VPNs are powerful tools that can help keep you safe on the web, but they aren’t some kind of magical armor that will protect you from all online dangers—no matter how much VPN providers promise that they are. Let’s take a look at some of the dangers a VPN can’t help you with.
What VPNs Will Protect You From
Before we get to that, though, it’s probably best to go over what virtual private networks are and what they’re good for. When you access the internet, you do so by connecting first to a server run by your internet service provider, which then connects to the website you’d like to visit, in this case, How-To Geek.
A VPN reroutes your connection: From your ISP’s server, your connection goes to one operated by the VPN provider, and then to the site you’d like to visit. From the website’s perspective, it looks like you’re accessing it from a different IP address—the VPN server’s rather than your own—which means you can appear as if you’re elsewhere.
This comes in handy when you’re trying to access the Netflix library of another country—or if you want to avoid blocks placed by your government. This is an issue for people in Russia and China, for example—countries where the internet looks very different.
That’s the first big advantage of using a VPN, the ability to spoof your location. However, these services have another trick up their sleeve, namely what’s called a secure or encrypted tunnel. In short, this means that the VPN encrypts the connection between its server and the site you’re visiting.
As a result, anybody that wants to see what you’re up to—which in this case could mean either the site or your ISP—will be met by an assortment of random gibberish, the tell-tale sign of an encrypted connection. It’s one of the reasons why VPN use is recommended in cases of Wi-Fi hijacking.
VPN Marketing Claims
VPNs are the best possible way to protect yourself from anybody using your IP address to track you. This generally includes any kind of surveillance—either by governments or corporations—as well as dodging censorship. We have an article on all the things you should use a VPN for.
However, as we’re dealing with matters most people aren’t familiar with, it’s very easy for VPN providers to claim all manner of benefits to VPN use in an attempt to draw more customers in. These attempts can range from the relatively innocent to the downright nasty.
A good example of the latter can be found in our piece on untrustworthy VPNs: RusVPN uses the below box on their site to scare people into signing up to the service. However, armed with the knowledge we outlined earlier, you’ll quickly realize most of these claims are complete nonsense: a VPN can’t foil hackers who are after information like your bank account information or your address. It just doesn’t work that way.
However, this is just a particularly egregious example. Many of the best VPNs are guilty of at least exaggerating what their product can do.
NordVPN, for example, has a habit of overpromising on its “double VPN” feature, while ExpressVPN claims its being headquartered in the British Virgin Islands will keep you safe from governmental warrants—it won’t though, as we explain in our article on what VPNs share with law enforcement.
How You’re Vulnerable, Even With a VPN
As useful as VPNs are, they’re simply not a one-stop cybersecurity shop. Though we don’t want to become scaremongers ourselves, the large variety and number of threats on the internet simply can’t be held back by just one type of software. While VPNs will make sure your IP can’t be tracked—at least the good ones will—anything that tracks you using other means won’t be put off by a VPN.
This includes the obvious, like confidence scams. These include old favorites such as the Nigerian prince or emails where you’re told the IRS is after you and you quickly need to pay a fine using gift cards; examples abound. Viruses and other malware are generally not stopped by VPNs, nor are things like keyloggers. Think of it this way: if the threat isn’t interested in where you are, then a VPN likely won’t help.
That said, even when it comes to tracking VPNs aren’t bulletproof. When a site or organization is trying to figure out who you are—usually so they can tailor ads to your browsing habits—the IP address is only one of many data points used for that. Much more valuable is your overall browsing history, which can be pieced together even when you use a VPN.
The first way is to track you uses your online accounts from sites like Google, Microsoft and Facebook. You may not realize it, but as long as you don’t expressly sign out of these, they’re following along as you browse and slurping up all that sweet, sweet data that makes these companies all their money.
The easiest way to prevent this type of data collection is to simply not sign up to any of these accounts. As that’s likely not possible for everybody, the next best thing is to switch on incognito mode whenever you’re browsing—or at least when you don’t want to be tracked. Incognito mode signs you out of all your accounts, thwarting their data collection.
However, technology has gotten advanced enough that even using a VPN and signing out of social media accounts, you can be reliably tracked using something called browser fingerprinting. Using this technique, sites can create an accurate profile of who you are simply by analyzing little tell-tale signs like the device you’re using as well as your browsing habits.
In the end, no matter how good your VPN and your other precautions, you’re going to have to accept some kind of tracking. The only real way to avoid it is not going online at all—no matter what security companies tell you.