While iPhone X users would be protected if they enabled "Double Click to Pay", older iPhone users would be charged automatically if they had enough credit or a saved credit card and Touch ID was enabled.
According to reports from Reddit users and from analysis by ESET mobile app security researcher
Lukas Stefanko, these apps contained fake reviews that are meant to make the app appear useful and beneficial.
"Despite its malicious nature, the “Fitness Balance app” received multiple 5-star ratings, had an average rating of 4.3 stars and received at least 18 mostly positive user reviews," Stefanko explained in a
post regarding these scams. "Posting fake reviews is a well-known technique used by scammers to improve the reputation of their apps."
You can see examples of some of these reviews below.