VPNs are important if you care about your data and privacy. They create a secure, encrypted connection between your device and the internet, hiding your IP address and protecting your online activity. There are tons of apps out there that claim to offer VPN services, but not all of them are legit. Some are fakes trying to steal your data.
In Q3 of 2024, security researchers found that the number of users encountering fake VPN apps jumped 2.5 times compared to Q2 globally. These apps were either malware or programs that could be used by malicious actors. I’m diving into the rise of fake VPN apps and how you can stay safe.
What you need to know about the surge in fake VPN apps
According to Kaspersky, cybercriminals are taking advantage of people who want to use free VPN services. In May 2024, law enforcement shut down a botnet, which is a network of hijacked devices, called 911 S5. Several free VPN services, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN, were used to create this botnet.
When users installed these VPN apps, their devices were turned into proxy servers, meaning they were used to redirect someone else’s internet traffic.
This huge network spread across 19 million unique IP addresses in over 190 countries, making it possibly the largest botnet ever created. The people controlling the botnet sold access to these infected devices to other criminals, who used them for cyberattacks, money laundering, and fraud.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
Don’t trust free VPNs
You can’t trust free VPN apps because they have no reason to keep you or your data safe. Here’s why you should be cautious:
- Data sharing: Many free VPNs share user data with third parties.
- Weak encryption: About 36% of free VPNs use weak encryption, compromising your online security.
- Data leaks: Nearly 90% of free VPNs leak some kind of data, with 17% leaking more than they should.
- Unreliable connections: More than half of free VPNs have unstable connections.
- Excessive permissions: Almost 70% ask for permissions they shouldn’t need, like tracking your location (20%) or checking what apps you have installed (46%).
Why people fall for fake VPNs
There’s a growing demand for VPN apps across all platforms, including smartphones and computers. Users often believe that if they find a VPN app in an official store, like Google Play, it’s safe to use. They’re especially drawn to free services, thinking it’s a great deal. However, this can often be a trap.
MASSIVE DATA BREACH EXPOSES 3 MILLION AMERICANS’ PERSONAL INFORMATION TO CYBERCRIMINALS
Choose trusted VPN services for optimal security and privacy
If you need a VPN, stick to a service that’s well-known, trusted, and not free. Look for ones that are talked about on mainstream sites and backed by solid reviews. If you’re not sure where to start, I’ve put together a handy list of my favorite VPNs. I’ve tested them myself, and you can trust them to keep your data safe.
ExpressVPN and Surfshark are both trusted VPN services that prioritize your privacy and security and are available on a wide range of platforms, including Mac, Windows, iOS, Android, and popular browsers.
ExpressVPN: ExpressVPN is known for its speed, reliability, and strong privacy features. It offers ultra-fast servers in 105 countries, supports P2P sharing, and allows up to 8 devices to connect simultaneously. Available on a wide range of devices, it features a simple setup that takes less than 2 minutes. ExpressVPN’s strict no-log policy ensures your data is never stored, and all servers run on RAM, so no user activity is saved. With 24/7 live customer support and a 30-day money-back guarantee, ExpressVPN is a top choice for privacy-conscious users.
CYBERGUY DEALS:
- Save 48% now with CyberGuy’s exclusive offer – you can get now up to 3 months FREE with a 12-month plan, for $6.67/month. Try 30 days risk-free.
- Save 61% now with CyberGuy’s exclusive offer – you can get now up to 4 months FREE with a 24-month plan, for $4.99/month. Try 30 days risk-free.
Surfshark: Another excellent option, Surfshark provides strong security features at an affordable price. Like ExpressVPN, Surfshark operates under a strict no-logs policy and uses advanced encryption to keep your data safe. One standout feature is Surfshark’s ability to support unlimited devices on a single account, making it ideal for families or users with multiple gadgets. Another to top choice for privacy-conscious users.
CYBERGUY DEALS:
- Save 81% now with CyberGuy’s exclusive offer – Get 4 extra months FREE with a 12-month plan. Try 30 days risk-free, for only $2.99 per month.
- Save 87% now with CyberGuy’s exclusive offer – Get 4 extra months FREE with a 24-month plan. Try 30 days risk-free, for only $1.99 per month.
UNDERSTANDING BRUSHING SCAMS AND HOW TO PROTECT YOURSELF
7 important tips for choosing and using VPNs
Here are seven essential steps to help you choose a reliable VPN and safeguard your online privacy.
1) Stick to official app stores: Always download apps from trusted platforms like the App Store for iOS or the Google Play Store for Android. These stores have built-in security measures that help detect and remove fake or harmful apps. Avoid downloading apps from random websites or third-party stores, as they are more likely to host malicious software. Even on official stores, check the app’s reviews, ratings, and download count to ensure it’s trustworthy.
2) Pay attention to app permissions: Be careful about the permissions you grant to apps during installation. A flashlight app, for example, doesn’t need access to your contacts or location. Question any permission that doesn’t align with the app’s functionality. Both iOS and Android allow you to review and manage app permissions in your settings, so take the time to double-check what you’ve already allowed.
3) Use two-factor authentication (2FA): Implement 2FA for your VPN accounts to add an extra layer of security beyond just a password.
4) Keep software updated: Regularly update all VPN-related software, including clients, servers, and associated networking hardware, to benefit from the latest security patches and improvements.
5) Use strong encryption: Look for VPN services that use robust encryption protocols like AES-256 to protect your data.
6) Monitor VPN traffic: Continuously monitor VPN traffic and logs for unusual patterns that might indicate security issues.
7) Invest in strong antivirus software: A strong antivirus program can help detect and remove malware before it compromises your device. Many antivirus apps also come with features like web protection, anti-phishing tools, and the ability to scan new apps for threats. While there are free options, premium versions often provide more comprehensive protection. Look for a trusted name in cybersecurity when choosing an antivirus solution.
My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
Kurt’s key takeaway
Fake VPN apps are everywhere, and they’re bad news. They’re not just useless—they can turn your device into a tool for cybercriminals. The 911 S5 botnet showed us just how dangerous free VPNs can be, turning millions of devices into a giant network for fraud and attacks. The truth is free VPNs aren’t really free. They often come with weak security, leak your data, or demand permissions that put your privacy at risk. If you’re serious about protecting your online activity, invest in a trusted, paid VPN service.
How often do you check the credibility of apps you download? Let us know in the comments below.
FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2025 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.