Post

Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads

Posted
By ictsec.pl
1 min read
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads

🚨 Fake Call History Apps Exposed! 🚨

Cybersecurity researchers have uncovered fraudulent apps on the official Google Play Store that falsely claimed to provide access to call histories for any phone number. These apps tricked users into subscribing to services that offered fake data, leading to financial losses.

The 28 apps have collectively amassed over 7.3 million downloads, with one app alone accounting for more than 3 million downloads before being removed from the store. This operation, dubbed CallPhantom by Slovakian cybersecurity firm ESET, primarily targeted Android users in India and the broader Asia-Pacific region.

What Happened? 🤔

The offending apps promised access to call histories, SMS records, and even WhatsApp call logs for any phone number. Users were asked to pay to unlock these features, but instead, they received randomly generated data. One of the flagged apps was published under the misleading developer name “Indian gov.in” to create a false sense of trust.

Payment Methods 💳

Payments were processed through Google Play’s official billing system or third-party apps supporting the Unified Payments Interface (UPI), widely used in India. This includes popular platforms like Google Pay, PhonePe, and Paytm. Unfortunately, users who subscribed via third-party payment methods may not be eligible for refunds from Google, leaving them reliant on external payment providers.

Notable Findings 🔍

The apps featured simple user interfaces and did not request sensitive permissions, making them appear harmless. They lacked any real functionality to retrieve call, SMS, or WhatsApp data, further highlighting the deceptive nature of these applications.

Related Fraud Campaigns 💰

In a related note, Group-IB reported that bad actors have stolen an estimated $2 million from Indonesian users through a fraud campaign posing as trusted brands. This campaign, which began in July 2025, involved phishing websites and social engineering tactics to compromise devices and execute unauthorized transactions.

For more details, check out the full article here: Read full article

CYBERSECURITY
FAKE APPS CYBERSECURITY ANDROID FRAUD PAYMENTS
This post is licensed under CC BY 4.0 by the author.