The proposed class action lawsuit was filed December 29th in California’s Northern District Court by Stone’s Eagle Team LLP and several other YouTubers’ businesses. It accuses Honey of intentionally replacing creators’ affiliate links with its own, even if it’s not offering shoppers a benefit, depriving creators of money in the process.

The complaint alleges that PayPal’s practice violates California’s Unfair Competition Law and constitutes interference between creators and their business partners. The plaintiffs are seeking to represent anyone who was part of an affiliate program and had their link “redirected to Paypal as a result of the Honey browser extension.” Class action status has not yet been certified by a court.

Honey operates by offering to find coupon codes through its browser extension. The MegaLag video last month describes how when shoppers interact with its pop-up offers at checkout, it replaces existing affiliate cookies with its own in the background and gets credit for the sale, whether it actually found a coupon or not.

The complaint lists other ways PayPal is allegedly claiming affiliate commissions. That includes offering users rewards through its Honey Gold Program and encouraging them to “Get Rewarded with PayPal,” which prompts them to check out using PayPal.

PayPal’s VP of corporate communications Josh Criscoe acknowledged to The Verge in our story last month that it’s following “industry rules and practices, including last-click attribution,” which the lawsuit agrees is a standard practice that credits the most recent affiliate with a sale at checkout. The plaintiffs argue Honey is using that standard practice in a way that’s “deceitful and clandestine,” luring users into clicking useless pop-ups that insert its code. We’ve reached out to PayPal for a statement on the lawsuit.

Lawyers are asking the court to make PayPal pay damages to creators and to permanently forbid it from swapping its own affiliate attribution at checkout. They’ve set up a website inviting other creators to join the lawsuit.

Virtual private networks (VPNs) are important if you care about your data and privacy. They create a secure, encrypted connection between your device and the internet, hiding your IP address and protecting your online activity. 

There are tons of apps out there that claim to offer VPN services, but not all of them are legit. Some are fakes trying to steal your data. 

In the third quarter of 2024, security researchers found that the number of users encountering fake VPN apps jumped 2½ times compared to the second quarter globally. These apps were either malware or programs that could be used by malicious actors.

I’m diving into the rise of fake VPN apps and how you can stay safe.

I’M GIVING AWAY THE LATEST & GREATEST AIRPODS PRO 2

What you need to know about the surge in fake VPN apps

According to Kaspersky, cybercriminals are taking advantage of people who want to use free VPN services. In May 2024, law enforcement shut down a botnet, a network of hijacked devices, called 911 S5. Several free VPN services, including MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN and ShineVPN, were used to create this botnet.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

When users installed these VPN apps, their devices were turned into proxy servers, meaning they were used to redirect someone else’s internet traffic. 

This huge network spread across 19 million unique IP addresses in over 190 countries, making it possibly the largest botnet ever created. The people controlling the botnet sold access to these infected devices to other criminals, who used them for cyberattacks, money laundering and fraud.

A VPN on a laptop  (Kurt “CyberGuy” Knutsson)

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

Don’t trust free VPNs

You can’t trust free VPN apps because they have no reason to keep you or your data safe. Here’s why you should be cautious:

• Data sharing: Many free VPNs share user data with third parties.
• Weak encryption: About 36% of free VPNs use weak encryption, compromising your online security.
• Data leaks: Nearly 90% of free VPNs leak some kind of data, with 17% leaking more than they should.
• Unreliable connections: More than half of free VPNs have unstable connections.
• Excessive permissions: Almost 70% ask for permissions they shouldn’t need, like tracking your location (20%) or checking what apps you have installed (46%).

Why people fall for fake VPNs

There’s a growing demand for VPN apps across all platforms, including smartphones and computers. Users often believe that if they find a VPN app in an official store, like Google Play, it’s safe to use. They’re especially drawn to free services, thinking it’s a great deal. However, this can often be a trap.

