When VPNs Go Wrong
VPNs have become widespread over the past few years as their users have expanded from businesses utilizing them for information security to individuals seeking out ways to bolster their privacy or obscure their location.
The issue that arises from growing individual use is that there are more opportunities to be scammed, and some people with VPNs for personal use may not be able to distinguish between a reputable service and a charismatic, albeit malicious scam.
The biggest culprit among these are Free VPNs. These are alarming because they draw into question how the company offering the VPN can afford to run a safe and secure network of VPN servers with adequate support – these things are expensive and have fixed recurring costs. That means the company has to make money from another source, which may entail tracking information about your browsing activity to sell to third parties.
A VPN is supposed to secure and encrypt your data. If this tool was used with the intent to log your activity, it could monitor your IP address with time stamps, how long you use the service, as well as the websites you visit and other services you use. Even if you have somehow managed to find a Free VPN that truly secures your data, it could have other unwanted side effects such as plaguing your browser with ads, throttled bandwidth, and data caps among others. If these issues don’t seem threatening on the surface, one needs only to look deeper into them to truly assess whether or not it’s safe – for example, are those ads redirecting you to malicious websites? Are you able to work or use the internet with slow bandwidth? How quickly will you exceed the data cap?
One instance of a fake VPN scam is the story of MySafeVPN.
This story surfaced on Motherboard, where Nicholas Deleon first wrote about it after receiving a shady email message from the ‘Plex VPN team’, claiming that Plex had added a VPN service to its business known as MySafeVPN. It was marketed to preserve the privacy of North American users in the wake of the changes to US ISP permissions.
Deleon then wrote to Plex’s co-founder, Scott Olechowski, asking about the validity of this supposed new VPN service. Olechowski replied, “This is *absolutely not* a Plex affiliated service or offering,” and recommended using any other VPN service, as this one was obviously shady.
Plex was not the only target of this VPN scam. MySafeVPN posed similarly to other companies, including Boxee. Both Boxee and Plex suffered data breaches a few years ago, so it is possible that is how MySafeVPN was able to access the email list.
Trustworthy VPN services will not sell your information or cause you to be inconvenienced by slow network speeds or ads. The real VPNs can be immensely valuable, especially when connecting to Public Wi-Fi, where you are at risk for having information stolen. Simply reading the terms and conditions of a VPN service can be enough to help you distinguish between a reliable source and a scam.
This article was written by Kristina Weber of Centry Ltd. For any questions or comments, please don’t hesitate to contact us on any of our social media platforms! For more content like this, follow @CentryCyber on Twitter.