught up in endless
nitpicking at submission).

I get why people do it, but it's sad that they do.

~~~
wayn3
im really happy with my macbook.

its reasonably powerful, doesnt make any noise, has an SSD and is a unix
system without any of the linux haggling.

paying 1k extra for not having to deal with shit was really worth it for me.
certainly made sense from a quality of life perspective.

and im anything but an apple fanboy.

------
kuon
This kind of things make me wonder why I am honest and poor (I mean not rich
to the millions, I am not actually "poor"). I could do scams like this and be
rich by the minute...

~~~
morganvachon
You said it yourself: You're honest. Take pride in that and keep being you.

I have just enough knowledge and just enough free time to maybe pull off one
of these kinds of scams, but two things stop me: One, I have to look at myself
in the mirror every day, and two, even if I set my morals aside, given my
luck, I'd be the one Apple finally decides to make an example out of and sends
the feds to my doorstep.

~~~
smnscu
> given my luck, I'd be the one Apple finally decides to make an example out
> of and sends the feds to my doorstep

This usually has more to do with honest people not being good/experienced at
being criminals, rather than luck.

------
akcreek
How are chargebacks handled on the App store? I would assume a scam like this
will receive a relatively enormous number of chargebacks.

~~~
LoSboccacc
they will threaten to close your account if you chargeback too much.

~~~
jtbayly
I tried to get a refund from Apple once, for a fraudulent app, but I never
heard back. So I disputed the charge with Visa. I thought I'd solved the
problem until Apple locked me out of the app store. The only way to get back
to installing apps (even free ones) on my phone, if I remember right, was to
use a new credit card.

Later on I did successfully get a refund for being charged twice for the same
content when I bought it again on a family-shared device. Free tip: in-app
purchases apparently aren't sharable to the family.

~~~
hellbanner
Counter anecodote: I got a (Mac, not iOS) app refunded within 2 days because
it didn't function as well as I thought it would (email client). No hassle.

------
tinus_hn
I don't understand why such an obvious scam works; Apple keeps the money for a
while so they should be able to cancel the developer account and refund all
users.

~~~
maaaats
Apple earns 30% per scammed user and let the app pass through review. The
implication is obvious.

~~~
vacri
The whole point of the App store and Apple's bragging about it was that you
were in a walled garden, and shit like this didn't happen. It's in their own
interest not to kill their golden goose by allowing this kind of scam in their
garden.

------
endgame
At what point do you say "no, the app store experiment has failed" and give
users control of their own devices?

Never, I guess.

~~~
amelius
We need an extension of net neutrality (app neutrality?)

------
lordvon
I get the feeling that companies like Amazon and Apple purposefully try to
hide as much as possible/tolerable the fact that you are subscribed to
something (specifically, Apple apps and Amazon's Audible). I've spent tens if
not hundreds of dollars towards subscriptions I didn't even know I had, and
I'm afraid this might account for a shocking amount of revenue, as this
article suggests. Microsoft on the other hand seems to let you know when you
are going to charged again (I've experienced this with my office license
subscription).

------
meric
Looks like many of the keywords you can buy Ads for are underpriced. To
advertise for a keyword you need to build can "relevant" to that keyword. It
takes time for legitimate app developers to build apps to take advantage of
those keywords. Until then, the underpricing of ads is taken advantage of by
these "scammers" who build costly non-functional apps and recycle the earnings
into buying ads for them.

~~~
Dylan16807
That won't fix anything. When a scammer is successfully charging 50 times as
much as a legitimate app, they can outbid any real ad.

------
balladeer
And I thought Apple vets the apps (and from what I heard even betas and
upgrades/updates too?) before letting it go live on the App Store.

As a long time Android user (and no I wans't happy for most parts; and I
wanted to taste the iOS waters both as an user and a mobile dev) who recently
moved to an iPhone SE I feel really disappointed.

------
ge96
Haha I thought this was a how to guide initially as a "good entrepreneur" mind
you good to me is subjective, or is it personal. Money is money right? I can't
ask my clients to pay me so I obvs don't support that.

