Fake Call History Apps Target Millions of Android Users in India
Security researchers have uncovered 28 fake Android apps that promised access to private call records and WhatsApp history while secretly charging users money for fabricated information and misleading services.
Android users in India are being warned about a large online scam involving fake mobile applications that claim to reveal anyone’s call history, SMS records and even WhatsApp call details. Cybersecurity experts say these apps are misleading people with false promises while collecting subscription fees for completely fabricated data.
The issue came to light after security research firm ESET investigated a suspicious app circulating on app stores and online forums. According to the researchers, these applications were downloaded more than 7.3 million times before action was taken. Most of the apps specifically targeted users in India and nearby Asian markets by promoting features linked to Indian mobile numbers and UPI payment options.
Researchers collectively named the campaign CallPhantom because the apps generated fake information instead of accessing any real records. The applications claimed they could reveal private call logs, contact activity, SMS history and WhatsApp conversations simply by entering a phone number. In reality, the apps displayed randomly generated data designed to appear authentic.
One of the most concerning findings was how convincingly these apps presented fake information. Users reportedly saw fabricated caller names, call durations and timestamps that looked genuine. After showing limited preview results, the apps asked victims to pay subscription charges to unlock full details. Many users believed they were purchasing legitimate services.
Cybersecurity analysts explained that the apps never had access to telecom databases or private call records. Instead, the information shown inside the apps was hardcoded or automatically generated through scripts. Experts say this tactic was designed purely to exploit curiosity and invade user trust.
The investigation reportedly began after online discussions about an app called Call History of Any Number started appearing on social media platforms and forums. The application claimed to be associated with government services, creating an additional layer of trust among users. However, researchers later confirmed there was no connection with any official authority.
Several of these apps carried names that sounded almost identical. Some of the most downloaded apps included Call History Any Number Details, Call Details of Any Number and Phone Call History Tracker. A few of them crossed millions of downloads before being removed from the platform.
Experts say the scam became successful because many people believe modern technology can easily access private mobile records. Fraudulent developers used this misconception to sell fake subscriptions ranging from a few hundred rupees to thousands of rupees annually. Some premium plans reportedly charged users nearly Rs 7600 for access to non existent data.
The apps mainly focused on Android users and were available through app marketplaces for a considerable period. Many victims may not have realized immediately that the information being displayed was entirely fake. Researchers warned that apart from financial losses, such apps could also collect sensitive permissions from users’ devices.
Following the investigation, Google reportedly removed all identified applications from its platform after being informed about the issue. Security experts are now advising users to avoid downloading any application that promises access to another person’s private call history or messaging records.
Cybersecurity professionals also reminded users that genuine telecom records cannot legally be accessed through ordinary mobile apps. Private communication data is protected by strict laws and telecom regulations. Any application promising to reveal someone else’s personal call details should immediately be treated as suspicious.
Experts recommend checking app reviews carefully, verifying developer information and avoiding apps that ask for unnecessary permissions or subscription payments. Users are also advised to install apps only from trusted developers and keep security protections enabled on their smartphones.
The incident once again highlights how digital scams are becoming increasingly sophisticated in the smartphone era. While curiosity drives many people to such applications, cybersecurity specialists warn that falling for these traps can lead to financial loss, privacy risks and potential misuse of personal information.
