VPN Security Guide: Is Your Remote Connection Safe?
Posted: April 20, 2020 to News.
Working from home during the global pandemic has allowed the nations of the world to keep their economies limping along while they search for a fix, but it has come with a price. Many remote workers' home offices are utilizing Virtual Private Networks, or VPNs, to to log in, but they lack the level of cyber security at their work office, and hackers are cashing in.
Why VPNs?
A VPN allows employees to create a secure connection to their office's network over the Internet; as such, VPN usage has sky-rocketed across the world. In fact, NordVPN has stated that use of their services has gone up, globally, by a whopping 165%.
If VPNs create a secure connection to remote office networks, then how in the world are they being exploited by cybercriminals? By utilizing phishing sites.
- Fake "Nord VPN" site
- Fake Domain: nordfreevpn[.]com
- What happens? An employee thinks they're installing a VPN from the REAL Nord VPN, but in actuality, they're installing "Grand Stealer" malware that can then steal various, potentially dangerous items:
- Desktop files
- User credentials and cryptocurrency wallets
- Browser profiles, including credit card info and auto-fill data
-
Gecko credentials
-
FTP & RDP credentials
-
Telegram sessions
-
Discord software data
- Fake "VPN4Test" site
- Fake Domain: vpn4test[.]net
- What happens? The victim thinks they're testing their VPN, but they actually end up downloading "Azorult Infostealer" instead. In addition to downloading other malware onto the system (specifically Masad stealer and Parasite RAT), "Azorult Infostealer" creates a bot ID on the compromised device, which it uses to communicate with its C2 server in order to steal:
- Saved passwords
- Cryptocurrency wallet
- Browser login credentials & history
- Cookies
- Chat sessions
In addition to these methods, cyber criminals will actually create fake reviews to trick users into believing that it's real. Not only does it make it look more credible, but it also uses algorithms against the App stores by getting them ranked higher, so it comes up in searches. In fact, just last week, Google booted a hostile Android VPN app called "SuperVPN" that had been downloaded over 100 million times!!
Keeping your business safe
Bottom line, if you download a VPN, it has a LOT of power. It might be tempting to save money by downloading a free
service, but remember... You get what you pay for. This isn't something you want to skimp on because it could end up costing you so much more.
And of course, you can always contact us if you have any questions!
Protect Your Business Today
Petronella Technology Group has provided cybersecurity, compliance, and managed IT services from Raleigh, NC for over 23 years. Contact us today for a free consultation and technology assessment.
Need help implementing these strategies?
Our cybersecurity experts can assess your environment and build a tailored plan.
Get Free Assessment
![IT Budget Planning for 2026: How to Allocate Technology Spending for Maximum Business Impact [Video + Guide]](https://petronellatech.com/inc/modules/Blog/images/icons/1321.webp){kind=icon}
![Disaster Recovery Planning: How to Build a DR Plan That Keeps Your Business Running Through Any Crisis [Video + Guide]](https://petronellatech.com/inc/modules/Blog/images/icons/1318.webp){kind=icon}
![Data Backup Best Practices: The 3-2-1-1-0 Strategy That Protects Your Business from Everything [Video + Guide]](https://petronellatech.com/inc/modules/Blog/images/icons/1313.webp){kind=icon}
![Managed IT vs Break-Fix: Which IT Support Model Actually Saves Your Business Money in 2026 [Video + Guide]](https://petronellatech.com/inc/modules/Blog/images/icons/1311.webp){kind=icon}
