In a recent revelation, the CallPhantom apps amassed an impressive 7.3 million installations from the Google Play Store, yet the experience for users was far from satisfactory. Those who opted to pay for the promised information found themselves on the receiving end of nothing more than randomly generated data, devoid of any legitimacy.
Unveiling the Deception
ESET, a partner in the App Defense Alliance, uncovered the troubling nature of these applications and promptly reported their findings to Google. In response, Google acted decisively, removing the implicated apps from its platform. However, the challenge arose as some of the 28 identified apps had circumvented the official billing system, complicating the process of issuing refunds to affected users.
Last December, ESET’s investigation began with an app named Call History of Any Number, which falsely claimed to provide users with call histories for any phone number. Despite the misleading developer name, Indian gov.in, there was no affiliation with the Indian government.
Fabricated Data at a Price
The findings revealed that the call histories purportedly generated by the app were nothing more than a fabrication. Each app produced random phone numbers, which were then paired with fixed names, call times, and durations embedded within the code. Users, after paying for the service, received this misleading data, all while the app’s Play Store listing showcased a deceptive screenshot designed to lend an air of authenticity.
Ultimately, ESET identified a total of 28 related apps within the Google Play Store, all of which were reported on December 16, 2025, leading to their removal from the platform. Despite their varied designs, ESET noted that these apps shared a common objective: to generate fictitious communication data and charge users for access.
Targeting a Vulnerable Market
The CallPhantom apps primarily targeted Android users in India, the world’s second-largest smartphone market. Many of these applications featured the country’s +91 code pre-selected and utilized a payment system known as UPI, which is widely used in the region.
For those considering downloading apps from unfamiliar developers, it’s advisable to scrutinize the comments section. In this instance, users who had previously installed the apps raised red flags, warning others of the fraudulent nature of the service. One comment succinctly pointed out that the app was a scam, providing random names instead of genuine call histories.
Tricks of the Trade
Further complicating matters, the apps employed tactics to entice users into paying for the non-existent data. If a user attempted to exit the app without completing a payment, they would receive a fake email notification indicating that their call history results were ready. Clicking on this notification redirected them to a subscription page, where prices ranged from €5 to a staggering USD.
28 Android apps delivering bogus information were installed 7 million times from Google Play Store
In a recent revelation, the CallPhantom apps amassed an impressive 7.3 million installations from the Google Play Store, yet the experience for users was far from satisfactory. Those who opted to pay for the promised information found themselves on the receiving end of nothing more than randomly generated data, devoid of any legitimacy.
Unveiling the Deception
ESET, a partner in the App Defense Alliance, uncovered the troubling nature of these applications and promptly reported their findings to Google. In response, Google acted decisively, removing the implicated apps from its platform. However, the challenge arose as some of the 28 identified apps had circumvented the official billing system, complicating the process of issuing refunds to affected users.
Last December, ESET’s investigation began with an app named Call History of Any Number, which falsely claimed to provide users with call histories for any phone number. Despite the misleading developer name, Indian gov.in, there was no affiliation with the Indian government.
Fabricated Data at a Price
The findings revealed that the call histories purportedly generated by the app were nothing more than a fabrication. Each app produced random phone numbers, which were then paired with fixed names, call times, and durations embedded within the code. Users, after paying for the service, received this misleading data, all while the app’s Play Store listing showcased a deceptive screenshot designed to lend an air of authenticity.
Ultimately, ESET identified a total of 28 related apps within the Google Play Store, all of which were reported on December 16, 2025, leading to their removal from the platform. Despite their varied designs, ESET noted that these apps shared a common objective: to generate fictitious communication data and charge users for access.
Targeting a Vulnerable Market
The CallPhantom apps primarily targeted Android users in India, the world’s second-largest smartphone market. Many of these applications featured the country’s +91 code pre-selected and utilized a payment system known as UPI, which is widely used in the region.
For those considering downloading apps from unfamiliar developers, it’s advisable to scrutinize the comments section. In this instance, users who had previously installed the apps raised red flags, warning others of the fraudulent nature of the service. One comment succinctly pointed out that the app was a scam, providing random names instead of genuine call histories.
Tricks of the Trade
Further complicating matters, the apps employed tactics to entice users into paying for the non-existent data. If a user attempted to exit the app without completing a payment, they would receive a fake email notification indicating that their call history results were ready. Clicking on this notification redirected them to a subscription page, where prices ranged from €5 to a staggering USD.