: Malicious VCF files can be used to silently update your existing contacts with fraudulent phone numbers. This allows attackers to impersonate known banks, delivery services, or government agencies to trick you into sharing sensitive information. Malware Distribution

Creating fake identities to prank friends or set up bogus social media profiles using Indian-sounding names and numbers.

, running a malware scan, and potentially performing a factory reset if your device begins operating strangely. Why you should avoid installing unknown apps - Kaspersky

Importing 5,000+ dummy contacts can significantly slow down the Android Dialer and Contacts app, causing lag when searching for real people or making legitimate calls. Cleaning up this mess later is tedious and often requires a factory reset if the sync goes wrong.

: Developers use them to test contact management features or bulk import processes in new applications. Critical Security Risks

: Malicious VCF files can be used to deliver malware or execute remote code. Some scripts exploit vulnerabilities in how devices process vCards to trigger dangerous links without warning.

Some apps, like Fake Contacts: Privacy Shield on Google Play , allow users to bulk-import hundreds of deceptive contacts. This creates a "smoke screen" for apps that demand contact list permissions, protecting the user's actual personal links.