Virtual private networks (VPNs) are important if you care about your data and privacy. They create a secure, encrypted connection between your device and the internet, hiding your IP address and protecting your online activity.
There are tons of apps out there that claim to offer VPN services, but not all of them are legit. Some are fakes trying to steal your data.
In the third quarter of 2024, security researchers found that the number of users encountering fake VPN apps jumped 2½ times compared to the second quarter globally. These apps were either malware or programs that could be used by malicious actors.
I’m diving into the rise of fake VPN apps and how you can stay safe.
What you need to know about the surge in fake VPN apps
When users installed these VPN apps, their devices were turned into proxy servers, meaning they were used to redirect someone else’s internet traffic.
This huge network spread across 19 million unique IP addresses in over 190 countries, making it possibly the largest botnet ever created. The people controlling the botnet sold access to these infected devices to other criminals, who used them for cyberattacks, money laundering and fraud.
Don’t trust free VPNs
You can’t trust free VPN apps because they have no reason to keep you or your data safe. Here’s why you should be cautious:
- Data sharing: Many free VPNs share user data with third parties.
- Weak encryption: About 36% of free VPNs use weak encryption, compromising your online security.
- Data leaks: Nearly 90% of free VPNs leak some kind of data, with 17% leaking more than they should.
- Unreliable connections: More than half of free VPNs have unstable connections.
- Excessive permissions: Almost 70% ask for permissions they shouldn’t need, like tracking your location (20%) or checking what apps you have installed (46%).
Why people fall for fake VPNs
There’s a growing demand for VPN apps across all platforms, including smartphones and computers. Users often believe that if they find a VPN app in an official store, like Google Play, it’s safe to use. They’re especially drawn to free services, thinking it’s a great deal. However, this can often be a trap.
Choose trusted VPN services for optimal security and privacy
If you need a VPN, stick to a service that’s well-known, trusted and not free. Look for ones that are talked about on mainstream sites and backed by solid reviews. If you’re not sure where to start, I’ve put together a handy list of my favorite VPNs. I’ve tested them myself, and you can trust them to keep your data safe. For best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.
3. Use two-factor authentication (2FA): Implement 2FA for your VPN accounts to add an extra layer of security beyond just a password.
4. Keep software updated: Regularly update all VPN-related software, including clients, servers and associated networking hardware, to benefit from the latest security patches and improvements.
5. Use strong encryption: Look for VPN services that use robust encryption protocols like AES-256 to protect your data.
6. Monitor VPN traffic: Continuously monitor VPN traffic and logs for unusual patterns that might indicate security issues.
7. Invest in strong antivirus software: A strong antivirus program can help detect and remove malware before it compromises your device. Many antivirus apps also come with features like web protection, anti-phishing tools and the ability to scan new apps for threats. While there are free options, premium versions often provide more comprehensive protection. Look for a trusted name in cybersecurity when choosing an antivirus solution. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
Kurt’s key takeaway
Fake VPN apps are everywhere, and they’re bad news. They’re not just useless. They can turn your device into a tool for cybercriminals. The 911 S5 botnet showed us just how dangerous free VPNs can be, turning millions of devices into a giant network for fraud and attacks. The truth is free VPNs aren’t really free. They often come with weak security, leak your data or demand permissions that put your privacy at risk. If you’re serious about protecting your online activity, invest in a trusted, paid VPN service.
How often do you check the credibility of apps you download? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
- What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked?
- What is the best way to stay private, secure and anonymous while browsing the web?
- How can I get rid of robocalls with apps and data removal services?
- How do I remove my private data from the internet?
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
The post Malicious apps posing as VPNs can turn your device into a tool for cyberattacks appeared first on Fox News.
