Google Play is usually a safe place to download Android apps, but it is not entirely free from scams. A new case has come to light where dozens of fake apps appear to have fooled users into seeking services that never existed. These apps claimed to offer access to call history, SMS records, and WhatsApp call logs for any phone number (after users paid). Thankfully, Google has taken them down.
Users needed to unlock call logs (fake) with payment
ESET researchers uncovered the scam, identifying 28 such fraudulent apps available on the Google Play Store. These apps saw cumulative downloads of more than 7.3 million. The researchers refer to this campaign as CallPhantom. They reported all the fake apps to Google on December 16 last year. At present, the Play Store no longer lists those apps.
During the investigation, researchers found that the fraudulent apps could be divided into two clusters. Speaking of the first cluster, the apps included hardcoded names, country codes, and templates in their code. This allowed the app to randomly generate phone numbers and display a preview of the fake call history. If users wanted to unlock the full results, they needed to pay.
Now, for the second cluster, the apps asked users to enter an email address to get the call history. However, the app did not generate data unless the user paid or subscribed. More importantly, in both cases, the details promised were entirely fake.
Researchers say CallPhantom apps used three payment methods. Some apps used Google Play’s official billing system for subscriptions. Others used third-party UPI payment systems. In some cases, apps even comprised direct card payment options.
The fees for the fake service varied across the apps, with subscription plans like weekly, monthly, and yearly options. The maximum price reached about $80 for the highest subscription plan. The CallPhantom apps targeted Android users in India and other parts of the Asia-Pacific.
