Google Issues Security Alert: Your VPN App Could Be Spyware in Disguise

Summary

Google’s November 2025 fraud and scams advisory warns that cyber‑criminals are distributing malicious applications disguised as legitimate VPN services, often via official app stores and even obtaining Google’s security badge. These fake VPNs can exfiltrate browsing history, credentials, financial data and cryptocurrency wallet details, turning a privacy tool into a data‑stealing weapon. The advisory urges users to download VPNs only from trusted sources, scrutinize app permissions, and favor established providers—citing Proton VPN Free, PrivadoVPN Free, Windscribe Free as the safest free options and NordVPN as a premium choice. The alert underscores the growing risk of free or low‑cost VPNs being weaponized for espionage and fraud.