The latest warning for iPhone and Android users should see millions of apps deleted from phones and millions more not installed in the first place. The nature of this warning isn't new -- but this time it comes directly from the U.S. government. Hopefully this means users will take it more seriously this time.

While the security vulnerabilities with SMS and RCS texting have taken center stage in this month's FBI and CISA warnings, the agencies have also told users to make sure they keep the firmware on their phones updates at all times and to make use of safe browsing, DNS masking and password managers when available.

The final warning hasn't yet generated headlines, but it's just as much of a security vulnerability as open texting across cellular networks. "Do not use a personal virtual private network," the U.S. government's cyber defense agency warns. "Personal VPNs simply shift residual risks from your internet service provider (ISP) to the VPN provider, often increasing the attack surface."

This is not news. Time and again, cybersecurity experts have warned the same. Last month, Kaspersky warned that the number of dangerous free VPNs installs is now soaring, "increasing by 2.5 times compared to Q2 globally. These apps were malware or programs that could be potentially used by malicious actors. This surge," Kaspersky warns, "has continued into Q4."

And in June, specialist websites Top10VPN just tested the "100 most popular free Android VPN apps in the Google Play Store... with 2.5 billon worldwide installs between them," and found the following issues:

As CISA itself says, "many free and commercial VPN providers have questionable security and privacy policies." While their advice is to avoids such apps unless "your organization requires a VPN client to access its data," I would not go that far.

VPNs are fine to use, and critical in certain situations, such as using public Wi-Fi in completely open or untrusted environments, especially overseas, or when you want to mask your location from the sites you're visiting or anyone monitoring web traffic.

It's only through the use of VPNs that users behind digital curtains in places like Russia, China and Iran can access overseas websites and comms platforms. This is why Apple removing VPNs from its Russian App Store triggered such headlines.

I'll repeat my golden rules for VPN usage here and strongly suggest you follow them:

"There is a growing demand for VPN apps," Kaspersky says. "Users tend to believe that if they find a VPN app in an official store, like Google Play, it is safe and can be used to get content that is originally unavailable at their location. And they think it is even better if this VPN service is free! However, this often ends up being a trap, as recent cases and statistics showing a surge in malicious VPN app encounters prove."

Now the U.S. government has added its own warning, let's hope users are finally encouraged away from such risks. These free or low-rent apps often have huge numbers of installs. That must now stop.