8 Bad VPNs You Must Avoid to Protect Your Privacy
Whatsapp Pinterest
Advertisement

We highly recommend that all people use VPNs 11 Reasons Why You Should Be Using a VPN 11 Reasons Why You Should Be Using a VPN Virtual private networks are affordable and easy to use. Here are some reasons why you should be using a VPN if you aren't yet. Read More — there’s no doubt about that. Just look at all of these common activities where VPNs prove useful 8 Instances You Weren't Using a VPN but Should've Been: The VPN Checklist 8 Instances You Weren't Using a VPN but Should've Been: The VPN Checklist If you haven't already considered subscribing to a VPN to secure your privacy, now is the time. Read More . Indeed, there are many reasons to always use a VPN online 4 Reasons to Always Use a VPN When You're Online 4 Reasons to Always Use a VPN When You're Online VPNs (virtual private networks) are becoming more popular. It's not always clear exactly why you should be using one though. Here's why you should use one whenever you go online. Read More , including but not limited to improved personal privacy.

But not all VPNs are worth using. In fact, some VPNs are so bad that you’d actually be better off not using anything, than routing your traffic through their services. Here are some warning signs to look out for, plus specific VPN services to avoid if you value privacy.

What Makes a VPN Bad for Privacy?

Country of Origin

Never connect to a VPN server that’s located in one of the “Five Eyes” countries (U.S., U.K., Australia, New Zealand, Canada), one of the “Nine Eyes” countries (France, Norway, Denmark, The Netherlands), or one of the “Fourteen Eyes” countries (Belgium, Italy, Germany, Spain, Sweden).

The governments of these countries either spy on their own citizens, spy on each other’s citizens, swap such spying intelligence with each other, or otherwise enable and encourage spying in some way. These countries are likely to pressure and acquire intelligence from VPN servers operating in their territories.

vpns - mobile security

Activity Logging

When connected to a VPN, all of your internet traffic is routed through the VPN’s server. Some keep minimal logs, such as the IP from which you connected and the time of your connection, while others keep full track of browsing habits, websites visited, apps used, etc. Logs are bad because they allow activity to eventually be traced back to you.

Even VPN services that promise “no logging” can’t be trusted at face value. They might not participate in “activity logging” but may actually be logging other things. How do you know whether a VPN’s no-logging claim is trustworthy? You have to read their…

Terms of Service

A VPN service’s Terms of Service outlines (or should outline) exactly what you can expect as a user: what kind of activity is forbidden, what’s tracked, what’s not, etc. When in doubt, you should contact the service and ask questions to determine what their logging policy is really like.

Some things to keep in mind:

  • Should they log anything related to your connection, including IP or connection time, then it can eventually be traced back to you.
  • If they won’t block accounts, even ones that are highly abusive of the system, then there’s a good chance the service truly is log-free.
  • If they claim they can block accounts without logging information that can identify you as a user, then you should pry into how it works. Most of the time, they won’t be able to give you a clear answer, in which case you should assume logs are somehow involved.

Lack of OpenVPN

VPNs can operate using many different “types” of connections, which we’ve explored in our comparison of major VPN protocols The 5 Major VPN Protocols Explained The 5 Major VPN Protocols Explained OpenVPN, SSTP, L2TP: what do they all mean? We explain the major VPN protocols so you can choose the best one for your privacy needs. Read More . L2TP and PPTP are some of the more popular, but they have glaring flaws that make them poor options for privacy. OpenVPN is the best protocol because it’s open source and offers the strongest encryption of traffic.

computer internet user

Leak Test Failure

Sometimes your actual connection to the VPN server can be compromised. For example, your PC goes to sleep and doesn’t reestablish the VPN connection upon waking, or you switch from Wi-Fi to Ethernet, or your router gets unplugged and you have to plug it back in.

Even when you’re “successfully” connected to the VPN, some of your traffic may not be routed through that connection. This is called a leak, and it undermines the entire point of using a VPN for privacy.

Certain VPN clients are better than others in this regard. You should periodically check up on this using so-called leak tests 5 Signs You Can Trust Your VPN Client 5 Signs You Can Trust Your VPN Client Using a VPN helps protect your traffic from snooping and your information from theft. But how can you be sure that your VPN is protecting you? Here are five signs your VPN is trustworthy. Read More WebRTC Leak Test, IPLeak, DNS Leak Test, and TorGuard’s DNS Leak Test, just to name a few. Visit each test twice: once without VPN, once with VPN. Your IP addresses should be different both times.