MASSIVE DATA BREACH EXPOSES 3 MILLION AMERICANS’ PERSONAL INFORMATION TO CYBERCRIMINALS

Choose trusted VPN services for optimal security and privacy

If you need a VPN, stick to a service that’s well-known, trusted and not free. Look for ones that are talked about on mainstream sites and backed by solid reviews. If you’re not sure where to start, I’ve put together a handy list of my favorite VPNs. I’ve tested them myself, and you can trust them to keep your data safe. For best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.

A woman looking at a VPN app on her phone   (Kurt “CyberGuy” Knutsson)

UNDERSTANDING BRUSHING SCAMS AND HOW TO PROTECT YOURSELF 

7 important tips for choosing and using VPNs

Here are seven essential steps to help you choose a reliable VPN and safeguard your online privacy.

1. Stick to official app stores: Always download apps from trusted platforms like the App Store for iOS or the Google Play Store for Android. These stores have built-in security measures that help detect and remove fake or harmful apps. Avoid downloading apps from random websites or third-party stores, as they are more likely to host malicious software. Even on official stores, check the app’s reviews, ratings and download count to ensure it’s trustworthy.

2. Pay attention to app permissions: Be careful about the permissions you grant to apps during installation. A flashlight app, for example, doesn’t need access to your contacts or location. Question any permission that doesn’t align with the app’s functionality. Both iOS and Android allow you to review and manage app permissions in your settings, so take the time to double-check what you’ve already allowed.

3. Use two-factor authentication (2FA): Implement 2FA for your VPN accounts to add an extra layer of security beyond just a password.

4. Keep software updated: Regularly update all VPN-related software, including clients, servers and associated networking hardware, to benefit from the latest security patches and improvements.

5. Use strong encryption: Look for VPN services that use robust encryption protocols like AES-256 to protect your data.

6. Monitor VPN traffic: Continuously monitor VPN traffic and logs for unusual patterns that might indicate security issues.

7. Invest in strong antivirus software: A strong antivirus program can help detect and remove malware before it compromises your device. Many antivirus apps also come with features like web protection, anti-phishing tools and the ability to scan new apps for threats. While there are free options, premium versions often provide more comprehensive protection. Look for a trusted name in cybersecurity when choosing an antivirus solution. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

Kurt’s key takeaway

Fake VPN apps are everywhere, and they’re bad news. They’re not just useless. They can turn your device into a tool for cybercriminals. The 911 S5 botnet showed us just how dangerous free VPNs can be, turning millions of devices into a giant network for fraud and attacks. The truth is free VPNs aren’t really free. They often come with weak security, leak your data or demand permissions that put your privacy at risk. If you’re serious about protecting your online activity, invest in a trusted, paid VPN service.

How often do you check the credibility of apps you download? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover

Follow Kurt on his social channels

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com.  All rights reserved.

Arlo has once again increased the monthly subscription pricing for its smart home cameras’ Arlo Secure cloud storage plan. The company now charges $9.99 per month (up from $7.99) to store a single camera’s recordings and $19.99 a month (up from $17.99) for unlimited cameras. And instead of calling the cheaper plan Arlo Secure, both are now named Secure Plus.

At $9.99 per month, the cheapest Secure plan is now more than three times the monthly $2.99 Arlo once charged to store video for a single camera in the cloud. The company bumped that to $4.99 in early 2023, then to $7.99 last year. With annual billing, the single-camera plan still works out to $7.99 per month, while the unlimited-camera one is effectively $17.99 per month when you pay for a year upfront.

This latest round of price increases comes after Arlo announced a new set of AI-powered features in September. The features include letting users name specific people or vehicles the camera sees and get notifications about them, or to train its cameras to detect and notify them of events like a sprinkler turning on or garage door opening. The company has also doubled how many days of recordings it will store, from 30 to 60 days.

Arlo has offered at least some users the ability to keep their old rate by switching to an annual plan, according to a screenshot posted to the Arlo subreddit.

Users can still get free storage by using Arlo Base Stations and SmartHub devices that are compatible with their cameras. However, going that route also means missing out on certain subscription-only features that make smart cameras appealing, such as package detection.