Turning Off 'Automatic Renewal'
Two ways to prevent the accidental extension of a paid subscription
I apologize for taking up your time with administrative detail. However, a problem that recently vexed an old friend leads me to address the issue of the automatic renewal of paid subscriptions.
Substack makes it difficult for subscribers to opt out of ‘automatic renewal’. Indeed, in order to avoid the self-activated extension of your paid subscription you must either push the button marked ‘cancel’ or ask the Substack author in question to turn off ‘auto renew’.
Pushing the ‘cancel’ button on a paid subscription does not deprive a reader of the services he has already paid for. Rather, he will retain the ability to see beyond the paywall until his subscription has run its course. Nonetheless, fear that ‘cancelling’ a subscription will result in immediate loss of access creates a reluctance to press a button that bears that word. At the same time, in a relationship as immediate as the one that connects a Substack reader to a Substack author, ‘cancelling’ a subscription can seem like the sort of personal rejection that people prefer to avoid.
With these things in mind, I am happy to wield my power to turn off automatic renewal for any subscriber who requests it. So, if you would like me to do this, send an e-mail message to oninfantry@gmail.com with ‘turn off auto-renew’ (or words to that effect) in the subject line and the e-mail address that is linked to your subscription.
Moreover, if your subscription has been renewed automatically in a way that fails to accord with your desires, please use the same e-mail address to let me know and I will arrange for an immediate refund.
I very much appreciate the people who take out paid subscriptions to my newsletters. At the same time, I have no desire to take money from people who, having concluded that the material behind our paywall failed to provide sufficient value, simply forgot to cancel their subscriptions in time.
I have been (but am no longer) a paid subscriber to many dozens of Substack accounts. Via the Substack platform, my credit card (and other subscribers' credit cards) was fraudulently charged in early July for many hundreds of dollars by a criminal who had perpetrated identity theft when he stole the cellphone of Dr Reid Sheftall of the "First Principles" Substack. That criminal used the info on the cellphone to take over Dr Sheftall's emails, Twitter/X account, bank accounts, and eventually Substack account. Dr Sheftall wrote, in a comment to his own Substack in January of this year, that he was unable to reach anyone at Substack (no actual person answering the phone) to try to get help to regain control over his Substack account.
Here's why I am not going to pay any more money to Substack (and thus to any content creator) once one of my content creators had his identity stolen. The identity thief sent out an (obviously fraudulent) email in June to all the subscribers of "First Principles," asking for donations. I immediately filed a complaint with Substack's Standards & Enforcement team, forwarding the email and providing evidence of the identity theft (including Dr Sheftall's new X/Twitter account that details the identity theft and even shows how the thief was able to put his mug on a new driver's license and obtain a passport).
This is when Dr Sheftall first notified us of the identity theft: https://drreidsheftall.substack.com/p/i-have-been-through-hell
This is his new Twitter/X account. I don't have an X account, so I use xcancel.com -- https://xcancel.com/GReid27295/with_replies
In short, Substack was supplied with all the evidence they would need to investigate the identity theft, plus the photo of the thief, and the *real* Dr Sheftall's face is easy to identify from the original photo Dr Sheftall used for this Substack account and from the decades-old videos showing Dr Sheftall from Youtube. I asked Substack in June to freeze Dr Sheftall's account because it was being used to send out fraudulent email requests for money, and to send out emails to subscribers, warning them of the report of the account being taken over by the person who stole Dr Sheftall's identity. All Substack had to do was to ask the person who now controlled Dr Sheftall's Substack account to forward a currently dated photo of himself.
What did Substack do? Oh, I was told that they take all these types of reports "seriously," and that they would investigate it. I received no further response from Substack, although I had told them they needed AT LEAST to send an email to all subscribers of Dr Sheftall's Substack to warn them of the report that his Substack had been taken over by an identity thief.
But Substack did nothing. The following month, this July, my credit card was charged with hundreds of dollars of fraudulent charges, and my renewal for the Substack didn't come up until March of 2026. Another paid subscriber sent a comment to Dr Sheftall's last Substack posting that her credit card had been hit for $700 and $400, both obviously fraudulent charges. So, "content creators" are able to generate invoices for ANY AMOUNT THEY WISH and to hit credit cards via Stripe AT ANY TIME THEY WISH, EVEN BEFORE THE RENEWAL DATE COMES UP.
So, the Substack platform is WIDE OPEN FOR FRAUD, and I found out that Substack is not going to do anything about it. I was actually informed by Substack, after I gave them proof of the fraudulent charges, that on their end, they saw nothing pointing to Dr Sheftall's Substack being compromised! So much for their investigation. I then sent them a SUBSTACK-GENERATED receipt showing all the obviously fraudulent charges for this Substack account, and asked them what about this evidence don't they understand. I asked to escalate my complaint to a senior manager, and it took them almost a month before some guy named "Landry" (even though I had requested a full name and title) replied. Again, Substack tried to blame Stripe for these fraudulent charges, even though I had already pointed out that I am a customer of SUBSTACK, and that I log into SUBSTACK, input my credit card into the SUBSTACK platform, the SUBSTACK platform indicates when my renewal time is, and it is up to the SUBSTACK platform to ensure that the credit card I have inputted into the SUBSTACK platform is not used fraudulently. What is stated on my credit card charges is SUBSTACK, not Stripe. I am not a customer of Stripe, but of Substack, and Substack has an obligation to have proper safeguards in place so that their platform isn't used by "content creators" to generate fraudulent charges.
Of course I canceled my credit card as soon as I saw that it was being used fraudulently. As each of my many dozens of paid subscriptions comes due and my "old" card inputted into the Substack platform won't work, I will be informing the content creators why I am not going to renew and give any more money via the untrustworthy Substack platform. Substack has made it clear that they will do nothing on their part to close the loophole in their platform that allows authors of Substack accounts to generate fraudulent charges. Obviously Substack doesn't care about those fraudulent charges, because they get their 10% from them. They apparently (as of now) have no incentive to protect their customers.
I am hoping that some of those dozens of paid authors will ask Substack why they won't do the necessary work to their platform to prevent "content creators" from being able to generate credit card charges in any amount and at any time (well before the year anniversary renewal time), as this criminal was able to do. Once that information gets out, there may be many hundreds of "new" anonymized Substack content creators who set up accounts specifically to fraudulently access credit cards, for an eventual "hit and run".
I will go ahead and file a complaint with Rob Bonta, the Attorney General of the State of California Dept of Justice (Substack is headquartered in San Francisco), because customers of Substack have a reasonable expectation that Substack act in good faith by taking the steps necessary on their platform to safeguard customer's credit cards from fraudulent charges.