Beware of fake apps pretending to be Proton VPN

Posted on September 19th, 2019 by in Security.

Learn how to identify and how to delete fake apps.

 

Recently, we have noticed an uptick in the number of fake Proton VPN apps. Hackers create fake versions of popular applications, like Evernote, Signal, and Proton VPN, to smuggle malware onto unsuspecting users’ devices. Once they are downloaded, the malware contained in these fake apps can unleash ads all over your device, take control of your device’s camera, or even let attackers steal your identity. This article explains how to avoid these fake apps and what you should do if you’ve downloaded one.

How to spot fake apps

You should not download apps from unofficial sources. Proton VPN apps are only available on the App Store, the Play Store, the Proton VPN website, or F-Droid.

While there are relatively benign copies of our apps in different corners of the Internet, if you do not download the app from one of these three sources, we cannot assure its quality. To download an official Proton VPN app, you must get it from our website, the App Store, or the Play Store.

Users still need to remain vigilant in the official app stores as even they are not 100 percent safe. There was a fake WhatsApp application that was downloaded over 1 million times from the Play Store in 2017. That app only spammed its users with advertisements, but it demonstrates the risk that exists. There was also an “Encryption Proton Mail keyboard” available briefly in the Play Store. Make sure you check the name of the app as well as the name of the developers. If either seems suspicious, do not download the app. 

A fake Proton Mail app while it was still available in the Play Store.


Fake apps pose the largest risk to Android users, but macOS and Windows users should also be careful. Only download apps from a trusted source and never download an app directly from a link shared via social media. If you are using an iOS device, you are relatively safe since you can only download apps from the App Store. (If you jailbreak your device, then this warning applies to you as well.)

Everyone can download any of our apps for free from our official sites, so there is no advantage to downloading them from an unverified source. We only charge a subscription fee for our premium services. Users who only want privacy protection can sign up for free plan.

What to do if you downloaded a fake app

If you downloaded a fake Proton VPN app, you should immediately delete it. Your data is not secure as long as the fake app is on your device.

To delete fake apps from your Android: 

  1. Open the app tray.
  2. Tap and hold the app you wish to delete. (Hold your finger on the app until you feel a vibration or notice that the screen changed.)
  3. Drag the app onto the Home screen.
  4. Continue dragging the app to the Uninstall option.
  5. Release your finger over the Uninstall button.

Download our secure and free VPN.

(Remember, these steps or the names of the folders might be slightly different for you, depending on the brand of your Android device.)

Unfortunately, malicious Android apps often try to prevent you from deleting them by making their icon and title invisible. If you cannot find the app on your device, you should go to your installed apps page.

To find hidden apps on an Android:

  1. Tap the Settings icon. It looks like a gear.
  2. In the Settings menu, tap Apps & notifications.
  3. Tap See all apps.
  4. Once you are looking at the list of all your apps, scroll until you find a blank space. This will be the invisible fake app. Tap it and select Delete.

If your device will not let you delete the fake app because it was able to get administrator permission, your best option is to wipe your device’s memory and start over.

To perform a factory reset:

  1. Tap the Settings icon. It looks like a gear.
  2. In the Settings menu, tap Backup & reset.
  3. Tap Factory data reset. (This will delete all data on your phone.)

How to recover from a fake app

Once you have cleared the counterfeit app from your device, you need to resecure your accounts. If you happened to download a fake Proton VPN app, here is how you can take back control of your Proton VPN account. You should first check your account page to make sure nothing (like your recovery email) has been altered. Finally, you should change your password.

To change your Proton VPN password:

  1. Go to https://account.protonvpn.com/login
  2. Enter your login credentials
  3. Once you are logged in, click Account on the left.
  4. Click Change Proton password.

If you fear your Proton Mail account might be at risk, you should check to see if there are any active sessions that you do not recognize. If there are, close them immediately. And make sure your recovery email address hasn’t been changed. Then change your password.

To secure your Proton Mail account:

  1. Go to https://account.proton.me
  2. Enter your login credentials.
  3. Click Settings.
  4. Find and click Security in the menu on the left.
  5. Under Session Management you will see all the sessions currently open. If there is one you do not recognize, click Revoke. If you are very concerned about your security, you can click Revoke all other sessions.
  6. You will be prompted to enter your password to confirm that you want to end these sessions.
  7. Then find and click Account in the menu on the left.
  8. Scroll down until you see Change password.

Downloading a fake app is one of the quickest ways to compromise your device. Unfortunately, it only takes one weak link to put your data risk. To keep your data private, you must always be vigilant.

Best Regards,
The Proton VPN Team

You can follow us on social media to stay up to date on the latest Proton VPN releases:

Twitter Facebook | Reddit | Instagram

To get a free Proton Mail encrypted email account, visit: proton.me/mail

Prior to joining Proton, Richie spent several years working on tech solutions in the developing world. He joined the Proton team to advance the rights of online privacy and freedom.

6 comments

  1. Adrian

    Would you please publish a .sig file for the GnuPG singature of the APK? Or an SHA256SUM?

  2. L.

    Snowden’s book says the NSA can hack into VPN’s with a program (i believe it’s called FOXACID). Has Proton covered this entry point used by outsiders?
    Thanks,
    L.

