Skip to content

Can a VPN Do That? What a VPN Is NOT


A VPN is a useful tool for keeping your internet activity more private. They were first developed for the corporate world but they’ve become essential for personal computer users who browse the web. 

The popularity of VPNs has brought up some misconceptions, though. Many Internet users seem to think that VPNs are the answer to all cybersecurity problems when going online…and this mindset leads them to take dangerous risks or lower their guard.

Let’s learn what VPNs cannot do and why you should rely on other cybersecurity measures to stay safe online.

What is a VPN?

Before we dive into what it’s not, let’s look at what a VPN can do. A VPN creates a private tunnel that you can send your data through. Normally, your Internet traffic goes directly to your Internet service provider (ISP). A VPN takes that traffic and routes it to a VPN server first, so it looks like it’s being transmitted from somewhere other than your device. A VPN also masks your true IP address from the websites you visit.

VPNs are an excellent privacy tool and using one can add a layer of protection as you surf the web. But they’ve been lauded so much both by the media and VPN companies that people seem to think they are a catchall cybersecurity tool that can keep you safe from any type of online attack.

Turning on a VPN is like driving a nondescript car with good safety ratings through a sparsely-populated area. The chances you’ll be noticed or run into trouble are very low, but the car won’t drive itself. If you’re not careful, you could still get into an accident. When you use a VPN, you still have to practice good cybersecurity while you’re online.

To help you understand the best way to use a VPN, here’s a list of what VPNs are not or cannot do.

VPNs are not proxy servers

VPNs and proxy servers both offer privacy online but in different ways. Think of proxy servers as gateways and VPNs more like tunnels. A proxy server lets you substitute another IP address for your own, like VPNs. But when proxy servers reroute data from your device to the internet, they do not encrypt data through a secure tunnel, like VPNs do. 

Sometimes people confuse VPNs and proxy servers and use the terms interchangeably, but they are not the same thing. VPNs are generally more secure than proxies.

VPNs do not protect you from phishing attacks

Phishing attacks happen when someone with bad intentions sends you a fake email that looks real (like from your bank or your boss). The email contains a link that the nefarious sender wants you to click on. This could do any number of bad things to your computer. It could take you to a website that starts downloading malware onto your machine or a site that asks for login credentials so they can be stolen.

Phishing works because people fall for it. They don’t scrutinize the email enough, click the link, and then they’re screwed. Nowhere in this process does a VPN play any part. If you have a VPN turned on and you click a malicious link in a bogus email, the VPN will not stop malware from downloading onto your computer. Nor can a VPN identify phishing emails for you.

You still need to keep your guard up with suspicious-looking emails.

VPNs are not antivirus software

As mentioned in the phishing example, a VPN cannot protect your computer from viruses and malware. You still need solid antivirus software installed and you need to keep it up to date. A VPN encrypts or protects data in transit; antivirus software monitors your computer and scans any new files for potential threats. If you want to surf the Internet safely, you should use both.

VPNs do not provide firewall protection

A firewall is either a software or hardware device that blocks unauthorized access to your computer when it’s online. You can set up security preferences with a firewall and block specific websites if you so choose. 

Firewalls cannot detect anything malicious unless you program them to. When configured correctly, firewalls are indispensable for browsing the web on your computer. You can’t program a VPN to detect and block threats like you can with a firewall.

VPNs cannot completely hide your location

VPNs are billed as the “ultimate anonymity” tool. Nobody can see what you do online, you’re totally private! But, you’re not.

Your ISP still knows your IP address. They assigned it to you, put your name on the account, and send you an Internet bill every month. They still know who you are and they can see when you use a VPN.

A VPN can hide your IP address from websites but it can’t hide other info websites collect such as:

  • Which browser you’re using (Chrome, Firefox, etc.) and the version number
  • Your operating system (Windows, macOS, etc.) and its version
  • Your screen resolution
  • The time zone, language, and any active plugins on your device

Gathering up all this information is known as “browser fingerprinting” and websites do it mostly so they can build advertising campaigns and better optimize the user experience. According to the Electronic Frontier Foundation (EFF), there’s a one in 286,777 chance that your browser shares a fingerprint with someone else. So websites can still use all this info to identify you, even if they don’t have your IP address.

When you make an online purchase with a VPN turned on, the retailer still knows who you are, especially if you use a credit card with your name on it to make the purchase.

Mobile service providers may not be able to use geo-tracking when you have a VPN turned on but they can still use signal tracking — monitoring the signal strength from cell phone towers — to find out where you are.

In short, you are not completely anonymous online simply by switching on a VPN.

Your VPN can’t do everything

VPNs are a useful tool, but they don’t allow you to become careless when you go online. When you’re using public Wi-Fi, always be cautious and avoid sending any sensitive data, even with a VPN turned on. 

Related Articles

  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety

What Happens If Your Investment Account Gets Hacked

You spend most of your adult life saving for retirement, assuming that the money you put away…

[Read More]

How DNSBLs Work: Avoid Getting Blacklisted

When you open your email client, type a message, and hit “send” it seems so easy. You…

[Read More]
Stuart Madnick has been in cybersecurity since 1974 and knows a lot about the costs of cyberattacks.

The Cost of Cyberattacks: Minimizing Risk, Minimizing Damage

Most of us view the internet as a useful and benign tool. But in many ways, it’s…

[Read More]

How to Keep Your YouTube from getting Demonetized

You finally did it–you hit all of the markers for acceptance in the YouTube Partner program, and…

[Read More]

How to Stay Out of Facebook Jail

Many of us have been there before–behind the proverbial bars of social media punishment. We’re left shocked…

[Read More]
Lisa Plaggemier's job is to promote cyber security awareness.

Cyber Security Awareness for Everyone

You can do anything on the internet – shop, bank, meet your future spouse, become famous, and…

[Read More]