Fresh warning to VPN users after scam app is caught stealing money from phones

VPN users in Dubai complained after noticing money had been lifted from their accounts by malicious apps

Aaron Brown

By Aaron Brown


Published: 25/07/2024

- 09:56

All products and promotions are independently selected by our experts. To help us provide free impartial advice, we will earn an affiliate commission if you buy something. Click here to learn more

VPN users in Dubai noticed £1 was siphoned from their accounts each day

There's no shortage of VPN deals out there, but you must be careful about which brands you decide to trust with your data. VPNs use end-to-end encryption to shield your online data from prying eyes, advertisers, and even your broadband provider. That's a lot of data, so you'll want to make sure it's a reputable service.

Unfortunately, users in Dubai made a bad decision and entrusted their privacy and online safety with the wrong VPN. According to the Khaleej Times, a malicious VPN has been caught siphoning money from users' devices.


The malicious VPN quietly drained pre-paid phone credit — taking small amounts every day to avoid arousing suspicion. Some users reported losing as much as Dhs200 (£42 or $50 converted) over a month.

VPNs are not illegal in the United Arab Emirates, but there are strict rules on what you're allowed to do with these popular apps. Installing a VPN to enhance your online privacy is fine, but hiding your IP address to unlock access to websites, applications, and games blocked by the UAE government could lead to your imprisonment or a fine of up to Dhs2 million — roughly £421,000.

Speaking about VPN fraud following the incident in Dubai, Ezzeldin Hussein, who serves as the Regional Senior Director for Solution Engineering in META at SentinelOne, told Khaleej Times: "If someone has installed a malicious VPN app on their mobile, the scammer can potentially access their phone and make unauthorised purchases, leading to deductions from the person's post-paid or pre-paid mobile balance.

"A malicious VPN app can gain control over the device, allowing scammers to make purchases from app stores like the Apple App Store or Google Play Store without the user's consent."

VPNs use military-grade encryption to secure everything beamed between your device and the websites, online services, and applications that you're using. That's a lot of data and highlights the importance of properly vetting the service that you're about to install on your iPhone, iPad, Windows PCs, Android phone or tablet.

line drawing that demonstrates how the end to end encryption in vpns worksThis simple illustration shows how VPNs work. Everything in a dotted-line is encrypted and shielded from outside eyes, including hackers, your broadband provider, employers, and advertisers NORDVPN PRESS OFFICE

With so much competition to offer the best VPN deals, it can be tempting to only check the price of a VPN.

But it's important to check the reputation of the VPN service — does it have any reviews on the listing on the Apple App Store or Google Play Store, for example? If so, how many of those reviews are positive? What permissions will the app request when installed ...and does it need all of these? For example, should a VPN really request permission to scan through your contact list?

Given that VPNs can be essential to ensure safety online, it's too risky to take a chance on a suspect provider.

Picking a reputable VPN service isn't just a question of price. Many award-winning Virtual Private Networks (VPNs) with 24-carat reputations within the industry offer either a free subscription tier, a free trial period, or a 30-day no-quibbles money-back guarantee to serve as a risk-free way to test the service. It's not the case that simply spending more money will shield you from the risks of a dodgy service.

You may like