Free Service

One of the most common VPN myths 5 Common VPN Myths and Why You Shouldn't Believe Them 5 Common VPN Myths and Why You Shouldn't Believe Them Planning to use a VPN? Not sure where to start, or confused about what they do? Let's take a look at the top five myths about VPNs and why they're simply not true. Read More is that free VPN services are “good enough.”

It turns out that free VPNs come with a lot of risks 5 Reasons You Need to Stop Using Free VPNs Right Now 5 Reasons You Need to Stop Using Free VPNs Right Now Free VPNs are very tempting, but hold on. If you're thinking of signing up to one, you should read this article first. Here are the biggest risks with using a free VPN service. Read More , the main one being that such services need to pay for servers and bandwidth somehow. If users aren’t paying anything, then they need to generate revenue some other way — most often by selling user data and information.

Free trials for paid services are fine. Unlimited free services are not. As with most things, you get what you pay for, and privacy is not cheap. We always recommend paid VPNs over free 4 Reasons a Paid VPN Is Better Than Free Ones 4 Reasons a Paid VPN Is Better Than Free Ones I used to be big fan of free VPNs. Why pay when free alternatives exist, right? But it turns out they're selling you short. So here's why paid VPNs always beat free VPNs. Read More .

coins bitcoin

Lack of Anonymous Payment

One more thing to keep in mind: if you want to add an additional layer of obfuscation, you might prefer a VPN service that takes anonymous payments. Whereas a credit card or PayPal account can be traced back to you, cryptocurrencies like Bitcoin don’t leave such a breadcrumb trail to follow.

Which VPNs Should You Avoid?

It’s one thing to speculate whether a particular VPN service is safe or unsafe based on what they say and what they promise. It’s something else altogether when a VPN service is caught red-handed as far as tracking activity, keeping logs, selling user data, etc.

If you value your privacy, here are the VPN services you want to avoid — ones that have been shown and proven to violate user privacy in one way or another.

1. Hola

Back in 2015, Hola was found to do something that no other VPN service does: turn the PCs of its users into “exit nodes,” allowing other Hola users to route their traffic through said nodes. Hola sold this bandwidth to a third-party service. A violation this egregious puts Hola squarely in the category of services to NEVER use ever again.

2. HotSpot Shield

In 2017, a privacy group made a claim against HotSpot Shield for “intercepting and redirecting traffic to partner websites, including advertising companies.” The claim accused HotSpot Shield of logging connection details, which directly went against its privacy policy. A 2016 research paper [PDF] had previously found HotSpot Shield “injecting JavaScript codes” and “redirecting e-commerce traffic to partnering domains.”

3. HideMyAss

In 2011, the Federal Bureau of Investigation tracked a hacker’s activities back to an IP address belonging to the HideMyAss VPN service. The FBI acquired activity logs from HideMyAss and used them to catch and prosecute the hacker. Despite the illegality of the hacker’s actions, this incident made one thing clear: HideMyAss does keep traceable logs.

4. Facebook Onavo VPN

In early 2018, it came to light that Facebook’s built-in “Protect” feature for mobile apps was really just the Onavo VPN it acquired back in 2013. Regardless of how effective it is at protecting users, there’s one thing that ought to deter you: Onavo will collect your mobile traffic data to “improve Facebook products and services, gain insights into the products and service people value, and build better experiences.”

5. Opera Free VPN

In 2016, the Opera browser introduced a new “free unlimited VPN” feature available to all users. But despite the naming, Opera Free VPN is not a VPN in the truest sense. It’s more like a web proxy (differences between a VPN and web proxy How to Use a Fake IP Address and Mask Yourself Online How to Use a Fake IP Address and Mask Yourself Online Sometimes you need to hide your IP address. Here are some ways to cloak your IP address and mask yourself online for anonymity. Read More ), and Opera does collect usage data which may or may not be shared with third parties.

6. PureVPN

In 2017, the Federal Bureau of Investigation tracked and arrested an alleged stalker after acquiring information on his activity using the PureVPN service. Despite PureVPN’s no-logging promise in its privacy policy, it turned out that they kept enough information to be able to identify the accused when cooperating with legal authorities.

