Android alert: 7 million users downloaded ‘stalking’ apps that were actually scams

Normally, when it comes to scams, there is clearly a bad party and it's usually the grifter. However, a new scam uncovered by security researchers at ESET lands squarely in the everyone is probably wrong zone.

The scam involves a series of 28 apps dubbed "CallPhantom" by ESET that racked up more than 7.3 million downloads on the Google Play Store. The various apps promised to give users access to call histories, SMS records and even WhatsApp call logs for any phone number.

To gain access to this creepy information, users had to pay a subscription fee. Unfortunately for them, but perhaps fortunately for the people whose phone numbers they entered, these CallPhantom apps only sent back fake data.

Latest Videos From

The ESET researchers found that the apps used different methods to fake the "information." The apps would generate random phone numbers and match them with fixed names, call times and durations.

Some of the apps demanded users' email addresses where the fake call history would supposedly be sent. However, no "data" would be sent until after payment.

Surprisingly, none of the apps requested intrusive permissions on the scammed individual's phone.

Payments to the apps were split up as well. Some relied on the Google Play Store's official billing system, which is required for apps that offer in-app purchases. Some utilized third-party payments or had payment card checkout forms that side-stepped Google's policies though.

ESET says that it submitted its report about the CallPhantom apps to Google in December 2025, and all of the apps in question have since been removed. Browsing the Play Store today, we were unable to find any evidence of these apps.

How to stay safe from malicious apps

Look, obviously, no one deserves to be scammed. That said, when you go looking for sketchy apps that promise to enable behavior next door to stalking, you are more likely to find programs built to grift.

So... don't do that.

Per ESET, the apps in the research were mainly targeted at people in India and the Asia-Pacific regions.

Still, if you've been scammed, there is recourse for refunds in the Play Store app. Google lays out the process on its Cancel, pause, change subscription page.

Beyond that, for any app be sure to check the reviews beyond the glowing 5 Stars at the top of the page.

Only download apps from reputable publishers, always apply security updates and avoid downloading any non-essential apps. Be sure to reject and disable accessibility permissions too. Of course, enable Google Play Protect as well as this built-in security tool scans all of your existing apps and any new ones you download for malware and other threats.

CallPhantom doesn't appear to have introduced malware or viruses, but you should still protect your smartphone with one of the best Android antivirus apps.

Apps can do real damage, especially those with malicious intentions. It's why we recommend limiting the number of apps you have installed overall. And perhaps, don't try to find out who other people are calling using a shady app making dubious promises.

Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds. Subscribe to Tom's Guide on YouTube and follow us on TikTok.

More from Tom's Guide

• 'Not happening! Y'all are wild': Google shoots down rumors Android will copy the iPhone's Liquid Glass design
• How to turn on Android’s anti-theft protection features and secure your phone
• I tried Android 17 and these are the 5 new changes worth paying attention to