11 VPN scams to look out for in 2021 (and how to avoid them)
With the increasing clamor for online security and privacy, fake VPNs spring up by the minute, all promising 100% privacy, security, and safety. You will also discover that these VPNs have lots of excellent reviews and juicy offers, ranging from lifetime subscriptions to free services.
Unfortunately, many of these features are scams or, at best, bogus claims. They are misleading and only aim to dispossess you of your money, personal information (which is then sold to advertising companies, thereby exposing you to all sorts of online danger), and many other things.
How do you spot these scams and avoid them? That’s precisely what we will be discussing in this article. So, come along as we delve deep and discover 11 common VPN scams in 2021 (and how to avoid them). Let’s begin!
Scams in the VPN industry
The following are some of the mostly commonly seen and worst scams we’ve noticed in the VPN market that you should always look out for:
Scam #1: Free VPNs
An old saying goes, ‘there is no free meal in Freetown.’ This is especially true for VPNs. Free VPNs are among the most dangerous and common VPN scams to watch for as they go against everything a VPN is supposed to be. Unfortunately, many are focused on the catchy word “free,” ignoring the dangers in it.
While it’s true that cybersecurity is not 100% assured, there’s peace in knowing that companies have more to lose when they sell, log or use your data. Unfortunately, this is precisely what free VPNs do; they collect your data and sell them off to third-party agents for their benefit.
Like Facebook, Gmail, and other free services and products, free VPNs are just another way companies make money off your private information. For these companies, data collection is their primary business model.
Example: VPN Master-Free VPN Proxy is a free VPN and is on Google Play Store. It has a high rating of 4.6 and approximately 100 000 downloads. Before now, one would observe that the VPN has lots of free malware. This is no longer the case, though, as a recent check done on VirusTotal shows the VPN is free from all malware. This goes to tell you that you should never fully trust Google Play and Apple Store ratings.
Free VPNs are also known for the following:
- They direct users to ads
- They track and log online traffic data, selling them off to third parties.
- They do not do the job of encrypting your data (even if they say they do)
- Free VPNs inject malware, spyware, and so on into their client’s devices to monitor their online activities.
- They steal bandwidths and resell them to third parties
Scam #2: Look out for fake VPNs
With the growing popularity of VPNs, fake versions are also springing up like weeds. These are not VPNs but rather VPN subscriptions sold by these scammers to unsuspecting users. One of such counterfeit VPNs is MySafeVPN (and lots more).
We define a fake VPN as one that goes against privacy and security. An example is Hola VPN; this VPN uses its customers’ devices to produce a botnet, a feature that allows others to ride off their internet bandwidth freely; they do this without customers’ knowledge.
A way to avoid being a victim of fake VPNs is to prevent new VPN services with unproven track records or have a history of good performance and support. These fake VPNs often promise to make you ‘anonymous’ with their software; this is usually a lie. They only want your money. Sometimes they go a step further to inject spyware, malware, or ads into your data or sell off your data to third parties.
Scam #3: VPN lifetime subscriptions
VPNs that offer lifetime subscriptions are red flags; avoid them at all costs. Operating a secure, fast, and safe network of global VPN servers with good apps and strong support is no child’s play; it’s expensive and has recurring costs. Given this high cost of operation, how can a VPN offer a ‘lifetime subscription’?
Take, for instance, the graphics obtained from Gdgt Deals; they used to offer a lifetime VPN subscription to Windscribe VPN for a mere $49, with the original price going for just $900. The price is meager, so much so that there had to be a catch, and there was. But that too has been fixed, thanks to all the articles that called their attention to it. Here’s what their updated website looks like:
For instances like this, here are some of the theories we came up with:
- These cheap or ‘free’ VPN services collect customer data and sell them off to advertisers and third parties. This business model is popular and lucrative.
- The VPN redirects your browser to third-party sites or bombards you with ads and then gains commissions for their sales.
- The ‘lifetime subscription’ is just a faux. The VPN provider will cancel the subscription after a year or so.
- The VPN is just like a Ponzi scheme; it requires an ever-growing list of subscribers to remain active until it eventually collapses like a pack of cards.
Usually, the ‘lifetime’ refers to the lifetime of the VPN company and not that of the customer. Once the company sells its lifetime subscriptions, they pay themselves out, shut down the business, and disappear into thin air.
