Fake “Call History” Apps Stole Money from Users after 7.3M Google Play Downloads

Colleagues, a cybersecurity alert: fake apps promised call histories but charged users and displayed fabricated data.
ESET identified 28 apps targeting India and APAC; one exceeded 3M downloads.
Mechanics: subscriptions via Google Play, third‑party UPI and card entry; after payment apps showed generated records. Some masqueraded as "Indian gov.in".
Refunds via Google Play may be available; payments through third‑party services and cards often are not.
Why it matters: a simple UI and minimal permissions do not guarantee safety—direct financial loss is possible.
What do you recommend users and companies do in response?
#cybersecurity #Android #fraud #GooglePlay


Latest comments
No comments yet.