fraudulent applications Archives

AppWizard

May 9, 2026

Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads

Cybersecurity researchers from ESET have discovered 28 fraudulent applications on the Google Play Store that falsely claimed to provide access to call histories for any phone number. These apps have been downloaded over 7.3 million times, with one app alone accounting for over 3 million downloads. The operation, named CallPhantom, primarily targeted Android users in India and the Asia-Pacific region. Users were lured into subscription services, paying for access to fictitious data, including call histories and SMS records, but received only randomly generated information. Some apps were published under the developer name "Indian gov.in" to create a false sense of trust. Payments were processed through the Google Play Store or third-party applications like Google Pay and Paytm. Users who subscribed via Google Play may be eligible for refunds, while those who used third-party payment methods may not be able to recover their funds. The fraudulent activity may have been ongoing since at least November 2025.

AppWizard

May 8, 2026

Scam Android apps on Google Play got millions of downloads from a creepy pitch

Researchers uncovered a scam involving 28 fraudulent applications on the Google Play Store, collectively called "CallPhantom," which garnered over 7.3 million downloads. These apps promised access to call logs, SMS records, and WhatsApp history for any phone number, but users received fabricated data after paying a fee. The apps varied in appearance but shared a common strategy of generating random phone numbers and pairing them with pre-existing names and call details. Some requested email addresses to send the 'retrieved' history, but none had the necessary permissions to access the claimed data. Payment methods included Google Play’s official billing system and third-party platforms, with some apps misleading users into staying on subscription screens. ESET reported these apps to Google on December 16, leading to their removal from the Play Store.

AppWizard

May 8, 2026

Fake call logs, real payments: How CallPhantom tricks Android users

A series of fraudulent applications known as CallPhantom have been identified on the Google Play Store, claiming to provide access to call logs, SMS records, and WhatsApp call history for a fee. A total of 28 CallPhantom apps were reported, with over 7.3 million downloads. These apps falsely generated random phone numbers and fabricated data, misleading users into paying for nonexistent services. The apps primarily targeted Android users in India, utilizing UPI for payments and often sidestepping Google Play's official billing system. Users expressed frustration in negative reviews after being scammed. The investigation revealed two clusters of deceptive applications: one that presented hardcoded data and another that promised to send call histories via email after payment. Refunds may be possible for subscriptions made through Google Play, but users who paid outside the platform must contact their payment provider or the app developer for resolution.

AppWizard

January 30, 2026

DoubleVerify warns of ‘zombie’ Android app fraud surge

DoubleVerify has raised concerns about a mobile scam involving the hijacking of dormant Android developer accounts, referred to as "zombie" accounts, which are exploited to publish fraudulent gaming applications on Google Play. This new tactic allows fraudsters to bypass automated checks due to the accounts' history of legitimate activity. The fraudulent apps generate invalid traffic, drain advertiser budgets, and excessively consume device battery power. DoubleVerify has identified unusual traffic patterns, such as surges at early morning hours, which do not align with typical gaming behavior, indicating the presence of bot clusters generating ad requests. Specific examples include dormant accounts that suddenly shifted to publishing gaming apps after years of inactivity. The reliance on developer history as a trust signal poses risks for advertisers, as it can lead to distorted campaign measurements and brand risks. DoubleVerify advocates for real-time behavioral analysis to enhance detection and protection against these threats.

AppWizard

November 16, 2025

Google U-Turns on Plan to Lock Out Unverified Android Developers

Google has revised its approach to mandatory identity verification rules for Android developers, which were initially announced in August. The rules required all Android developers to authenticate their identities through official identification and a fee, impacting app installations from unverified developers on certified Android devices. This announcement led to petitions and criticism from the developer community, including F-Droid, which argued that the rules aimed to consolidate power rather than enhance security. Google defended the initiative as a measure against Android malware, citing risks posed by malicious actors. In response to community feedback, Google announced plans for a "new advanced flow" allowing experienced users to accept risks associated with unverified software installations. The company also intends to create a dedicated account type for students and hobbyists to share their creations without full verification. Despite existing ID verification for Play Store developers, malware challenges persist in the Android ecosystem, highlighted by recent campaigns like ClayRat in 2025.

AppWizard

August 28, 2025

Sideloading apps onto Android phones from random sources won’t be an option starting in 2026

Google will implement a new identity verification requirement for developers distributing apps outside the Google Play Store starting in September 2026, targeting regions like Brazil, Indonesia, Singapore, and Thailand. A revamped Android Developer Console will be introduced to facilitate this process, including a lighter version for hobbyists and students. Developers will need to create accounts, verify their identities, and register app package names for apps outside the Google Play ecosystem. Developers using the existing Play Console will not be affected. Since the identity verification on the Play Store began in 2023, Google has seen a decrease in fraudulent applications and financial scams. The impact of this new policy may be minimal for average users but could lead to significant discussions among those who use third-party app stores or download directly from developers' websites.

AppWizard

August 27, 2025

By 2026, no more “ghost” apps: Android will only accept verified developers.

Beginning in 2026, only applications from verified developers will be allowed for installation on certified Android devices. This requirement will apply to all certified Android devices equipped with Play Protect and pre-installed Google applications, including apps from third-party app stores and those sideloaded by users. Google will implement a verification process that confirms the developer's identity without scrutinizing the app's content. Apps installed from third-party sources via sideloading have a malware rate 50 times higher than those from the Google Play Store. Developers can still distribute apps through various channels but must verify their identity and register their app's package name and signing keys. The verification system will begin testing in October 2023, with full availability expected by March 2026. The initial rollout will target Brazil, Indonesia, Singapore, and Thailand in September 2026, followed by global implementation in 2027.

AppWizard

August 26, 2025

Google Will Block Sideloading Unverified Android Apps Next Year If Devs Fail to Comply

Google will ban the sideloading of unverified apps on Android starting next year, requiring developers outside the Play Store to undergo a verification process before their apps can be installed. Apps sourced from the internet for sideloading contain over 50 times more malware than those on the Play Store. The verification process aims to combat fraudulent developers who create deceptive applications. This measure does not ban sideloading outright but targets anonymous developers. Google has previously implemented various security measures, including Play Protect, to enhance app safety. A similar sideloading ban was already enforced in India.

AppWizard

July 24, 2025

Over 250 malicious apps found targeting Android users in worrying attack – here’s how to stay safe

Researchers from Zimperium zLabs have discovered an extortion scheme involving over 250 fraudulent dating applications targeting Android users. These apps request extensive permissions to steal sensitive personal files, threatening victims with the release of their private information unless they comply with extortion demands. Many of the associated domains have been indexed by search engines, making it difficult for users to identify the apps as fraudulent. None of the identified apps were available on the official Google Play Store or Apple App Store. Users are advised to be cautious when downloading apps from unfamiliar sources, review permissions regularly, and consider installing mobile security solutions.