Some VPN companies cancel all the ‘lifetime subscriptions’ and convert the accounts into recurring paid subscriptions. An example is VPNLand, a company no longer in existence as of today.
A user who complained to the company got the following response:
“Just FYI, A ‘lifetime’ account does not mean it will be valid till someone dies. It could be anyone’s lifetime-such as a cat or lifespan of the hardware.”
The above statement is just an example of the cruelty users are subjected to; don’t fall a victim, avoid VPN market scams.
Scam #4: Dubious free VPN apps
Generally, free VPN apps have problematic security and privacy features. Recently, news making the rounds had it that free VPN apps on Google Play Store deliver financial malware to unsuspecting users. While this is not true for every VPN app, most free VPN apps found on Apple or Google Play Store are insecure and dangerous to use.
A team of researchers had this to say about the free Android VPN app:
- 16% of VPN apps steal their customers’ bandwidth
- 18% do not encrypt data
- 38% of these apps contain malware (spyware, riskware, malvertising, and trojans) used to monitor, steal or damage your data
- 74% engage in third-party tracking
- 82% attempt to get sensitive information of users (user’s text messages or accounts)
- 84% leaks their customers actual IP address
Close observation at increasing VPN app scams reveals that many of these mal-infested apps have high ratings. This means that millions of unsuspecting people are using VPN filled with tracking and malware. This is more so for free VPN apps. Hence, we advise you avoid shady free VPN apps.
Scam #5: Faulty features and unsubstantiated claims
Scammy VPN providers often make bogus claims. A typical example of this include:
- Fastest VPN: This is another bogus claim that many VPNs make. Many of these VPNs have nothing more than mediocre speeds, and this is usually because their servers have many users per time lured by the same ‘fastest VPN’ claim.
- No IP address Leaks: Many VPNs claim to have robust IP leak protection features, but upon use, you will discover these features don’t work. One way to determine if the features do work is to run a series of VPN checks and tests.
When scouting for a VPN to subscribe to, ensure your scam radar is on high alert; read through the claims and features of the VPN website before making a decision.
Scam #6: Questionable pricing policy
Avoid VPNs that require you to pay a huge sum of money or one that requires nothing from you. When reviewing pricing, ensure you know when you are to pay as well as how much in real. Some time ago, about 200 customers fell for a $400/month VPN service fee in a scandal with ‘Mobile protection: Clean & Security VPN’ (did you observe the typo error in the title?). The app claimed they charged users $0.99/week for its premium service; they also made many other bogus claims.
Aside from the pricing error, the product description has many grammar mistakes, which should immediately alert observant users to the service’s ingenuity. Despite its unsuitability, about 50,000 people downloaded the app before it was finally retired.
Before subscribing to a VPN service, ensure it’s real, and determine how much it costs. Most genuine VPNs charge monthly or bi-annually; you will rarely find an honest VPN service that changes weekly. On average, a genuine VPN service costs between $40 to $99/year.
Scam #7: Fake reviews, comments and testimonials
Most reviews of new VPN services are not organic. They are mostly fake reviews written by the VPN providers to tell you how fantastic a VPN is. Below is an example of a company whose review website and company are the same:
The company J2 Global is a subsidiary of its parent company PCMag. They buy up VPNs, IPVanish and StrongVPN are a couple of them. It seems, they always recommend IPVanish in the list of their ‘best VPN’ guides, a trend that we noticed in 2017. PCMag is well known to publish digital content; they also own lots of VPN websites. Therefore, it’s no mere coincidence that IPVanish is often among its recommended VPNs.
Not too long ago, in March 2021, Kape Technologies acquired Webselenese, a security and privacy content specialist media. This group operates both Wizcase and vpnMentor, two of the most popular VPN and digital security blogs today. For those unaware, Kape also owns Private Internet Access, Zenmate, and CyberGhost VPN.
While amid these acquisitions, the firms keep saying that editorial independence would remain the same — that mostly is not the case. In this example, Kape Technologies bought Webselenese for a whopping $150m. Now if someone comes and tells after a $150m investment, the buyer wouldn’t interfere with the business affairs of a product, it would be hard for anybody to believe that.
Asides from fake reviews, it appears some people pay commenters to post how great a VPN is, mainly when a user publishes a negative review. All of this indicates that not all reviews are genuine; therefore, be careful of all online contents, including:
Bear in mind that most ‘reviews’ aren’t based on real testing; these reviews are nothing but marketing jingles, albeit paid ones.