  3. Raart

    That can’t be done from the application level of the same operating system itself…!
    You should scramble the scan-codes coming from the keyboard before they physically reach the computer.
    The only solution I imagine is to use a separate keyboard with a de/scrambler device (say a Raspberry with LCD, a smartphone *with no data connection*, a second PC…) connected to an USB or BlueTooth port of your PC. On this second “keyboard” you type the text to scramble only(!) and on this second “display” you can read your correspondant’s descrambled text.
    Obviously this second device, will never be connected to any data source or to the Internet for security reasons.
    In other words, if you do not trust your operating system, the only solution is to use another one completely separated. ;-)

  4. Matt

    Proton Team,
    Please create a new app for the public. We would like to see an encrypted keystroke scrambler for PC and Android. Something to encrypt our keystrokes so the operating system cannot save or read our keystrokes.

    Thanks Team!

  5. Cyril

    Hello. I’m using Lineage OS without GApps, so I can’t download ProtonVPN from the play store. Is there other way to download it, or my only choice is the OpenVPN app from the F-droid?

  6. Richie Koch

    Hi Cyril,
    Please contact us at support@protonvpn.com or fill in the following form: protonvpn.com/support-form and we will send you the link to download the APK file.
    Cheers

Comments are closed.

Secure
your internet

Get Proton VPN
Get Proton VPN

For customer support inquiries, please submit the following form for the fastest response:
Support Form

For all other inquiries:
contact@protonvpn.com


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP.js v4.10.10
Comment: https://openpgpjs.org

xsBNBFiYeeIBCACpwuYcTsACyjQaqY3tOUonokamGZf3VDuLvcA9nQnu4vlB
n1RFFUJa5Pmf2yZ9EjJFSldTl5lreE3tFf53CcZ9wKa1R6aMnN/0VqURJho0
ZTqevQlCvuJ9kKHkDck3Em0/1WWnhDJgabp+fOa5HAHoAvcNy5gVPuexTT/N
wp6QcfB7w+qFhf73s0bcSn5RC+FAYlQxZVFhFtA7/7LthBVatDJrYLYP9XJd
zOZqz9AX0XZwKal25RcVeGHkNKgloo0bTgro4D88MR7saqXFHTRhy3+Wss7c
uqrh0uIkVmqtadoK/rAbqOyFXQ2DlvSMVrEMLUvwlZbC0taqcKDfNA+FABEB
AAHNLWNvbnRhY3RAcHJvdG9udnBuLmNvbSA8Y29udGFjdEBwcm90b252cG4u
Y29tPsLAfwQQAQgAKQUCWJh54wYLCQcIAwIJEN4dfnhhw11TBBUIAgoDFgIB
AhkBAhsDAh4BAAoJEN4dfnhhw11T6PwIAKgIHTUaEcCFQ5WfmwGpdhRgFe7H
gnHR8UOFPrRKnbCOQgTVPGwCFt8UVFhEgbmtroThU89DpxFSYUOD6nZ2k1X3
X4Q9OsItFUUuhPtLJrkz5ghtZLmsAH/edTRbVU1Ew1E8KbylLFI1J5yId7zR
GdnaTXv/E7P3po5X/b08TFAhXSyYYUbMeQuthbJajtpFygr53lm47cOWa4N8
udqLhmpheaQj04DuqYXOGC08JQn+XbHzhFl5Yvlt9Idk8+7c2UJ0qgWKQ5ZV
mquRAw5HDCQM5OqF1MoImDxOH+tK3PUlvFDsLZ1WPEOHK/EN12sPBx0x1R04
fcPTPdbMwgISGM3OwE0EWJh54gEIALqhrLUpvarPc0nkuHpyJC/MsrIDPLuV
qMc49tgjgDBsyIKJFEP9qCnkSOEixaFi+nTljUSpkHGR+PvEGecmcOdW6djN
QGxon/nwBT9d8HbtxJesaEIzwRAxmqQW9MqNq4UsfNQ0VvUYqV9wEbYfdDT/
jZfz9N0hjFELF1sg3UPcCRijhf162bp+rLQdO9vWVUbOdMQvsM/kyUJ6JMXR
xUtyKC05ddxii2SMr4XUW45ostPbxJybOF5oSZpEb1EIlrTLLPAe/498XlBW
hpRAPe+9ZfNs7drMvUEFnnOXahrXAuaaZpyaS/XBaloqSb1+v2AkUep3dbSF
PaRtbXRMS+kAEQEAAcLAaAQYAQgAEwUCWJh54wkQ3h1+eGHDXVMCGwwACgkQ
3h1+eGHDXVMZ4Qf4hu5N8/uYNDqJMFRIWSCpPGxmyIVXGARG4hgR8gwPZY9K
fReAUndX3uODBNIgZU7I3YntawU1DlP6GpP6yyR/8lfUMNCAXPDmd+zTFYIJ
UDHD8sw2GRrFVzFOKUpAapWFOI4XjSMP2UiK4HgrpUjAhe1wSaa7nEjtAuYT
zFx1QSuQD1iYcOF/FAm7EuhBIfWITjYAobGM6gonPbp3IPHM52rUbulllcdV
vCLs+blcyiVCGZlNcmlg3eibAJJL19TQLqT2DbQvQ/SyVBJGjoT+y4TTRtmZ
cebEjt2KJcc4x2lzPq3z2KJNyJTOTMB+aYD9Ma9IObDds+M/+5XDWi7f
=ueTT
-----END PGP PUBLIC KEY BLOCK-----

You can also Tweet to us:
@ProtonVPN