Nearly two dozen apps in the Google Play store with as many as 600 million users have allegedly engaged in the shady practice, according to research released on Tuesday by security firm Sophos.

The apps include fortune tellers, keyboard apps, and video editors, the company said.

“One reason Sophos wants to create awareness, and highlight this Fleeceware business model, is that this business model can cause significant harm to users, and there’s little recourse,” Sophos researcher Jagadeesh Chandraiah said in a blog post. “The Google Play Store policies are significantly less consumer-friendly than US credit card policies; Those who managed to get refunds have been able to obtain them only with great difficulty.”

Another app called Fortunemirror offers a free three-day trial and then a $69.99 weekly subscription. The app claims to facilitate a “live future reading” via a “hand scan” and delivers a daily horoscope. As of Wednesday afternoon, it was still available in the Google Play store.

“The creators are banking on the bet that you’re a dimwit; the charge is over 60 dollars a week if you fall for the free three day trial trap and forget to cancel your subscription,” writes one user, who gave the app a one-star review in the Google Play Store.

Fortune sent an email for comment to an address listed for the developer of Fortunemirror, but the message bounced back.

This is the second batch of fleeceware apps Sophos has identified. In September, the company shared a list two dozen other apps, including calculators and QR code readers, charging customers $100 to $240 after they had uninstalled those apps.

Sophos said Google removed those apps after they were reported. Google did not respond to a request for comment from Fortune.

Sophos’ study was limited to Google Play and did not include Apple’s App Store. Andrew Brandt, principal researcher at Sophos, said the decision was because, “Apple generally has stricter guidelines and requirements then Google Play when it comes to what apps they allow in their marketplace for download.”

While it’s difficult for consumers to know ahead of time whether an app will fleece them, Sophos listed some clues to look out for. For example, many of the allegedly scammy apps have suspiciously high numbers of installs listed, along with a mix of glowing five-star reviews mixed with bad reviews from customers complaining about being overcharged.  

“Users should read the terms and conditions, especially when it comes to subscriptions and refunds. The user interface elements can be very difficult to read so make sure you understand the terms of the subscription agreement,” Brandt says. “Many of these app vendors also tell you that there’s a 3-day free trial, but Google’s own policies only give you 48 hours after purchase to claim a refund, after which it is at the app publisher’s discretion whether or not they’ll refund the money already collected.”

Users should also be suspicious about basic apps that cost hundreds of dollars annually.

Finally, if all else fails, set a reminder to cancel a subscription before the free trial period is over. But consumers should be sure to cancel via Google Play subscriptions, rather than simply uninstalling the app.

More must-read stories from Fortune:

—Greenpeace ranks China’s tech giants on renewable energy
—Sex tech steals the spotlight at CES
—Why there are so many scooters in Los Angeles
—What a $1,000 investment in 10 top stocks a decade ago would be worth today
—Best of CES 2020? Tech sites’ opinions differ wildly
Catch up with Data Sheet, Fortune’s daily digest on the business of tech.