7. VPNSecure

Not only is VPNSecure headquartered in Australia (a “Five Eyes” country), but a 2016 research paper [PDF] found IP leaks and DNS leaks with the service, plus “egress points” for residential users, which is similar to the “exit nodes” concept that sunk Hola above. The paper suspects but does not confirm that the bandwidth of users may be being used without their knowledge. However, if you want to be safe, you should probably stay away.

8. Zenmate

In 2018, a test by vpnMentor found that ZenMate (along with HotSpot Shield and PureVPN) suffered from IP leaks, which could give away your identify even when using the internet with an established VPN connection through ZenMate. This, coupled with the fact that ZenMate was slow to respond to these findings, makes us wary of their respect for user privacy.

Privacy-Conscious VPNs You Can Trust

As of now, there are only a handful of VPNs with no-logging policies that privacy-minded folks trust. You can read about them in our article on logless VPNs that take privacy seriously 6 Logless VPNs That Take Your Privacy Seriously 6 Logless VPNs That Take Your Privacy Seriously In an age where every online movement is tracked and logged, a VPN seems a logical choice. We've taken a look at six VPNs that take your anonymity seriously. Read More . We recommend ExpressVPNCyberGhost, and Private Internet Access.

Explore more about: DNS, VPN.

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Lindsay
    January 23, 2018 at 10:23 pm

    Listing PureVPN as a baddie was slightly unfair.

    PureVPN did keep connection logs longer than they should have but the feds did not identify the culprit through them. The FBI already had his computer and login information in their possession. The PureVPN logs only showed that someone using his account was online at the time of the offense; just an extra cherry on top when it came to proving his guilt. As far as I know the Feds could not have gone straight to PureVPN and worked back to an unknown offender.

  2. David Tuff
    January 23, 2018 at 10:13 pm

    I bought a Lifetime licence from Purevpn because you recommended it. Now you don't and also from my experience their support is total crap.

  3. Cho
    January 23, 2018 at 5:28 pm

    @Joel...
    Amusingly, the 5th mentioned service (5. PureVPN) is prominently displayed (large/center) in your article lol

  4. ron burtonz
    January 23, 2018 at 5:10 pm

    Instead of what countries are NOT recommended, and VPNs NOT to use, wouldn't it be more of a service to your readers to write about countries and VPNs that ARE recommended?

    • vpt
      January 23, 2018 at 7:11 pm

      I concur....The article could have been much more thorough with options to utilize.

      • scootie371
        January 27, 2018 at 8:41 pm

        This article does not want to be responsible for the research & responsibility that comes with providing info that may or may not be accurate for more than the day that they look at them. That's why -

  5. TonyCr
    December 22, 2017 at 1:46 am

    People seem to be missing a point about VPNs. They are very useful for making it appear that you are coming from another country. I am a US citizen, but I live in a country in SE Asia. Without a VPN to a US server, I'm constantly getting pages in the local language, often with local content. A VPN can get around this.

    Also, there are a number of sites that are blocked due to local paranoia (some BBC pages included). I just want to get a take on the news, not overthrow the country.

    The third reason is to be able to keep up on local news back in the US. Quite often, if you are showing a non-US IP address, you are blocked (this includes certain youtube content). The VPN allows me to view this content.

    Personally, I don't see any of these as something "criminal" (to use @Brian Klippel's word).

  6. Nusa
    December 21, 2017 at 10:18 am

    What VPN are you use guys? let me know...

  7. Lorbas
    December 21, 2017 at 3:05 am

    Once I finished reading the article I had to laugh heartily! First we are told NOT to use any VPN based in the 5,9,14,100, or whatever eyes countries. At the end he praises PIA , which is based in the US! Now, I've been using PIA for a while and it's one of the best VPN out there but combining the first and last statement in this article disqualifies the entire work. I wonder how much else is nonsense!

    • Mike
      January 24, 2018 at 7:30 am

      I was about to write the same comment about PIA till I saw yours; though I have read the articles on HMA, PUREVPN and Hola and the claims the author makes are true.

      Private Internet Access is located in the USA. Whether or not that makes the service safe to use is a personal judgement call, because if a VPN provider doesn't keep logs, then there's nothing to show anyone, no matter which agency asks for the info.

      I've personally tested PROTON VPN and haven't found any DNS, IPv6 or WEBRTC (which is usually dependent on the browser being used) leaks using Firefox. Plus they have a double-hop option called 'secure core' that really increases privacy and security.

  8. Brian Klippel
    December 21, 2017 at 12:22 am

    Don't be a criminal and it won't matter.

