How Fake Virtual VPN Servers Are Destroying Your Privacy

Gavin Phillips 05-08-2017

Attacks on personal privacy are on the rise. Surveillance by government organizations, corporations, and more, have prompted many internet users to start using VPNs 11 Reasons Why You Need a VPN and What It Is Virtual private networks can protect your privacy. We explain what exactly they do and why you should use a VPN. Read More . A virtual private network is an easy way to drastically increase online privacy, allowing a user to browse the internet as if they were situated on the opposite side of the globe.


VPNs sell their services using their range of server locations. A VPN with multiple locations throughout multiple nations is usually seen as a solid choice. The variety of locations and servers means you’ll always find an active connection to protect your data.

But what if VPNs didn’t really have all those servers? What if, instead, some of those servers were actually elsewhere? Suddenly, that super private server located in privacy-focused Switzerland is actually in the United Kingdom. Or a server allegedly located in Pakistan is actually in Singapore.

The latter is a real example from the world of VPN spoofing that we’re about to take a look at.

Where in the World?

Navigating the now tens-of-thousands of VPN providers is tricky at the best of times. The standard advice is usually to avoid free services, pay yearly, check logging policies, and the range of server locations. The more unscrupulous services may do the opposite: log your data, track your searches, de-anonymize customers, and perhaps sell the lot to a third-party advertiser (or government).


It is difficult, but the majority navigate these issues with careful research and user reviews.

But a recent report by RestorePrivacy editor Sven Taylor indicates that for many major VPN providers, this is often far from the truth. Taylor makes it clear in his report that it is not an attack on any one VPN provider. Rather, he seeks to expose false VPN marketing claims, fake server locations, and to clarify confusion surrounding VPN virtual server locations.

Virtual Locations

RestorePrivacy use several well-researched examples. Take the extremely popular Hidemyass service, and their extensive range of server locations.

Hidemyass claims to have “760+ VPN servers in 280+ locations in 210+ countries around the world.” This includes two servers, with six IP addresses, in Manpo, North Korea. This alone seems jolly unlikely.


hidemyass server detail list

Further reading reveals that a number of these locations are “virtual locations,” rather than physical servers. In the case of North Korea, it is understandable — how would they secure a VPN server in one of the hardest countries in the world to enter, let alone configure an external-facing server?

But Hidemyass is not alone.

ExpressVPN is one of the top rated VPN services in the entire world, used by tens of millions of people. RestorePrivacy found 11 fake server locations. When the original article went to print, ExpressVPN was still adamant that their servers were all real. Six days after the article release, ExpressVPN updated its virtual server location information, detailing exactly which servers were virtualized.


expressvpn virtual server locations
Image Credit: Restore Privacy

RestorePrivacy found five fake PureVPN server locations, but suspected there was a significant amount more to be uncovered.

How Did They Find Out?

Prior to the RestorePrivacy article, Hidemyass was forthcoming with its use of virtual locations — but not that some of these virtual locations are fake. A Hidemyass chat representative confirmed that some virtual locations are indeed “fake,” but couldn’t elaborate on which ones. I was advised that they “simply want to offer more locations, and [a] much [more] stable connection.”

One common defense of VPN servers returning “wrong” IP addresses is poorly maintained geo-IP databases. A geo-IP database may well return an incorrect location if its database isn’t updated. Taylor took that into account by using three different networking-testing tools, which you can also try:

  1. CA App Synthetic Monitor ping test (ping test from 90 different worldwide locations)
  2. CA App Synthetic Monitor traceroute (tests from various worldwide locations)
  3. (ping test from 24 different worldwide locations)

The goal was “to verify the true location beyond any reasonable doubt.” And if “there was any doubt, [Taylor] did not label the server as “fake.” The original article has extensive analysis of each VPN service covered.

But Why Use Fake Virtual Servers?

The answer lies with — can you guess? — money.

