American lawmakers look like they are on a clear path.
That path is to destroy any remnants of user privacy protections laws in the country.
Naturally, online users have started to look for ways to protect themselves in the online world.
The best way to do that is with the help of a VPN service.
And since the VPN industry is preparing itself for an increase in user demand, it is a high time for scammers to show up.
And do some work of their own.
In other words, some bogus VPN service providers are trying to take advantage of privacy conscious online users in the USA.
This situation is truly sad but it is what it is.
Scammers have to do what they have to do and law enforcement agencies do what they have to do.
All of that doesn’t mean you just have to stand by and not do anything about it.
For starters, you can protect yourself with a real VPN service and avoid the scammers.
Because scammers will come after you.
Gone are the days when online users “stumbled” upon shady looking websites.
Now, scammers are usually hard at work in trying to take advantage of uninformed users.
There is no question that scammers would have received quite a lot of encouragement from the newly signed “trump administration” legislation.
This new legislation essentially allows all major internet service providers in the US to sell user data.
Meaning, it should mark the beginning of the end of online user privacy.
Internet service providers, in the very near future, will be able to sell their customers’ online web browser history.
To anyone with enough money.
In other words, to third-party companies that bid the highest for the user data.
And yes, all of this will be done without user consent.
Scammers Will Take Advantage Of The New Legislation And Will Play With Online Users Who Are Concerned About Their Privacy
Some online users have already started to receive emails from seemingly completely legitimate Virtual Private Network (VPN) service providers.
One Motherboard reporter received one from a VPN service called MySafeVPN.
The VPN service claimed to be an affiliate with another company called Plex.
Plex is a newbie in the entertainment industry.
It is basically a streaming media startup that has managed to capture a lot of media attention in the past.
And by now, all of us know how these “fake” VPN service or any kind of fake services work.
They hire brilliant marketing people and then unleash them into the wild.
In other words, these “VPN companies” then send marketing emails to online users.
And since recent media coverage has been about the US and its privacy laws getting abolished, it is understandable why bogus VPN service providers would want to target the US market exclusively.
The emails usually start with the “tried and tested” marketing speak.
You know what we are talking about.
Those ominous words that allude to recent news and their impact on online users.
Something along the lines of how recent changes made to US privacy bills can affect online users.
These emails from fake VPN services also target users in other countries where privacy laws are being altered.
Other countries such as the United Kingdom.
And this gives these scam VPN service providers more content to lure online users into buying their fake VPN service.
On that note, we should all be clear about one thing.
Well two depending on how you look at it.
A VPN service is a great, probably the best, way to protect your privacy in the online world.
Fake VPN service providers are useless.
Privacy Laws In The US And The UK Are Changing Rather Quickly.
And this gives fake VPN service providers the perfect opportunity to scam online users.
As indicated earlier, this MySafeVPN tries to do the same.
By contending that users who consume content via Plex need a VPN service if they want to protect their data from being sold by their internet service provider.
Also, MySafeVPN, claims that a VPN service can help them by stopping ISPs from gaining access to user web browser/download history.
So what’s wrong with that?
Well, we’ll tell you what’s wrong with it a bit but just to start off, isn’t it just convenient that a new VPN service pops up and offers users its services right after President Trump signs the bill to kill privacy laws?
What’s Wrong With MySafeVPN
For starters, they aren’t who they say they are.
Sending emails is one thing.
Getting people to buy a fake VPN service in another.
Of course, if you consume content via Plex, you might find it slightly intriguing that Plex is moving into the VPN service industry.
Perhaps it makes sense too right?
When the Motherboard reporter forwarded the email from MySafeVPN to Scott Olechowski, who is the co-founder and Chief Product officer at Plex, the reporter received a reply that we should have expected from the beginning.
Olechowski said that MySafeVPN was absolutely not a Plex affiliated online service or any other type of offering.
He also confirmed to the Motherboard reporter that if MySafeVPN email showed anything, it was that it was an extremely sketchy VPN service provider.
Olechowski continued and said that Plex would recommend users to use any other VPN service with the company’s Plex Media Server to stay safe.
The More Interesting Part Is This
The Motherboard reporter also discovered that MySafeVPN was targeting another market as well.
More specifically, the Boxee user market.
Or more accurately, the former Boxee users.
Most of you will probably know that Plex and Boxee were considered to be rivals in the streaming industry back in the late 2000s.
Later though, Samsung came in and bought off Boxee.
And then closed the business.
That happened in 2015.
The emails from MySafeVPN claimed that Boxee was indeed back.
But not as a streaming service.
It was now a VPN service.
You can check out the complete scam by visiting Plex Message boards here.
There has to be something more to Plex and Boxee other than the fact that both companies were once rivals.
As it turns out there is indeed something that is common to both companies.
Both Plex and Boxee message boards got hacked.
Hackers got to Boxee online message boards back in April 2014.
While Plex was slightly lucky and hackers weren’t able to get to its message board until July 2015.