Scam #8: Third-party sales sites
Recently, there has been a surge in the market demand for third parties who sell lifetime subscriptions. Despite their popularity, we advise you to avoid these middlemen at all costs. We suggest this because they often raise some questions, including:
- Why should a VPN service partner with a third-party site to offer lifetime subscriptions or sales?
- Why should I trust a third-party sales site with my data and banking information?
We observed this with Winscribe review but are glad they no longer sell this type of subscriptions. So, it’s best to avoid third-party websites and intermediaries. If you wish to purchase a subscription, then do so directly from the VPN company.
We have seen VPN providers that cancel all their lifetime subscriptions that users bought through third parties. When these users complain, neither the third party nor the VPN company takes responsibility.
Scam #9: Unsecure VPN websites
It’s important that when deciding on the VPN to go for, you read through the product description to verify that the services advertised are genuine and authentic. From the example given in Scam#6 above where we mentioned “Mobile protection: Clean & Security VPN,” the service claims had phrases like “duplicate contacts” and “instantly use smart anti-virus.”
How this escaped Apple we do not know, nor do we understand how it made it to its list of VPN apps. But even after deleting the app, many other VPN apps remain. Those fishy VPN apps now are only more careful with the words they write.
A way to determine a VPN’s quality and distinguish it from a scam is its security features.
For instance, MySafeVPN is a sham VPN provider with no HTTPS security, only HTTP. The difference is that while HTTPS encrypts data, HTTP does not; this seemingly unimportant factor, when taken into consideration, can save you from scams in the VPN industry. If a VPN site is not secure, there is no guarantee the service will be secure.
If a VPN claims to have military-grade security and privacy but does not even have HTTPs its website, you can be sure they are lying.
Scam #10: VPNs that require too much private information
Look out for VPNs that require you to reveal a lot of private information. Astrill, a popular VPN service, requires its customers to login using their address and phone number. Ignore VPNs that require this of you, as VPNs are not supposed to require your identity before using their services.
Bottom Line: VPN providers that accept Bitcoin as a form of payment should be considered as this further distances you from your account.
Scam #11: Inactive VPNs
There are also some disconnected or dead VPNs whose sites are still in operation. This means that although the service no longer functions, you can still buy or subscribe to it.
An example of this is EarthVPN. The VPN service is officially dead, but the site is still in operation. It has all its marketing features and the checkout process too. Users can find deals for subscriptions if they google them, while some review websites still have links to the VPN’s subscriptions.
However, its customer reviews reveal that the servers are no longer active, and no one responds to the support tickets. Hence, it’s most likely the service went off the radar silently. They probably refused to come clean because the money keeps rolling in, and they didn’t want it to stop.
If you subscribe to a dead VPN, you can be sure your money is gone. You won’t be getting any VPN service nor a refund either as there isn’t anyone in the company to process, acknowledge or refund it. Besides, an insecure website will have your payment details to make things worse.
Is it ever dangerous to use a VPN?
VPN services are becoming popular in recent times, and for good reasons. A reliable VPN can be a secure and safe way to surf the net. Many privacy-driven users use them to prevent monitoring by government agencies, corporations, and advertising firms. However, the danger comes in using free, unreliable VPNs; they are untrustworthy and thus dangerous.
VPNs (Virtual Private Network) protect individuals and organizations by creating a private browsing session. You need it even more when using public WiFi, such as libraries, cafes, restaurants, and other public domains, to prevent other people from accessing your online traffic data. A VPN creates a safe channel between the user’s device and the VPN server; this hide’s the user’s browsing activities and location.
Also, with VPNs, users can securely guard their online privacy to prevent ISPs (internet service providers) from monitoring their online activity. That becomes possible because after connecting the user’s device to the VPN server, the VPN bypasses the user’s IP address, hides the internet data, and makes it difficult for mischievous people to access the user’s information.
So, in essence, using a quality VPN can never be dangerous to you. It instead will help you stay secure online and enjoy the internet at the fullest.
Infamous VPNs that you shouldn’t trust
There’s no doubt that VPNs are a must for better privacy in today’s world. However, not all VPNs are worth it. Many are so dangerous that you are better off not using any at all. Here are some of those VPNs you should not trust.
We prefer to call it “reveal my ass.” Yes, this VPN is compatible with iOS, Android, Linux, PC, Mac, and routers and unblocks restricted websites (one of the key functions of a VPN). BUT it does all this at a cost. VPNs have the primary responsibility to protect their customers’ data, but HideMyAss does the exact opposite.
