Overview
- Google says counterfeit VPN apps are delivering info‑stealers, remote‑access trojans and banking trojans that siphon passwords, financial details, messages and crypto wallets.
- Some rogue apps mimic trusted VPN brands, use sexually suggestive ads or geopolitical hooks, and may even perform basic VPN functions while exfiltrating data.
- Reporting cites a potential impact on roughly 3.9 billion Android users worldwide as attackers publish fraudulent apps and spread scams across platforms.
- Users are advised to download only from official stores, check for the Google Play VPN badge, avoid sideloading and free offers, review permissions, and keep antivirus protections on.
- Google places the fake VPN surge within a wider November scam landscape that includes job scams, AI impersonations, review extortion, fraud‑recovery schemes and holiday bargains that look too good to be true.