As expected, the hackers compromised all the user information that was available with Boxee and Plex.
These hackers exposed the email addresses of Boxee and Plex users and then continued to compromise other data as well.
What Do The Experts Say
It just seems like, just like in the movies, experts are lurking in every street corner ready to give their opinion on the news of the day.
The Senior Security Response Manager at Norton by Symantec, Satnam Narang, told the Motherboard reporter that it was highly likely that MySafeVPN utilized the old data from when Boxee and Plex users were hacked a couple of years ago.
He said that MySafeVPN could have used the hacked content on the message board to get in touch with Plex and Boxee online users.
Both current and former.
Narang also said that MySafeVPN exploited the fact that it had access to data on former and current users.
This way MySafeVPN sent emails to former and current Plex users and made it look like it was credible.
For clarity’s sake, MySafeVPN is not credible.
Satnam continued and told the Motherboard reporter that such type of email campaign could also be used to convince users to give up information that might be considered as personal and identifiable.
Users could also be fooled into providing their financial information (credit card history and the like).
Moreover, MySafeVPN could potentially use this opportunity to hurt Plex users financially as well.
For example, MySafeVPN may require a user to sign up for an online VPN subscription and then have the user account debited.
But, in an expected twist, not provide the user the actual VPN service software package.
Fake VPN Service Providers Are Weird
It seems like all normal things are now turning out to be stranger than weird.
Perhaps it has something to do with people watching too much Stranger Things or whatever.
It doesn’t change the fact that MySafeVPN is increasingly looking to sound like a complete scam rather than the less-scammy-sounding term fake VPN service provider.
How do we know that?
The Motherboard reporter, in order to further gather evidence that MySafeVPN was just a scam, tried to contact MySafeVPN staff.
If you check out WHOIS records, you can clearly see that MySafeVPN official website was just created four days ago on March 30.
Moreover, the company’s official Twitter account has a grand total of two tweets.
Suspicious enough already?
Let’s dig in a bit more.
If you try to visit the company’s official website, it will trigger an anti-virus warning.
That’s according to one user on Plex message boards.
The Motherboard reporter sent MySafeVPN an email (to the address email@example.com) but did not receive a reply.
And as all reporters do, the reporter then tried to call the company.
You can try it too you know.
MySafeVPN phone number is 877-745-1560.
Regardless, the Motherboard reporter got hold of an operator and then began, according to the reporter, a strange conversation.
Long story short, the Motherboard reporter asked the MySafeVPN representative how MySafeVPN was affiliated with the streaming media startup Plex.
The reporter also informed the MySafeVPN representative that Plex’s chief product officer and co-founder specifically said that Plex had no affiliation with MySafeVPN.
In response, the MySafeVPN representative said that there was no official affiliation.
But the representative did say, as if it would make any difference, that the developers behind MySafeVPN had worked at Plex in the past.
Of course, that changes nothing.
Because the marketing email from MySafeVPN clearly said that Plex media server was now released to the public as a new service by the name of MySafeVPN.com.
Want to know something else that is equally bizarre?
The MySafeVPN representative had the audacity to claim to the Motherboard reporter that if Plex did not like the fact that its engineers were working with MySafeVPN, then perhaps the company should take care of them better.
And as any reporter worth his/her salt would do, the Motherboard reporter asked Olechowski about his conversation with MySafeVPN representative.
The Plex chief product officer and co-founder said that he could only use the word “Doucheanoes” for what MySafeVPN was doing and saying.
What Happens When You Try To Sign Up For a Fake VPN Service?
As it turns out you can actually subscribe to MySafeVPN packages.
One member of the official Plex message board tried it and spent $24.99 for a three-month VPN package via PayPal.
The user informed the Motherboard reporter that he suspected the legitimacy and validity of MySafeVPN when he was unable to find a real VPN server to connect with.
Does that sound weird?
Have you ever heard of a VPN service that offers a VPN package but doesn’t actually provides a VPN server?
Needless to say, that is a fraudulent business model.
The user from Plex message board, who uses the handle Tiefel, shared a screenshot with the Motherboard reporter which further solidified evidence against MySafeVPN as a bogus VPN service.
The screenshot was of the official MySafeVPN invoice.
Along with the payment details, the invoice came with two other interesting pieces of information.
Namely that MySafeVPN was associated with another website by the name of myhappiness.com and another email address, firstname.lastname@example.org.
After some more back and forth messages between the Motherboard reporter and representatives from MySafeVPN and it’s “sister” companies, Tiefel requested PayPal a refund.
The representatives from MySafeVPN tried to sell the service to Tiefel one last time but were not successful.
Paypal processed the refund.
Online scammers will attempt to rob people by piggybacking on the chaos that the Trump administration has caused.
Of course, the Republican Party is at fault here too.
If the Senate and the House hadn’t passed the bill to kill privacy laws, may be scammers would look to make money some place else.
But you don’t have to go through the trouble of finding the best VPN service providers.