    • Jonathan
      January 23, 2018 at 3:15 pm

      Just because someone wants privacy while they use the Internet does not mean they're a criminal. And it DOES matter, Brian, because regardless of how honest and aboveboard YOU might be, your imagined honesty and hoity-toity self-righteousness (and oft times ignorance) will not protect you from the criminals that ARE out there looking for any web-browsing "Don Quixote" types they can find.

      • Brian Klippel
        January 24, 2018 at 11:21 pm

        No, my reply is in fact in relation to this part of the post ...

        "Never connect to a VPN server that’s located in one of the “5 eyes” countries (U.S., U.K., Australia, New Zealand, Canada), one of the “Nine Eyes” countries (France, Norway, Denmark, The Netherlands), or one of the “14 eyes” countries (Belgium, Italy, Germany, Spain, Sweden)."

        That has NOTHING to do with protecting you from criminals, it has to do with protecting you from the prying eyes of the government. I only know one demographic that really (as in not related to a tin-foil hat) needs to be worried about government/law enforcement potentially having some degree of tracking on you. You know, the kind of people that need to use bitcoin, because standard currency will track them straight to prison for terrorism, piracy, child pornography, extortion, etc.

        If you're concerned about security over hiding illicit acts, this statement about not using US/EU/Commonwealth countries is polar opposite to truth.

  9. Madeleine Gonzalez
    December 20, 2017 at 9:48 pm

    I have VPN IPVanish, connected to the UK. Should i be concerned?

    • Donald Trump
      December 20, 2017 at 11:33 pm

      Im assuming writer has some sort of compensation from the mentioned "safe" vpn's?

      • Lorbas
        December 21, 2017 at 3:08 am

        Yeah, especially since he warned us for USA based VPN and then recommends PIA, which is, you guessed it, located in the US! Lol

        • Tyger
          December 21, 2017 at 4:47 am

          That's because the FBI took over PIA's servers to find a criminal, but they never found any evidence. They actually proved they keep no logs.

  10. Jim Yost
    December 20, 2017 at 9:20 pm

    Not All VPNs Are Made Equal, Avoid These Ones!

    "These Ones" is redundant english. Simply say "Avoid these."

    "These Ones" is common in spoken speech (asleep in English class?) but is still redundant.

  11. Raven
    December 20, 2017 at 4:37 pm

    Proton does not log. And, FWIW, on both Windows 10 and Mac, I have not had any connection issues nor anynleaks in the few months I've been using it. I know others have reported some ip leaks on Reddit, but I'm not sure what their configs are or if they set things up incorrectly. To see if it'll work for you, try the free version. Nothing to lose.

    • Fred
      January 24, 2018 at 9:32 am

      I concur. ProtonVPN have been reported as some of the best several times and they are located in Switzerland. I have been using them for several months and checked for leaks several times.

  12. na4a4a
    December 20, 2017 at 1:00 pm

    ALL VPNs have to log you. There is no such thing as a VPN service that retains no logs. In the event you do something illegal they will provide them to the authorities in order to protect their business.

    If you don't do anything illegal then you shouldn't have to worry, but VPNs won't risk themselves.

    • dragonmouth
      December 20, 2017 at 1:50 pm

      "If you don't do anything illegal then you shouldn't have to worry"
      ROTFLMAO!
      One of the biggest fallacies in existence. If you truly believe that, I have a choice of bridges I can sell you at a attractive price.

      • na4a4a
        December 20, 2017 at 1:53 pm

        If you don't do anything illegal then you shouldn't have to worry about an otherwise secure VPN magically procuring logs of you.

        • Z
          December 20, 2017 at 3:12 pm

          Because anyone who wants privacy by definition is doing something illegal or immoral

        • na4a4a
          December 20, 2017 at 4:33 pm

          Hm, looks like I can't reply direct.
          How about you stop putting words in my mouth? The fact you're so offended probably means that's exactly why you use a VPN.

          I use VPNs for privacy, not pirating unlike you :-)

        • pn0
          December 20, 2017 at 8:42 pm

          Privacy requires having no activity logs. Otherwise, it's not private.

          And for "illegal". No one has any idea for sure what will be legal from year to year. And no one knows for sure what could be *perceived* as illegal either.

  13. Samatva Peace
    December 20, 2017 at 11:37 am

    Forget VPN, go Tor

    • Emil
      December 21, 2017 at 5:50 am

      Or use a VPN in conjunction with TOR.

