Google is warning VPN users about a serious issue.
VPNs are great to enhance your online security, but there are issues that Google wants you to know about.
Using a VPN can reduce data speeds because it adds steps when downloading or uploading data. Slower speeds are normal when using a VPN and running a speed test. New VPN users on iOS or Android should be aware of potential risks.
Earlier in the month, Google cautioned against malicious VPN applications. According to a blog post, threat actors are disguising malware as VPN services across platforms to compromise user security. They often mimic trusted VPN brands or use social engineering, such as ads with sexual content, or exploit current events to target users seeking secure internet access.
Once installed, these apps can deliver malware that steals personal data. They may contain remote access trojans and banking trojans that collect private messages, browsing history, financial app credentials, and cryptocurrency wallet information.
Google says that Android and Google Play use machine learning to detect potentially harmful applications. The company advises users to enable Google Play Protect to keep their data private and apps safe. Google Play Protect includes an enhanced fraud protection pilot that blocks the installation of apps requesting permissions often abused in financial fraud. These apps will not install if sideloaded from a web browser, file manager, or messaging app.
The Cybersecurity and Infrastructure Security Agency (CISA), a part of the Department of Homeland Security (DHS), also advises caution regarding VPNs. CISA suggests that personal VPNs simply shift risks from the ISP to the VPN provider, potentially increasing the attack surface.
CISA also echoed Google's warning, noting that many free and commercial VPN providers have questionable security and privacy policies. Exercise caution when choosing a VPN source. Avoid VPNs from Chinese developers, as some use free services to lure victims. It is advisable to use VPNs developed by western companies, which may require a subscription fee.
Consider installing VPNs listed in the Google Play Store or Apple App Store. Android users should ensure Play Protect is enabled and avoid disabling it to install flagged VPNs. It is also recommended to avoid free VPNs and instead choose a paid VPN with a clear subscription plan.