When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
With hundreds of VPN providers on the market, you have to wonder - how do you know which ones are legit anymore? It seems like new ones pop up every day, and the odds of them being VPN scams are pretty big.
That's exactly why we put together this 12-minute article - to tell you which scams you need to watch out for, answer related questions, and offer you helpful tips.
There's quite a lot of them, unfortunately. We went ahead and researched the most common things people looking to use a VPN complained about and called scams. After all that, we came up with this list of the eight most common VPN scams:
A third-party seller is when a website tries to convince you to buy a VPN subscription through them. Or when an independent merchant sells VPN subscriptions on platforms like eBay.
The problem is obvious - it's hard to tell if the subscriptions are legit, or if the VPN provider endorses this. Take this offer for example - it claims you can buy a three-year NordVPN account for just $12. If the link takes you to a different offer, the scammer probably changed the initial one, so we took a screenshot to be safe.
Here's why that's very likely a scam:
We actually reached out to NordVPN to ask them about this, and their customer reps were friendly enough to answer our questions.
According to them, offers like that are likely for stolen accounts. If you buy one, you might get scammed, or you might be able to use it if it has an active subscription. But that won't last long because stolen accounts get terminated fast.
Of course, not all third-party sellers are scams. Some websites might have permission from the VPN provider to sell subscriptions through their platform. Providers will normally mention that on their blogs or in their newsletters, or you can just ask them if you have doubts. Though, we still recommend getting your subscription through the VPN's official website.
Like the name implies, a lifetime subscription means you pay a price one time (like $50-$100 or less) and get a VPN for life. The VPN provider either sells the lifetime account through their website, or they let third parties sell it for them.
Sounds too good to be true?
That's because it usually is. If a VPN service constantly offers lifetime account deals, you're looking at an unsustainable business model. Running a VPN isn't cheap, after all - just renting a good 1Gbps server will usually cost over $1,000 per month. Not to mention they need to pay their staff too.
Basically, with lifetime accounts, they won't have any recurring revenue to rely on in the future.
Plus, some VPNs use lifetime accounts to make a quick buck, and then they close up shop. That happened with DissembleVPN apparently. They offered lifetime accounts for only $13 - non-refundable, of course. After raking in enough dough, they shut down the company, probably moving on to the next scam on their list.
And when the people who run lifetime VPN scams don't run away with your money, they instead revoke your "lifetime" privilege. That's exactly what happened to VPNLand users. They paid for a lifetime account, and the provider converted them to premium subscriptions with recurring invoices after two years.
According to this Reddit user, VPNLand's argument for doing that was that the subscription was bought through a third party, not them.
And it gets better - well, not for VPNLand customers. Another user in the thread said VPNLand got back to them regarding their complaint. The provider managed to justify their actions with a loophole that would make even the most heartless lawyers proud:
"Just fyi. A 'lifetime' account does not mean it will be valid till someone dies. It could be anyones lifespan - such as a cat, or lifespan of a hardware."
Truly amazing stuff.
PLEASE NOTE - There are exceptions when it comes to lifetime subscriptions. Not every one of them is a scam. Some providers might actually offer them for a limited time period when they launch their service, a new feature, or paid subscriptions, or when they want to promote their brand and increase their client base.
Windscribe did that for example, and the service is legit. They also have an article on their blog explaining how such an offer benefits providers.
These are discontinued VPN services whose websites continue to operate. Basically, the service no longer works, but you can still buy it.
EarthVPN is a good example. The service is officially shut down, but the website is still running. All the marketing copy is there, and the checkout process works. You can still find online deals for a subscription if you google them, and some review sites still have active links to EarthVPN's subscriptions.
However, according to customer reviews, the servers don't work anymore, and nobody is answering support tickets. So there's a good chance the service shut down silently.
Well, if money keeps rolling in, why stop that by coming clean?
If you fall for a dead VPN and buy a subscription, you can say goodbye to that money. You won't get any VPN service, and there's nobody there to process your refund requests. Plus, an unsecured website will have your payment details.
These are made-up VPNs - so "services" claiming to offer VPN functionality which, in reality, don't work at all. Sometimes, they don't even exist.
Usually, scammers use phishing attacks and stolen databases to promote fake VPNs. MySafeVPN is a good example. The scammers claimed the "VPN" was associated with big names like Plex and Boxee to gain the trust of the people they emailed.
MySafeVPN eventually disappeared from the web when Vice started investigating it - but not without getting away with some money first.
Here's another example of a made-up VPN - Mobile protection :Clean & Security VPN. The typos aren't from us. That's how the scammer named the fake service.
And it was definitely a fake VPN. There was no company behind it - just an independent dev. The app also had a vague description that reeks of made-up stuff - features like "scan for duplicate name" or "Device Analyze" that doesn't really mean anything.
Apple eventually deleted the fake VPN, but not before it managed to make around $80,000. It managed that thanks to a free trial offer that required Touch ID authentication, and a fine print that said you'll pay $99 for a seven-day subscription.
Yeah, clearly normal VPN pricing for such a "real" service.
Some VPN scams make money off of you in more subtle ways - by using malware, to be precise. The devs don't take your money and run, but they expose you to ads, and steal sensitive data from you.
