{"id":215229,"date":"2026-05-18T03:30:06","date_gmt":"2026-05-18T07:30:06","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/18\/fake-call-history-apps-stole-payments-from-users-after-7-3-million-play-store-downloads\/"},"modified":"2026-05-18T03:30:09","modified_gmt":"2026-05-18T07:30:09","slug":"fake-call-history-apps-stole-payments-from-users-after-7-3-million-play-store-downloads","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/18\/fake-call-history-apps-stole-payments-from-users-after-7-3-million-play-store-downloads\/","title":{"rendered":"Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/05\/fake-call-history-apps-stole-payments.html\">Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/05\/fake-call-history-apps-stole-payments.html\">https:\/\/thehackernews.com\/2026\/05\/fake-call-history-apps-stole-payments.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-08 11:08:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<h3>Fraudulent Apps on Google Play Store SCAM Exposed<\/h3>\n<p>Cybersecurity researchers have uncovered a significant fraudulent operation involving malicious apps on the Google Play Store that falsely claimed to provide access to call histories for any phone number, thereby tricking users into paying for fake data. These apps, named CallPhantom by security firm ESET, had accumulated over 7.3 million downloads before being removed from the store, with several individual apps reaching three million downloads. Targeting primarily Android users in the India and Asia-Pacific regions, these apps demanded payments for call and SMS history access, but instead provided only fabricated data. The fraudulent apps operated without requesting any sensitive permissions, contained no actual functionality to retrieve data, and were monetized through various payment schemes including subscriptions via Google Play and third-party services like Google Pay, PhonePe, and Paytm. Following the discovery, users who were victims of these scams may have their subscriptions canceled and could potentially be eligible for refund under Google&#8217;s policy, though refunds for payments made through other means remain dubious.<\/p>\n<p>Key Points:<\/p>\n<ul>\n<li>Fraudulent apps falsely promised access to call, SMS, and WhatsApp call histories for any number on the Google Play Store.<\/li>\n<li>The apps had over seven million downloads collectively before removal. Some individual apps had surpassed three million downloads.<\/li>\n<li>The scam targeted mainly the India and Asia-Pacific regions and used several deceptive monetization methods.<\/li>\n<li>Payment methods violated Google Play\u2019s policies, including direct payment card checkouts.<\/li>\n<li>The scam highlights significant financial fraud issues, including a related operation in Indonesia that impersonated trusted brands to conduct phishing and data theft operations, resulting in millions in losses.<\/li>\n<\/ul>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads https:\/\/thehackernews.com\/2026\/05\/fake-call-history-apps-stole-payments.html&#8230;<\/p>\n","protected":false},"author":1,"featured_media":215230,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgBMXgW6K0BZvt0-jhZ_smX3Uy-nsd9wb9g7Gs7d3G7uH-HIlEcNhEt9xpaKD_62iJol_LK5Expt-6qCuvIf7llqtQclB64I9zZm_i8CIC0lMJiIz8nx6r4C-Nj4cUgd3cQEtu3_lGFa7wcmR6q9otQhCLoB1Mbnmn7NgH6-djLs_ScqanZFNC-EVOwYyO7\/s1700-e365\/android-calls.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,25],"class_list":["post-215229","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215229"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=215229"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215229\/revisions"}],"predecessor-version":[{"id":215231,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/215229\/revisions\/215231"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/215230"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=215229"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=215229"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=215229"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}