Nice into the rabbit hole though, should see how bad it gets with VMs.

~~~
mark_edward
Are you saying you're a scammer? I'm having a hard time understanding this
comment

~~~
ge96
No I'm not a scammer. I can't even ask my clients to pay me. Most recently
these people got a big SEO audit pdf and I'm the poor bastard that has to do
it for no pay hahaha. They're like "alright so... all these urls and how the
db/pages work? Rewrite them..." and I'm pretty sure I'd break a good part of
it, just because of how expansive the site is. (I'll decline at least on this
part as it's beyond me, like being asked to integrate a PayPal recurring API
payment thing)

Nah they're like my second best client ever but it's still I don't get paid
hourly/"a reasonable fixed price" so no in short form, I have no self respect.

I was scammed once (at least), it was a site that said "Sell your ideas for
money!" hahaha, I "sold my ideas" For a non-refundable fee of $99 and this
also overdrew my bank account.

^^ That reinforces my original thought, I could build a similar "legit looking
site" throw a payment system on there and get some poor schmuck like myself to
fall for it and pay. Good job on me who built that site for say $17.00 and
some time.

edit: I was scammed by this lady (beat up looking face) and this guy, her
"son" or whatever... they were asking for gas but insisted I give it to them
in cash (at the gas station). Yeah I'm pretty stupid.

~~~
mark_edward
I see, i commiserate. I got stiffed for a months work by a recent freelance
client, i empathize. I'm sorry if I slighted you, guess I read the wrong thing
out of your comment.

I hope you don't get scammed in the future.

~~~
ge96
No I'm out of line anyway (talking about clients when I'm publicly traceable),
but it is true regarding not being paid. I've had a great client that actually
paid me hourly but my skills were not up to par though. Mostly I've just been
doing "fixed price" work which can drag on for months. Oh well... hopefully I
build "SAAS" products or something.

No prob I didn't take offense I just talk too much haha

------
fright
While it's frustrating if taken at face value, Sensor Tower's numbers aren't
totally valid. They get the number for a few of my apps really wrong. The
download stats are more or less true, but the revenue can be way off.

------
jitbit
Yeah.

And Apple just rejected my app because it has a 'register free trial' link.
Which is actually free, actually a trial, no CC info asked, no in-app
purchase.

Their response was "if you offering something - you should be using in-app
purchases".

Oh. OK.

------
hellofunk
When I read stuff like this I really lose faith in the human race.

~~~
chinathrow
That's my current feeling looking at the Bitcoin price chart.

------
whyagaindavid
Does nobody from apple read hn? How does one recommend iPhone to NGOs, privacy
activists, other vulnerable people?

------
LoSboccacc
yeah app store quality has dropped to google play levels to the point that one
of ios last, actual, concrete advantage for non technical users is becoming
moot.

~~~
microcolonel
The Mac App Store seems to have been considerably worse than the Google Play
store since inception. I think that the iOS app store is just coming down to
the level of the Mac App Store: barely suitable for distributing Apple's own
applications.

~~~
derefr
They've built an entirely-new store that's shipping with iOS 11, apparently.
Might fix a few things.

------
prodmerc
> I’ve also never clicked on a Google Ad.

I've never done it, either. I clearly remember the only few times I clicked on
AdSense ads - once by mistake, and was extremely annoyed at the results (it
was a sort of list like search results), and 2-3 times to test my own AdSense
ads (yeah, against ToS).

Yet AdSense is raking in billions. I've always wondered who actually clicks on
the ads :D

~~~
giarc
If you are on HackerNews, you probably aren't the typical internet user. I bet
my 60 year old mom clicks on tons of ads without even knowing it.

------
draw_down
There's no way that a huge portion of the blame for this is not Apple's. Some
of the ways they run the App Store were pretty silly starting out, and now
just outright ridiculous.

Little distinction between ads and search results? No filtering or approval
for ads? Scammy $100/week subscriptions for nothing? Meanwhile you're not
allowed to make fun of the presidents elbows or whatever. Come on.

------
kuroguro
Brilliant! Wish I would have thought of that xD

------
timwaagh
finally i can be rich too! too bad i am not an ios dev. these apps are made by
people from 'nam. i doubt you could do this in a civilized country without
getting sued into the ground though.