  14. Josh
    December 20, 2017 at 11:31 am

    So, you have given your thought on what not to get. Why did you not offer suggestions on what to get? Without doing so, your article sounds a little one sided or perhaps like you may have a vendetta against them. Not that I am arguing against your thoughts, but you should offer more information.

    • dragonmouth
      December 20, 2017 at 1:47 pm

      The intent of the article is/was to be one-sided. It is not a dispassionate discussion of the state of VPNs. It is a warning about which VPNs not to use. However, if you read the article closely, there are links to other articles that DO recommend reputable VPNs.

    • Shifferbrains
      December 20, 2017 at 3:10 pm

      Use PIA, I have had no problems.I'm actually surprised this article didn't recommend this vpn.

      • Not you
        December 20, 2017 at 6:22 pm

        They did. PIA is private internet access

      • jim
        January 23, 2018 at 9:17 pm

        This article does recommend PIA. It also says not to use a vpn in the United States. It's not a very well written article. I was dubious of it from the title alone.

  15. Nusa
    December 20, 2017 at 3:10 am

    Ok, I just know that.. Now, I'm uninstalling my Proton and Opera VPN. and I just realized that there are 5 eyes, I do not understand in the affairs of VPN.

    Why I choose a free VPN Service.. Because I dont have any credit cards or paypal to pruchase the subscription, that's the reason why I using free VPN.

    So I need to know what a good VPN should I use? And give me the reason why I should use that VPN?

    • Indra L. Burukman
      December 20, 2017 at 4:15 am

      VPNGate

      • Nusa
        December 20, 2017 at 4:58 am

        hmm really? why can you give me the reason?

    • Steve Asheim
      December 20, 2017 at 3:02 pm

      You can purchase google playstore card at your local store and use that to pay for a vpn subscription.

  16. Ken
    December 20, 2017 at 2:03 am

    Country of origin: do not connect to a VPN if the servers is in one of the five eyes country..

    Further down in the article, they recommend PIA. PIA servers are located in America. I'm a bit confused.

    • SamIam
      December 20, 2017 at 2:44 am

      This is the exact reason I choose ExpressVPN -- based in the BVI

    • Dick Hertz
      December 20, 2017 at 6:42 am

      PIA has servers in other countries too. Just don't connect to the 5/9/14 eye countries and you'll be ok. (I don't use them, I use nord)

    • Jesus
      December 20, 2017 at 7:08 pm

      yeah, I was wondering that too. did they change their servers location recently? because afaik they are located in the US

    • jim
      January 23, 2018 at 9:18 pm

      So is the author of the article.

  17. dragonmouth
    December 19, 2017 at 8:26 pm

    "A VPN service’s Terms of Service outlines (or should outline) exactly what you can expect as a user: .............When in doubt, you should contact the service and ask questions to determine what their logging policy is really like."
    Why should I trust either their stated TOS or their verbal assurances? They can be just telling me exactly what I want to hear.

    "As of now, there are only a handful of VPNs with no-logging policies that privacy-minded folks trust."
    Those VPNs just have not been caught compromising their users. There is NO assurance that any VPN is really trustworthy. You pays your money and you takes your chances!

  18. Christopher Stamey
    December 19, 2017 at 7:55 pm

    Most VPNs that advertise as "no logging" don't keep use logs but still have connection logs in order monitor system quality and other parameters not directly related to users. One reason I like VPN.ac is that they say they do upfront but also claim to delete the information within 24 hours. On top of that they aren't subject to any requests for user information governments might make and they have consistently cast connections. They also have real support from professionals although it may take a day or two.

    I often see the same few VPN providers on "best of" lists without any mention of VPN.ac. Nevermind that several of those have issues with blocked IP addresses, DNS leaks, inconsistent speeds, or using virtual servers. I'm guessing it has something to do with kickbacks to the sites. I shouldn't complain as having fewer users on VPN.ac means more available bandwidth. I think they should be recognized more often, though.

    • Gail
      December 20, 2017 at 12:39 pm

      Big fan of VPN.ac. They also do not hound or haunt you incessantly. All I want to do is watch shows on BBC - doesn’t seem like such a crime at all. I am in U.S. but but British products I see advertised on their telly and travel there fairly often. I subscribe to Britbox and AcornTV. So I want to see the Call The Midwife Christmas Special on Christmas Day this year and not 6-months later when it airs here. Thank you VPN!!