Google has wiped 28 apps from the Play Store after being alerted to a fraudulent scam.
A massive scam operation, called CallPhantom, saw these Android apps promise to unlock anyone's call history, text messages, and WhatsApp call logs simply by entering a phone number. The promise of being able to see who someone has been calling or messaging proved a strong draw, with some 7.3 milion people downloading these apps.
Security experts from ESET uncovered the network of apps, which were never able to deliver on the promise of revealing who people have been in communication with. ESET researcher Lukáš Štefanko said: "In November 2025, we came across a Reddit post discussing an app named Call History of Any Number, found on Google Play.
"Unsurprisingly, our analysis showed that the ‘call history’ data provided by this app is entirely fabricated — the app generates random phone numbers and matches them with fixed names, call times, and call durations, which were embedded directly in the code."
Just a handful of some of the Android apps that were found to be fraudulent by researchers from ESET. These apps tempted users into downloading and paying a small fee by promising to unlock the call and messaging history of any mobile number
|WELIVESECURITY.COM | ESET RESEARCH PRESS OFFICE
No legitimate smartphone app can actually access someone else's private phone records. That's because mobile carriers don't share this data with third-party developers.
What makes the fraudulent claims from these apps even more unbelievable is the fact that WhatsApp uses end-to-end encryption across both calls and apps.
This encrypts your data before it leaves your device, so that anything transmitted is impossible to decrypt. It's a little like mailing a letter in a locked box that only you and the recipient have the key to unlock.
Every device in an encrypted chat has its own special key that scrambles messages, photos, and video calls as soon as they're sent. The only way to unscramble them is with the matching key on the other end.
Instagram recently removed this protection.
Without being able to list any actual calls or text messages, these scam Android apps showed customers fake call records. Once you opened one of these apps and entered a phone number, it displayed a convincing preview designed to look like legitimate call history data.
The catch? You had to pay to unlock the so-called “full results.”
Networks, which manage calls made over cell towers, do not make a habit of sharing data about the mobile numbers, time spent on the phone, and frequency of calls made by a specific number
|WELIVESECURITY.COM | ESET RESEARCH PRESS OFFICE
Subscription prices ranged from around $6 (roughly £5) for weekly access to as much as $80 (nearly £60) for an annual plan. But after paying, users were given fabricated data.
Investigators found the apps generated random phone numbers and matched them with preloaded names, call times, and durations embedded within the app’s code.
Some apps also sent fake notifications designed to resemble official emails, falsely claiming that search results were ready — all in an effort to pressure you into subscribing.
Users in India were hit hardest by this scam, with 53.7% of the findings coming from the country.
Many of the apps came with India's +91 country code already selected, and they supported UPI – a payment system that's very popular there.
LATEST DEVELOPMENTS
- Best VPN deals
- Popular Freely TV box returns to Amazon after weeks of being sold out online
- Traditional landlines to be turned off for another 1.69 million homes in UK
- Google is killing off free tool to check if hackers know your email
- Freely strikes deal with Roku to bring Freeview replacement to more TVs
The apps also featured review sections where scammed users warned others, but these sat alongside clusters of suspiciously glowing five-star reviews that kept the ratings looking respectable.
If you've fallen victim to one of these apps and paid through Google Play's official billing system, there's good news – your subscription has been cancelled automatically, and you may be able to get a refund through your Play Store payment settings.
Although if you've paid using a third-party app or entered your card details directly into one of these apps, you'll need to contact your bank or payment provider yourself to try and get your money back.
Google has now removed these apps from the Play Store, so nobody can download the fraudulent software and be scammed by the same malicious trick. However, ditching the app from this digital storefront doesn't automatically wipe it from your device. If you've accidentally downloaded one of these apps, you must take action yourself to remove it from your Android smartphone or tablet.
Call History of Any Number app was one of the apps discovered on the Google Play Store
|WELIVESECURITY.COM | ESET RESEARCH PRESS OFFICE
This isn't the only fraud attempt Android users have faced recently. Hackers have found a way to bypass mobile passcodes in just 45 seconds, over a hundred security flaws were recently discovered in the Android operating system, and fraudsters have been hiding malware in your TV streaming apps.
In an attempt to combat more fraudulent activity, Google is shaking up the rules for millions of Android users, making it tougher to download apps outside of the Play Store.
How to spot a scam
Here are a few examples of how to spot when a fraudster is trying to trick you:
- Messages that pressure you to act immediately
- Unexpected alerts about account issues or security threats
- Links to download apps outside official app stores
- Poor grammar, spelling, or unusual formatting
- Requests for personal or financial information
- Sender addresses that look slightly “off” or unfamiliar
- Offers or threats that feel extreme or unrealistic