Can a VPN Do That? What a VPN Is NOT

A VPN is a useful tool for keeping your internet activity more private. They were first developed for the corporate world but they’ve become essential for personal computer users who browse the web. The popularity of VPNs has brought up some misconceptions, though. Many Internet users seem to think that VPNs are the answer to all cybersecurity problems when going online…and this mindset leads them to take dangerous risks or lower their guard. Let’s learn what VPNs cannot do and why you should rely on other cybersecurity measures to stay safe online. Before we dive into what it’s not, let’s look at what a VPN can do. A VPN creates a private tunnel that you can send your data through. Normally, your Internet traffic goes directly to your Internet service provider (ISP). A VPN takes that traffic and routes it to a VPN server first, so it looks like it’s being transmitted from somewhere other than your device. A VPN also masks your true IP address from the websites you visit. VPNs are an excellent privacy tool and using one can add a layer of protection as you surf the web. But they’ve been lauded so much both by the media and VPN companies that people seem to think they are a catchall cybersecurity tool that can keep you safe from any type of online attack. Turning on a VPN is like driving a nondescript car with good safety ratings through a sparsely-populated area. The chances you’ll be noticed or run into trouble are very low, but the car won’t drive itself. If you’re not careful, you could still get into an accident. When you use a VPN, you still have to practice good cybersecurity while you’re online. To help you understand the best way to use a VPN, here’s a list of what VPNs are not or cannot do. VPNs and proxy servers both offer privacy online but in different ways. Think of proxy servers as gateways and VPNs more like tunnels. A proxy server lets you substitute another IP address for your own, like VPNs. But when proxy servers reroute data from your device to the internet, they do not encrypt data through a secure tunnel, like VPNs do. Sometimes people confuse VPNs and proxy servers and use the terms interchangeably, but they are not the same thing. VPNs are generally more secure than proxies. Phishing attacks happen when someone with bad intentions sends you a fake email that looks real (like from your bank or your boss). The email contains a link that the nefarious sender wants you to click on. This could do any number of bad things to your computer. It could take you to a website that starts downloading malware onto your machine or a site that asks for login credentials so they can be stolen. Phishing works because people fall for it. They don’t scrutinize the email enough, click the link, and then they’re screwed. Nowhere in this process does a VPN play any part. If you have a VPN turned on and you click a malicious link in a bogus email, the VPN will not stop malware from downloading onto your computer. Nor can a VPN identify phishing emails for you. You still need to keep your guard up with suspicious-looking emails. As mentioned in the phishing example, a VPN cannot protect your computer from viruses and malware. You still need solid antivirus software installed and you need to keep it up to date. A VPN encrypts or protects data in transit; antivirus software monitors your computer and scans any new files for potential threats. If you want to surf the Internet safely, you should use both. A firewall is either a software or hardware device that blocks unauthorized access to your computer when it’s online. You can set up security preferences with a firewall and block specific websites if you so choose. Firewalls cannot detect anything malicious unless you program them to. When configured correctly, firewalls are indispensable for browsing the web on your computer. You can’t program a VPN to detect and block threats like you can with a firewall. VPNs are billed as the “ultimate anonymity” tool. Nobody can see what you do online, you’re totally private! But, you’re not. Your ISP still knows your IP address. They assigned it to you, put your name on the account, and send you an Internet bill every month. They still know who you are and they can see when you use a VPN. A VPN can hide your IP address from websites but it can’t hide other info websites collect such as: Gathering up all this information is known as “browser fingerprinting” and websites do it mostly so they can build advertising campaigns and better optimize the user experience. According to the Electronic Frontier Foundation (EFF), there’s a one in 286,777 chance that your browser shares a fingerprint with someone else. So websites can still use all this info to identify you, even if they don’t have your IP address. When you make an online purchase with a VPN turned on, the retailer still knows who you are, especially if you use a credit card with your name on it to make the purchase. Mobile service providers may not be able to use geo-tracking when you have a VPN turned on but they can still use signal tracking — monitoring the signal strength from cell phone towers — to find out where you are. In short, you are not completely anonymous online simply by switching on a VPN. VPNs are a useful tool, but they don’t allow you to become careless when you go online. When you’re using public Wi-Fi , always be cautious and avoid sending any sensitive data, even with a VPN turned on.