CallPhantom scam – Fraudulent Android apps promised access to others’ call logs and messages. Misryoum reports millions of downloads before removal.
A wave of fake “stalking” apps managed to rack up millions of downloads by selling a promise that simply shouldn’t have been possible in the first place.
CallPhantom apps. uncovered and investigated under Misryoum coverage. claimed they could reveal someone else’s call history. including call logs. SMS records. and even WhatsApp activity.. The core pitch is where the scam collapses: there is no legitimate way for a third-party Android app to pull up another person’s carrier data or messaging history.. Misryoum notes that carriers do not expose that information for outsiders to query, which makes these apps’ claims fundamentally impossible.
What’s especially troubling is the structure of the deception.. The apps generated fake-looking “results” on the spot, using hardcoded names and timestamps paired with randomly chosen phone numbers.. In other words. users were charged before they saw anything that appeared like proof. and the “evidence” was effectively manufactured by the app itself.
This is a reminder that app-store popularity alone is not a safety signal.
Despite the obvious technical impossibility. a large cluster of variants remained on the Google Play Store long enough to attract significant attention.. Misryoum describes 28 related Android apps operating under similar themes, including one published with a name that suggested government credibility.. Several listings also accumulated warnings from users who said they were scammed. while at the same time showing patterns of highly positive ratings that could make the listings look more trustworthy than they were.
Misryoum reports that these apps were flagged to Google in December 2025 and later removed. But the key detail is how the removal happened: it came after external reporting and investigation rather than the platform detecting the scam on its own early enough to prevent widespread downloads.
The situation gets worse where payments are concerned.. Some versions reportedly bypassed Google’s official billing flow by steering users toward third-party payment methods or embedding direct card entry prompts.. Misryoum highlights that this can strip users of the refund options available through Google Play’s standard payment system. leaving them to handle disputes with outside processors or. in practice. with the scammers.
And then there is the uncomfortable part of the demand.. These apps weren’t marketed as tools for editing media or managing files.. They were built around a desire people recognize instantly: the chance to spy on someone and uncover what they’re doing.. Misryoum notes that the apps leaned into that impulse with tiered subscription pricing and onboarding choices tailored to specific regions.
In the end. this case is less about advanced hacking and more about exploiting human curiosity through a familiar payment-for-secrets setup.. If you already paid through Google Play’s official system. Misryoum suggests you can cancel subscriptions and potentially pursue refunds via Play’s payment settings. while nonstandard transactions are typically harder to unwind.
The wider lesson is clear: when a product claims access to private records that platforms and carriers normally keep locked down, the safest assumption is that it’s a con, no matter how convincing the interface looks.