Despite VPN Your ISP May Still Be Spying on You

People get so worked up over hackers and governmental surveillance they forget their ISP can also spy on them. Your Internet Service Provider (ISP) is the first connection point between the Internet and your computer. As such, ISPs represent one of the many potential threats to online security. After all, you connect to the outside world through their network. Your IP address while online is actually one they assign to you for the duration of your session. It makes sense that your ISP may be spying on you. What's really disturbing is, they may still be spying on you despite your use of a VPN.

How Your ISP May Be Spying on You, Despite VPN

Before we go further, let me make it clear that this potential ISP threat has nothing to do with hackers or the government. This is a separate issue that pertains only to the connection from your computer to your ISP's network. It happens via a mechanism known as a DNS leak.

What Does DNS Mean?

The Domain Name System (DNS) is a worldwide directory service that contains every domain name in existence. Its primary responsibility is to translate domain names into numerical IP addresses. For example, the IP address of the server you're reading this article on is 206.54.183.189. The DNS looked up the domain SecureVPN.com and found its corresponding IP address. Now 206.54.183.189 and your device (which itself also has an IP address) are in communication with each other via machine language. IP addresses are like telephone numbers for computers, and DNS stores those numbers in a more human-friendly format. After all, it's much easier to remember SecureVPN.com rather than 206.54.183.189.

What is a DNS Leak?

DNS exists on hundreds of servers throughout multiple countries. Which DNS server you use online is generally determined by your ISP. Unfortunately, this means they can record and monitor your online activities if you're using their designated DNS server.

One of the main selling points of VPN is anonymity. It's achieved in part by directing all DNS requests to an anonymous DNS server controlled by your VPN service while connected to their network. This is part of how VPN keeps your ISP from monitoring you.

But sometimes, your computer will ignore your VPN connection and just send all DNS requests straight to your ISP's server. That's what a DNS leak is, and it can lead you to believe you're safe from online surveillance when you're actually not.

How to Stop Your ISP From Spying on You, Despite VPN

• Check for DNS leaks first. – Before you can solve the problem of a DNS leak, you first have to know if you actually have one. The simplest way to check for leakage is to visit https://www.dnsleaktest.com. Click the button that says “Standard test.” You can also use the “Extended test” if you're really paranoid. That test is somewhat more comprehensive, but it takes longer. If you see your ISP's DNS servers listed in the test results, that means you have a leak, and your ISP can see your activity online.

• Use a VPN that offers built-in DNS leak protection. – Leak-proof VPN client software like Secure VPN's stops DNS leaks via a firewall that blocks all Internet traffic – including DNS requests – unless it passes through the encrypted VPN tunnel. Most reputable VPN providers already have leak protection built into their software, but it doesn't hurt if you check their fine print to make sure they're serious about blocking all DNS leaks.

• Use third-party DNS leak prevention software. – You might want to consider using software like VPNCheck Pro in addition to your VPN. Windows in particular is susceptible to DNS leaks, so if you're a Windows user, this is an additional layer of protection for your online anonymity.

• Switch to a different DNS server. – If your ISP assigned your default DNS server, one way to keep them from spying on you is to simply switch your DNS server to one that's outside their network. Some choices for non ISP-controlled DNS servers include Open DNS, Comodo Secure DNS, and Google Public DNS. In addition to preventing DNS leaks, changing your default DNS server could result in faster connectivity speed. Windows 7 users can learn how to switch DNS servers at http://tinyurl.com/w7usrs, and Windows 10 users can learn at http://tinyurl.com/w10usrs.

• Make sure your VPN has a “kill switch.” – The connection a good VPN service provides for you to their secure network shouldn't fail or “drop” very often. However, like all things Internet, it does happen sometimes. If your computer stays connected to the Internet after a VPN service drop, your real IP address is exposed. It's the same as not using VPN at all. A VPN “kill switch” blocks all Internet traffic to and from your computer if the VPN tunnel collapses. You can also buy third-party kill switch software that does the same thing. VPN service drops are not technically a DNS leak, but the effect is the same: you think you're anonymous behind a VPN, when in fact your IP address can be seen by anyone who cares to look.

• Use a firewall. – A firewall is a computer security system that monitors and also controls network traffic based on a set of predetermined rules. Firewalls can be hardware or software based. Most computer operating systems allow you to implement firewalls, although the set up differs between systems. Windows 7 users can learn how to set up their own firewall at http://tinyurl.com/fww7tut.

It's frustrating that your ISP may still be spying on you, despite your use of VPN. There are already enough computer security issues to deal with without also having to worry about an ISP checking up on your activities due to DNS leakage. Fortunately, most reliable VPN providers like SecureVPN have robust DNS leak prevention built into their software. And there are several other viable options for plugging DNS leaks. I hope this article has given you some solid options in the continual fight to protect your online anonymity.