When pressured, they give out their clients’ information. This was the case in 2011 with a man named Cody Kretsinger. Private internet data was provided by HideMyAss when the police demanded it, an act that eventually led to his arrest, prosecution, and jail.
Hola is another VPN you should not trust. In 2015, reporters found the VPN service doing what no other VPN service ever considered doing. They converted their customers’ PCs into ‘exit nodes,’ allowing other users to route their data through the node. They didn’t stop there; they went further to sell the bandwidth to third-party agents. This is a clear violation of everything a VPN stands for. Therefore, we advise you avoid it at all costs.
3. HotSpot Shield
In 2017, the FBI arrested a man accused of stalking another person; this was possible through information on his online activity obtained via PureVPN services. Although PureVPN claims it does not log information, this more likely is a lie as they could produce enough evidence to identify the accused while cooperating with the FBI.
First, VPNSecure has its base in Australia, a “Five Eyes” country where the government and others closely monitor users’ online activities. In 2016, a research paper discovered DNS and IP leaks with the VPN service. Also, it features “egress points,” which have similar traits with “exit nodes” present in Hola VPN.
The paper had its suspicions (unconfirmed suspicions) that the company uses its customers’ bandwidth without their knowledge. While our security team couldn’t confirm it, if you want to stay safe, it’s best to stay away from this provider.
6. Opera free VPN
In 2016, Opera browser brought in a ‘free unlimited VPN” and made it available to all users. However, despite the name, Opera free VPN is not a VPN in the word’s true sense; it is more like a website proxy. It collects users’ data that they are likely to share with third parties (there is no evidence to lay a claim yet, though).
7. Facebook Onavo VPN
In the first part of 2018, Facebook revealed an in-built ‘protect’ feature for all mobile apps. In the reality, it was nothing more than Onavo VPN, a VPN app that Facebook acquired far back in 2013.
However, regardless of its effectiveness in protecting users, there’s a catch; Onavo collects their customers’ internet data and then uses it to make Facebook better. They use this data to gain insight into what the people want and then improve their products and services. This is commendable, only that the data collected are without the customer’s knowledge, and who is to say they won’t pass it on to advertising firms and third-party services?
In 2018, Zenmate, PureVPN, and HotSpot Shield were found leaking the real IP addresses of users. Meaning, when you use the internet with a link to Zenmate, your identity and data could leak. Although Zenmate became aware of this, they were very slow to respond. Hence, to be on the safe side, we advise you avoid the VPN altogether.
How to avoid VPN scams
The following tips will ensure you know how to avoid scams of VPN providers:
- Do not readily give out your email and personal information
- Never respond to emails referring to your financial or bank profile
- Beware of popup ads
- If you have the slightest doubt, don’t go ahead with the VPN subscription
- Avoid free VPNs
- Deal with your VPN provider directly (no third-party)
- Never opt for VPNs with life subscriptions
- Watch out for the provider’s country of origin
- Avoid VPNs without an anonymous payment platform
- Beware of VPNs with security breaches
- Avoid VPNs with no known reputation
VPN scams are a menace that we must get rid of if we are to enjoy the full benefits of authentic VPN services. These security scams rid individuals of their privacy, expose them to malware and phishing, and rob them of their hard-earned money.
That is why in this article, we have focused on all possible known VPN scams, means of identifying them, and how to avoid them altogether. As internet users, being conscious of these scams warning when looking to purchase or subscribe to a VPN service is of utmost importance as it will help you choose only the best VPN available.
In the end, a high-quality VPN is your best bet. They are not free and will not engage in various dubious acts to rake in money. These VPNs are transparent and have a good and credible reputation.
If you’d want us to quickly recommend a couple of them at the end, those would be ExpressVPN and SurfShark. Still, it’s always in your best favor to read reviews of different providers in the industry and settle with one that you feel would serve you the best.
About the author
Isa is a Nigeria-born professional writer and editor with more than 10 years of experience under his belt. Having worked with some of the most renowned organizations worldwide, he’s been able to produce and publish hundreds of high-quality articles across a wide range of niches. Over time, Isa has developed an immense interest in digital security and privacy. He has always been a privacy enthusiast, and now, he's giving it all to educate people on privacy, security, and geo-blocking issues around the world.