Morning Overview

The FBI warns free VPN and ‘get paid for your bandwidth’ apps may be selling your connection

The FBI is warning that free VPN apps and “get paid for your bandwidth” schemes can quietly enroll your home internet connection into a criminal network, routing strangers’ traffic through your devices without your knowledge. In a public service announcement issued March 12, 2026, the bureau warned about residential proxy networks, explaining that cyber criminals use them to hide their identities and locations by pushing their internet activity through ordinary home and small-business connections. The same alert was published through the FBI’s cyber alerts page.

What a residential proxy is and why it matters

A residential proxy is an intermediary server that makes someone’s internet connection appear to originate from a different place, in this case, from a real household’s IP address rather than a data center. The FBI explains that legitimate IP addresses assigned by internet providers to consumer devices, streaming boxes, digital picture frames, smartphones, tablets and routers, get used to route someone else’s traffic. Once a device is compromised or enrolled, its address can be used to mask illegal activity, “making the consumer appear responsible.”

That last point is the crux of why this warning matters to everyday users. If a criminal routes fraud, phishing or account takeovers through your connection, it is your IP address that shows up in the logs. The FBI lists a long menu of how proxies get used: distributing malware, hosting phishing infrastructure, creating fake accounts, brute-forcing logins, bypassing content and purchase restrictions, and even logging into a victim’s compromised bank account from an IP in the same city so the bank is less likely to flag it as suspicious.

How ordinary apps pull devices into these networks

The most striking part of the FBI’s guidance is how mundane the entry points are. Free VPN services can enroll a user’s device into a residential proxy network “without obtaining their consent,” the bureau says, with the details “often hidden in the terms of service, which most users do not read prior to download, or the language is difficult for the user to understand.” In other words, the very tool someone installs to feel more private can be the thing that hands their connection to criminals.

The “passive income” pitch is the other headline route. The FBI describes schemes in which “proxy services convince people to download applications on their device that promise to pay them for their internet bandwidth,” adding that “people often do not realize that criminals use their internet connection to commit cyber attacks.” The apparent trade, a few dollars for your spare bandwidth, can mean your line is quietly working for someone committing fraud.

Those are not the only doors in. The alert also flags software development kit partnerships, where a proxy company pays app developers to bundle code that routes traffic in the background; compromised IoT devices, including some that ship with malicious software or get a backdoor installed during setup; and malware hidden in free games, pirated software, and free streams of movies or sports. The common thread is that each method turns a legitimate-looking download into an unwitting enrollment.

What readers should do to stay out of it

The FBI’s recommended precautions are concrete. It advises exercising caution before downloading free VPN applications and not clicking pop-up ads from untrusted sites, since those can trigger malware installation. It warns against TV streaming devices that promise free sports, shows and movies, and against pirated software, both of which frequently carry the malware that turns a device into a proxy. It also urges people to stick to official, reputable app stores, because sideloading from unofficial sources on streaming sticks or Android TV boxes raises the odds of installing something malicious.

Two further tips address the harder cases. Keep operating systems, software and firmware up to date, which the bureau calls one of the most cost-effective defenses, and be aware that some malicious devices ship with malware baked in that can survive even a factory reset; in those cases, antivirus software or reinstalling the operating system may be required to clear it. On the network side, the FBI suggests monitoring home traffic and assessing connected devices for suspicious activity, and for businesses, segmenting networks and blocking IP ranges known to be tied to proxy services.

The context is that these networks are large and actively targeted. Reporting this year indicated that Google and law enforcement disrupted a residential proxy network called NetNut said to span roughly two million devices, one of several such takedowns. The FBI notes that anyone who suspects their device or personal information has been compromised can file a complaint at its Internet Crime Complaint Center and should contact affected account providers, change passwords and set alerts for suspicious logins. The practical bottom line is simple: be wary of anything free that wants access to your connection, and treat “earn money from your bandwidth” as a warning label, not an opportunity.

More from Morning Overview

*This article was researched with the help of AI, with human editors creating the final content.