“The incentives are mainly financial. First, it saves lots of money. Using one server to fake numerous server locations will significantly reduce costs. (Dedicated premium servers are quite expensive.) Second, advertising numerous server locations in a variety of countries may appeal to more people, which will sell more VPN subscriptions.”

The VPN market is increasingly competitive. Gaining an advantage in anyway is becoming the norm. With a number of new, uneducated VPN users seeking services for the first time, the inclination is to trust services with extensive networks spread throughout the globe. And some VPN providers are only to happy play up to that emphasis on server size, rather than quality.

And Why Is It So Bad?

A fake virtual VPN server might not bother you. It is easy to reason that so long as your identity remains private and anonymized, nothing is the matter. There are, however, serious concerns:

  • A fake server may reside in a country you are trying to avoid, and you’ll be unaware if you connect.
  • A fake server is fake — not where the company says it is. A company you’re trusting with your anonymity shouldn’t be lying as a course of business.
  • If you’re attempting to access a restricted service, it may fail.
  • If you’re attempting to optimize your VPN performance, you’ll be configuring the wrong settings.

Furthermore, VPN service providers use of fake virtual servers only adds to a growing sentiment that VPNs are untrustworthy 5 Signs You Can Trust Your VPN Client Using a VPN helps protect your traffic from snooping and your information from theft. But how can you be sure that your VPN is protecting you? Here are five signs your VPN is trustworthy. Read More . With VPNs and encryption under attack in a number of countries, and outright banned in others, negative press isn’t ideal.

So… What Do I Do Now?

Well, in an increasingly competitive market, there are some excellent small VPN services that place emphasis on server and network quality, rather than a sprawling size. RestorePrivacy recommend switching to a service such as Perfect Privacy or I would add that Mullvad and CryptoStorm are also excellent choices for logless internet use 6 Logless VPNs That Take Your Privacy Seriously In an age where every online movement is tracked and logged, a VPN seems a logical choice. We've taken a look at six VPNs that take your anonymity seriously. Read More .

In addition, steer clear of free VPNs 5 Reasons You Need to Stop Using Free VPNs Right Now Free VPNs are very tempting, but hold on. If you're thinking of signing up to one, you should read this article first. Here are the biggest risks with using a free VPN service. Read More . A free VPN is an extremely useful tool in a pinch. But remember: if you’re not paying, you are the product. And for the vast majority of free VPN services, that rings true.

Unsure where to start? Here are some of the best VPN services on offer today The Best VPN Services We've compiled a list of what we consider to be the best Virtual Private Network (VPN) service providers, grouped by premium, free, and torrent-friendly. Read More .

Will you reconsider using a VPN in light of this news? Or will you switch to a smaller provider? Should there be a crackdown on false VPN advertising? What are your VPN service suggestions? Get the conversation started below!

Image Credit: Photoraidz via

Related topics: Online Privacy, VPN.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Rebeca Puc
    July 20, 2018 at 4:12 pm

    Got the subscription of a, supposedly premium, VPN service last September and since then I have had issues with its desktop client. Whenever I update the app, an error pops up which I am not too sure about, but after that the client doesn’t run. I talked with the support and they took 10 hours to respond and when they did, they asked me to reinstall the app and then update. Tried that and again the same issue. Through updates worked fine on my android phone. They said there may be a problem in their app, so they will look into it. A whole month passed and didn’t hear from them. i changed it with FastestVPN a couple of months back and really happy with their desktop client, no server connection issues, no client issues.

  2. fcd76218
    August 6, 2017 at 7:07 pm

    I wonder how many VPN servers are owned and/or operated sub rosa by NSA-type outfits?

    • Winstin
      August 8, 2017 at 6:39 am

      I don't even know how to get a VPN in murica. The fake ones are sucks and if you pay for one you have to log in before you down load. On PC that is anyways. I can't get a program to decode windows scripts. Android has permissions listed hidden in the bottom. Google says rapers must place their intent to rape clearly in 2 places but doesn't enforce since they are the lovers of analytics. They hide permissions in special permissions of you check your apps on settings. Netstat if you don't know.