Scam Android apps on Google Play got millions of downloads from a creepy pitch

Source: Android Authority

TL;DR

• Researchers found dozens of fraudulent Google Play apps that promised call, SMS, and WhatsApp history for any number.
• The apps amassed more than 7.3 million combined downloads before Google removed them.
• The apps charged users and returned fake data.

Have you encountered a scam ad on Android?

ESET researchers detailed the scam in a WeLiveSecurity report, where they collectively refer to the apps as “CallPhantom.” The apps differed in appearance, but the trick was the same: you entered a phone number, paid to unlock the supposed communication records, and received fabricated data in return.

App behavior

• Some apps generated random phone numbers and paired them with names and call details that were already embedded in the code.
• Others asked users for an email address where the “retrieved” history would supposedly be sent.
• The apps did not request intrusive permissions and had no real ability to access the requested data.

Payment mechanisms

• A few apps used Google Play’s official billing system, potentially allowing victims to claim refunds.
• Others pushed users toward third‑party payment apps or direct card‑checkout forms inside the app.
• In one case, when users tried to leave the app, deceptive alerts styled like new emails claimed the call‑history results had arrived and then redirected users back to a subscription screen.

Google’s response

ESET reported the 28 apps to Google on December 16, and all of them had been removed from Google Play by the time the report was published. While sideloading often receives more criticism for scam protection, this incident reminds us that the Play Store can still give bad apps a huge audience (source) once they slip through.