Pareesa Afreen 
Nov 13, 2025
An undated, representational image of VPN. — iStock
Google has issued a major security alert for Android users, warning about the rise of fake VPN apps that impersonate trusted services.
These apps trick users into installing them and then deploy malicious software to steal sensitive data or hijack devices.
According to Google Vice President of Trust and Safety Laurie Richardson, the attackers are impersonating popular VPN brands or using social engineering methods, from suggestive advertisements to utilising geopolitical events, against users looking to safely access the internet.
Once installed, these applications can deliver info-stealers, banking trojans, or remote access tools that steal messages, login credentials, browsing history, and cryptocurrency wallet information.
The warning is particularly relevant for Pakistan, where VPN demand has surged: a report by Top10VPN shows daily usage can spike over 330%, and one provider saw a whopping 2,860% increase in sign-ups during a recent internet crackdown. Most Pakistani internet users rely on Android devices, making them especially exposed.
Simultaneously, the Pakistan Telecommunication Authority has limited VPN usage to only registered services and warned that unregistered apps could be blocked. The authorities say militants and "anti-state" content use VPNs to bypass monitoring.
Experts advise downloading VPNs only from trusted sources, checking official brand pages for information, and avoiding applications that offer their services for free or at very low costs.
