A recent alarming event, where a VPN proxy extension that was supposed to protect users spied on them instead and sold data to brokerage firms, was a reminder to be careful about whom users trust with their data in 2026. However, according to cybersecurity experts, free cybersecurity tools are a better solution than no tools at all, as long as users remain vigilant.
In December, it was discovered that a VPN proxy browser extension – a tool designed to let users hide their IP address and browse the internet anonymously – secretly collected data from at least six million consumers.
Every query entered by users through the extension into ChatGPT, Gemini, Claude, Copilot, and other chatbots was transmitted to advertising and data brokerage companies.
This case was just one of many examples of free cybersecurity tools caught silently profiting from users’ private data. According to experts at Planet VPN, a company that provides a free virtual private network, “free” doesn’t necessarily mean malicious: there are already numerous free and legitimate tools used by cybersecurity specialists.
These include Wireshark, a network traffic analyzer trusted by millions of IT professionals and cybersecurity experts; Nmap, a tool used for network security and auditing; and password managers, including one provided by Apple.
According to Konstantin Levinzon, co-founder of Planet VPN, both paid and unpaid cybersecurity services carry risks. Users should identify them and weigh in on whether the service is trustworthy based on legitimate data and independent reviews.
“Considering the fact that a number of free cybersecurity service providers have tried to profit from their users, consumers are right to be suspicious and should treat free cybersecurity tools with caution,” he says. “However, we believe that as cyberincidents increase every year, basic cybersecurity has to remain free, and there are far more important factors to consider than just the free vs paid debate.”
What does the tool’s update history say?
According to Levinzon, a trustworthy cybersecurity tool regularly releases updates that patch vulnerabilities, improve features, and enhance security protocols.
If a user notices a lack of updates or a history of irregular updates, this could indicate negligence or intentional failure to address security flaws that might put users’ data at risk, Levinzon says.
Reputable websites often display information about their updates on official websites or documentation; this information can also be found on App Store, Google Play, or repositories like GitHub.
Evaluate reputation and transparency
Trustworthy free cybersecurity vendors often have a clear track record across various platforms. According to Levinzon, third-party reviews, industry certifications, and user feedback, such as cybersecurity forums, reviews, and ratings on Google Play, can provide reliable information about the product.
Transparency in how a company handles data storage, encryption, and vulnerability reports is a sign of a trustworthy provider. According to Levinzon, this is especially true in the VPN industry, where many companies do not disclose such information.
“A reliable VPN provider, be it free or paid, should not share, store, or collect data like browsing history, IP addresses, and ensure that your online activity remains private. Users should also make sure that their provider is based outside of the 5/9/14 Eyes alliances, which include countries like the US, UK, Australia, and Canada, as these agreements permit surveillance and data sharing among member states,” he says.
Check for loopholes in the privacy policy
According to Levinzon, many users skim over the privacy policy, even though these documents often reveal how a service truly operates. Vague or contradictory language about data usage, retention, and third-party sharing is also a red flag.
“It is natural for free cybersecurity service providers to display ads in order to generate revenue for infrastructure and service quality improvements. However, they should explicitly state that only non-personalized, aggregated data is shared with ad platforms-and only with the user’s explicit consent,” Levinzon concludes.
Like this:
Like Loading...
Related
This entry was posted on January 15, 2026 at 11:52 am and is filed under Commentary with tags Planet VPN. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Guest Post – Hidden Dangers in Free Cybersecurity Tools: How to Safeguard Your Data in 2026
A recent alarming event, where a VPN proxy extension that was supposed to protect users spied on them instead and sold data to brokerage firms, was a reminder to be careful about whom users trust with their data in 2026. However, according to cybersecurity experts, free cybersecurity tools are a better solution than no tools at all, as long as users remain vigilant.
In December, it was discovered that a VPN proxy browser extension – a tool designed to let users hide their IP address and browse the internet anonymously – secretly collected data from at least six million consumers.
Every query entered by users through the extension into ChatGPT, Gemini, Claude, Copilot, and other chatbots was transmitted to advertising and data brokerage companies.
This case was just one of many examples of free cybersecurity tools caught silently profiting from users’ private data. According to experts at Planet VPN, a company that provides a free virtual private network, “free” doesn’t necessarily mean malicious: there are already numerous free and legitimate tools used by cybersecurity specialists.
These include Wireshark, a network traffic analyzer trusted by millions of IT professionals and cybersecurity experts; Nmap, a tool used for network security and auditing; and password managers, including one provided by Apple.
According to Konstantin Levinzon, co-founder of Planet VPN, both paid and unpaid cybersecurity services carry risks. Users should identify them and weigh in on whether the service is trustworthy based on legitimate data and independent reviews.
“Considering the fact that a number of free cybersecurity service providers have tried to profit from their users, consumers are right to be suspicious and should treat free cybersecurity tools with caution,” he says. “However, we believe that as cyberincidents increase every year, basic cybersecurity has to remain free, and there are far more important factors to consider than just the free vs paid debate.”
What does the tool’s update history say?
According to Levinzon, a trustworthy cybersecurity tool regularly releases updates that patch vulnerabilities, improve features, and enhance security protocols.
If a user notices a lack of updates or a history of irregular updates, this could indicate negligence or intentional failure to address security flaws that might put users’ data at risk, Levinzon says.
Reputable websites often display information about their updates on official websites or documentation; this information can also be found on App Store, Google Play, or repositories like GitHub.
Evaluate reputation and transparency
Trustworthy free cybersecurity vendors often have a clear track record across various platforms. According to Levinzon, third-party reviews, industry certifications, and user feedback, such as cybersecurity forums, reviews, and ratings on Google Play, can provide reliable information about the product.
Transparency in how a company handles data storage, encryption, and vulnerability reports is a sign of a trustworthy provider. According to Levinzon, this is especially true in the VPN industry, where many companies do not disclose such information.
“A reliable VPN provider, be it free or paid, should not share, store, or collect data like browsing history, IP addresses, and ensure that your online activity remains private. Users should also make sure that their provider is based outside of the 5/9/14 Eyes alliances, which include countries like the US, UK, Australia, and Canada, as these agreements permit surveillance and data sharing among member states,” he says.
Check for loopholes in the privacy policy
According to Levinzon, many users skim over the privacy policy, even though these documents often reveal how a service truly operates. Vague or contradictory language about data usage, retention, and third-party sharing is also a red flag.
“It is natural for free cybersecurity service providers to display ads in order to generate revenue for infrastructure and service quality improvements. However, they should explicitly state that only non-personalized, aggregated data is shared with ad platforms-and only with the user’s explicit consent,” Levinzon concludes.
Share this:
Like this:
Related
This entry was posted on January 15, 2026 at 11:52 am and is filed under Commentary with tags Planet VPN. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.