Google has issued a warning to billions of smartphone users regarding a surge in fraudulent virtual private network (VPN) applications designed to steal sensitive personal and financial information. The alert, part of Google’s November 2025 Fraud and Scams Advisory, emphasizes how cybercriminals are taking advantage of the growing demand for privacy tools by disguising malware as legitimate VPN services. Many of these malicious apps are designed to resemble trusted VPN brands or use targeted advertising to entice users, only to infect devices with spyware and data-stealing malware once installed.
Laurie Richardson, Google’s vice president of trust and safety, highlighted the deceptive nature of these apps, noting that while they may appear to function as VPNs, they can secretly compromise passwords, banking credentials, and private messages. The advisory points out that attackers are leveraging a global increase in VPN usage, particularly in regions with new online safety regulations, including restrictions on adult content in the US and UK. Some counterfeit apps even manage to appear on official app stores, bolstered by fake reviews and polished designs that make them seem legitimate, posing a significant risk to users who assume their devices are secure.
Once installed, these malicious VPN applications can deploy a variety of threats, including info-stealers, banking trojans, and remote access tools capable of extracting browsing histories, cryptocurrency data, and stored credentials. Security experts caution that these scams exploit a common misunderstanding that VPNs provide total anonymity. While VPNs can mask IP addresses and help bypass regional restrictions, they do not make users invisible online, and they are not a substitute for comprehensive security measures. Richardson emphasized that any app promising complete privacy should be approached with skepticism.
To mitigate risks, Google advises users to download VPN services only from verified sources, such as the Play Store, and to avoid free apps that request unnecessary permissions, including access to contacts, messages, or files. Cybersecurity researchers note that while VPNs remain useful for encrypting connections on public Wi-Fi and accessing restricted content, users should combine them with other security practices, such as regularly updating software, using strong passwords, and enabling two-factor authentication. Google’s advisory follows a series of warnings about malware targeting Gmail, Google Messages, and Chrome users, reflecting an ongoing effort to curb the growing wave of digital scams and spyware affecting mobile and online users globally.
The advisory underscores the importance of vigilance as more users turn to digital privacy tools. By providing guidance on safe downloads and highlighting the dangers of counterfeit VPN apps, Google aims to help users navigate the evolving threat landscape while maintaining control over their personal information and online activity.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
