If you absolutely must spoof an ID or location for a one-off research project (e.g., journalism), buy a cheap $50 prepaid Android phone. Use it only on Wi-Fi. Never log into your real Google account. Install whatever you want. When you are done, factory reset it. This air-gaps the risk from your real life.
Standard Android has a built-in "Select mock location app" option in Developer Options. However, this is only meant for developers testing geofencing. Most modern apps (banking, Uber, Tinder) can easily detect this official API and block it. bypass this detection by hooking directly into the system framework—often requiring root access or using virtual machine spaces (like VirtualXposed or F1 VM). android faker mod
An Android Faker Mod intercepts these read requests. When an app asks, "What is the device's IMEI?" or "What is the SIM card serial number?" the Faker Mod steps in and supplies a false, randomized value instead of the real one. To the app, the device appears to be a completely different phone. If you absolutely must spoof an ID or