Android Call History Scam Apps Exfiltrate Payments via Fake Subscriptions on Google Play Store

Timeline

1. 08.05.2026 18:08 1 articles · 10h ago

   CallPhantom fraudulent apps removed from Google Play Store after 7.3M downloads; payments exfiltrated via fake subscriptions

   28 Android apps falsely claiming to provide call history, SMS, and WhatsApp call log access for any phone number were removed from the Google Play Store after collectively exceeding 7.3 million downloads. The campaign, tracked as CallPhantom, targeted users in India and the Asia-Pacific since at least November 2025. Victims were coerced into paying $6–$80 via Google Play billing, third-party UPI apps (including Google Pay, PhonePe, Paytm), or embedded card forms to access fabricated data. Some apps used deceptive exit notifications to redirect users to subscription pages.

   Show sources

   • Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08

   Open in new tab

Information Snippets

• 28 fraudulent Android apps on Google Play Store falsely advertised access to call histories, SMS records, and WhatsApp call logs for any phone number.

  First reported: 08.05.2026 18:08
  1 source, 1 article
  Show sources

  • Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08

• The apps collectively garnered over 7.3 million downloads, with one app alone exceeding 3 million downloads.

  First reported: 08.05.2026 18:08
  1 source, 1 article
  Show sources

  • Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08

• The campaign, codenamed CallPhantom, primarily targeted users in India and the Asia-Pacific region.

  First reported: 08.05.2026 18:08
  1 source, 1 article
  Show sources

  • Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08

• Victims were prompted to pay via Google Play subscriptions, third-party UPI apps (Google Pay, PhonePe, Paytm), or embedded card forms to access the fake data.

  First reported: 08.05.2026 18:08
  1 source, 1 article
  Show sources

  • Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08

• Some apps displayed deceptive exit notifications falsely claiming successful delivery of call history to a user’s email address to coerce payment.

  First reported: 08.05.2026 18:08
  1 source, 1 article
  Show sources

  • Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08

• One app masqueraded under the developer name "Indian gov.in" to enhance credibility and mislead users.

  First reported: 08.05.2026 18:08
  1 source, 1 article
  Show sources

  • Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08

• No legitimate data retrieval functionality was present in the apps; they relied on fabricated entries embedded in source code.

  First reported: 08.05.2026 18:08
  1 source, 1 article
  Show sources

  • Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08

• The campaign is estimated to have been active since at least November 2025 before Google removed the apps from the Play Store.

  First reported: 08.05.2026 18:08
  1 source, 1 article
  Show sources

  • Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08