- Google’s latest fraud advisory identifies malicious VPNs as a growing threat
- Fraudsters disguise malware as legitimate VPN apps to steal user data
- Google urges users to download VPNs only from official sources
Digital privacy is a growing concern these days, with millions of people turning to virtual private networks to protect their online activity.
However, in a stark new warning, Google has confirmed that cybercriminals are exploiting this need for security by distributing malicious apps disguised as legitimate VPN services. This creates a dangerous situation in which a tool meant to be a shield is, in fact, a weapon used to steal sensitive user data.
The alert was issued as part of Google’s November 2025 Fraud and Scam Advisory, which details the latest trends in online threats. In addition to warnings about AI-based job scams and holiday-themed phishing schemes, the advisory specifically highlights the danger of fraudulent VPN apps and browser extensions.
The Big Tech giant warns that bad actors are impersonating trusted VPN brands or using enticing ads to trick users into installing software secretly filled with malware. For users looking for the best VPN for their needs, the selection process is more critical than ever.
The irony is sharp and disturbing: in their quest for privacy, users may inadvertently download apps that constitute the ultimate invasion of privacy.
Once installed, these malicious apps can deliver dangerous payloads including information stealers, banking Trojans, and remote access tools that completely compromise a user’s security.
The effectiveness of this scam lies in the abuse of trust. Users are conditioned to view a virtual private network (VPN) as a solution, not a threat.
Criminal ecosystems exploit this by creating apps that appear legitimate, often listing them on official app stores, and accumulating fake reviews to appear trustworthy. But behind a friendly interface, these apps are designed to betray the user.
According to Google’s review, these fake VPNs can exfiltrate a trove of sensitive information, including your browsing history, private messages, financial credentials, and even your cryptocurrency wallet details.
This is not just a theoretical risk. Previous security incidents have revealed that free VPNs were secretly spying on their users or having hidden ties to state actors. In one case, a popular free Chrome VPN extension with over 100,000 downloads was caught taking screenshots of every website its users visited, including banking portals and private photo albums.
The lure of free services is a big part of the problem. Although a recent TechRadar survey found that nearly one in four readers use free VPNs, many of these services carry significant risks.
Bad actors know that users are lured by free or cheap downloads that promise to “just work,” and they use this to their advantage, turning a user’s device into a node in a criminal network.
How to protect yourself from fake VPNs
As criminals actively target privacy-conscious users, choosing a secure VPN requires diligence. Google’s main advice is to only download VPN apps from official sourceslike the Google Play Store, and to search for apps that have an official “VPN” badge.
However, these measures alone are not exactly bulletproof. For example, the malicious Chrome VPN extension was among the questionable VPNs that managed to get Google security badges by mistake.
Users should then be deeply skeptical of any VPN deal that seems too good to be truenotably free services promising unlimited, socket-free access. It is crucial to review permissions requested by an app during installation; a VPN shouldn’t need access to your contacts, photos, or private messages.
Ultimately, the safest choice is to rely on well-established and reputable VPN providers who have a transparent business model and a history of independent security audits. While some freemium VPNs from trusted brands are safe, a premium service is a small price to pay for the assurance that the tool you’re using to protect your privacy isn’t secretly destroying it.
According to independent testing by TechRadar, Proton VPN Free, PrivadoVPN Free and Windscribe Free are currently the best free VPN in terms of security, privacy and performance.
If you’re ready to invest some money, ongoing Black Friday VPN deals now make it the most convenient time to upgrade. Among the services offered, there is also TechRadar’s first choice, NordVPN…
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