And that happens quite often. In fact, according to research, 38% of Android VPN apps contain malware. It's not exactly ransomware, but the kind of malware that will still expose you to ads (potentially malicious) and spy on you.
What's more, another security researcher found that four very popular Android VPN apps (with a total of 500+ million downloads together) contained adware.
We did a bit of digging of our own. We heard from VPN users that VPN Proxy Master has malicious behavior too. So, we downloaded the installation files for their Windows Beta client, and used VirusTotal to scan them. Here's the link to the results we got.
Just one malicious file detected, but that's still concerning. Googling the file's name reveals it can be a kind of Trojan or another virus that freezes computers, spams desktops with pop-up ads, and exhausts computer resources.
When free VPNs aren't exposing you to malware, they are harming your privacy in other ways. After all, how can a VPN truly be completely "free"? The service has to make money somehow to support its network of servers and their staff.
And they do make money. It's just that you become the product in the end, not the VPN. Here's what can happen if you fall for free VPN scams:
Like lifetime VPN scams, though, there are exceptions to this rule too. Not all free VPNs are scammy, shady, or malicious. Some are actually pretty decent services, and their business model works because they offer an optional paid service. If you need help finding a free VPN you can trust, check out our guide.
By fake claims, we're referring to VPN providers that use marketing copy to boast that they have the "fastest speeds" or that they "don't keep any logs." However, in reality, they don't offer any of those perks.
Okay so not exactly a full-on scam, but this isn't harmless false advertising either. Sure, you might get your money back in the end, but the VPN provider will still waste your time and damage your trust in VPN services in general.
Here's a quick breakdown of the kinds of exaggerated claims you might see when dealing with VPN scams:
We also consider these to be VPN scams since fake ratings actively mislead consumers, making them pay for a fake VPN service or a VPN infected with malware. Or just simply a bad service.
And fake reviews on app store are a real thing, and it's really not a secret.
Even the fake Mobile protection :Clean & Security VPN app had a lot of positive reviews that just looked fake.
But there's more. According to research, Yoga VPN has six dangerous permissions that violate your privacy. Yet, its Google Play page is full of positive reviews. Tons of shady 5-star ratings, and a few 1-star ratings calling it a scam buried beneath them.
The truth is that VPN scammers (or any scammers, really) have an easy time faking reviews - especially on app stores. Here's what they can do:
Alright, so we saw people on Reddit and in the comment sections of VPN review sites say that yearly subscriptions are also VPN scams. They base that on the fact that the provider advertises a low price per month (like $3-$5) but charges you for the whole year (so $36-$60 in this case).
So here's the deal - these kinds of subscriptions and sales copy are not scams. They are perfectly normal, and are just plain old marketing.
Pretty much all industries do that, and it's usually an effective sales tactic. You're more likely to buy the service since you feel like you're getting a great deal, and you don't need to worry about monthly payments.
Really, the only way this would feel like a scam is if the provider uses false advertising. For example, they advertise their prices everywhere as just $3 per month with absolutely no mention of yearly subscriptions or payments. And you only find out about that total payment you need to make each year when you're right at the checkout.
But even then, it's not exactly a scam. Just weak marketing and branding.
Not exactly. Decentralized VPNs and VPN-focused crypto projects are actually a thing right now. Here are the main projects to keep an eye on at the moment:
Right now, we'd say that Orchid seems the most promising since it has a working app (though, reviews are mixed). Tachyon still needs to work on the client, and Lethean has slow development because it had no ICO (which doesn't mean it's a bad service - it just requires patience).
But are services like these VPN scams?
Well, these ones don't seem to be. But it's really hard to say when it comes to cryptocurrencies.
Why?
Because there's a lot of market manipulation going on behind the scenes, and the devs don't always have control over that. If people who bought a very large share of tokens during the ICO/Private sale start selling them in huge quantities, the project will take a hit because the value of the coin will drop.
For example, if you check Orchid's token (OXT) on CoinMarketCap, you can see it started going up in December 2019 around the time the devs announced Orchid's launch. Towards the end of the month, the token lost over half of its value (from around $0.70 to $0.30). That's the kind of drop that can cause people to generally give up on crypto-backed projects if they're only in it for the money.
That wasn't the case with Orchid luckily, and they still seem to be going strong, so that's good to see.
But in the end, as long as people will treat cryptocurrencies like get-rich-quick schemes, it'll hard to see crypto-backed services as a long-term deal.
We're not saying decentralized VPNs are definitely a scam, but the risk is big so make sure you do your research before spending any money or trusting a random company to protect your privacy. Otherwise, you might get burned.
The good news is that avoiding VPN scams isn't really rocket science. It's enough to not make rash decisions, and follow tips like these:
And if you need some recommendations about safe VPNs, try out ExpressVPN, NordVPN, CyberGhost, or ProtonVPN. If you need more in-depth information, check out our guide on the best VPN services for this year.
Alright, so there is a chance you might deal with VPN scams nowadays. And since the VPN market is booming, more and more services will pop up in the future. And scammers will likely try to take advantage of the high demand for VPNs to make a quick buck.
But if you don't let star ratings, ads, and pushy sales messages influence you, you've got a pretty good chance of keeping your money and sanity safe.
What other VPN scams have you heard of? Share your thoughts with us, and tell us what else people should do to avoid them.