Deceptive Call History Apps: How 7.3 Million Downloads Led to Payment Theft

Cybersecurity researchers recently uncovered a widespread scam on the Google Play Store involving apps that promised to reveal call histories for any phone number. Instead, these fraudulent apps tricked users into costly subscriptions, delivering fake data and siphoning payments. Below, we answer key questions about this scheme and how to stay safe.

What exactly are these fake call history apps?

These are Android applications listed on the official Google Play Store that falsely claim to let users view call logs from any phone number. In reality, they provide no real call history data. Instead, after installation, they prompt users to sign up for a paid subscription, often without clear disclosure of recurring charges. Once subscribed, victims receive fabricated or generic call logs that have no connection to the target number. The apps collect payment information and charge users monthly, leading to financial loss. Researchers identified 28 such apps in the campaign.

How many people downloaded these scam apps?

The 28 fraudulent apps collectively accumulated over 7.3 million downloads from the Google Play Store. One particular app alone was responsible for more than 5 million installations, making it a major vector for the scam. This scale highlights the effectiveness of the scheme in reaching a large audience, despite the apps being deceptive.

What methods did the scammers use to trick users?

The scammers employed several tactics. First, they used appealing names and icons that suggested call history access. App descriptions promised simple steps to retrieve someone else's call logs, tapping into curiosity or privacy concerns. After installation, the apps displayed a login or subscription screen that obscured the true cost or recurrence. Many users were unaware that they were signing up for a weekly or monthly fee. Additionally, the apps provided limited or no real functionality, ensuring victims would keep paying without getting value. Positive fake reviews may have also boosted credibility.

How were these apps discovered and by whom?

The discovery was made by cybersecurity researchers who routinely monitor the Google Play Store for malware and fraud. They identified patterns like excessive permission requests, suspicious subscription models, and user complaints about unauthorized charges. Their analysis involved testing the apps and reverse-engineering code to confirm that the apps did not actually retrieve any call histories. The findings were reported to Google, which then removed the apps from the store.

What financial damage did these apps cause?

Users who fell for the scam faced repeated charges, typically ranging from a few to several tens of dollars per month. Some victims reported being billed without clear consent, as the subscription terms were buried in fine print. With over 7.3 million downloads, even a small conversion rate could result in significant total losses. While exact dollar amounts are not disclosed, the cumulative financial harm to consumers is substantial, especially since charges can persist until the user notices and cancels.

What can users do to protect themselves from similar scams?

To avoid such fraud, always scrutinize app permissions and reviews. Legitimate apps rarely request access to call logs or contacts without a clear need. Be wary of apps that promise to reveal private data like others' call histories—this is usually illegal or technically infeasible. Check subscription details before confirming payment, and use strong payment controls like virtual cards or requiring confirmation for each transaction. If you suspect you've been charged fraudulently, contact your bank and cancel the subscription via Google Play settings. Finally, keep your device updated and use reliable security software.