- Security researchers say FreeVPN.One’s Chrome extension can take screenshots of the websites people visit — raising big privacy concerns.
- The extension’s privacy policy has changed multiple times in recent months, dropping key details about data collection and who actually runs the service.
- Investigators say the company behind the app has been evasive, providing no proof of legitimacy and operating under shifting, unclear identities.
A free Chrome VPN extension called FreeVPN.One is facing scrutiny after a security firm discovered it may be gathering much more user data than expected. According to a new report by Koi Security, the app’s privacy policy admits it can take screenshots of the pages people visit — including the page content and URL — and send them to company servers.
While the company says this only happens if users enable an “AI Threat Detection” feature, another part of the policy suggests data is collected regardless. Koi Security says this matches its own findings.
Shifting privacy promises
Adding to concerns, the extension’s privacy policy has been quietly altered in recent weeks. A June 20 version made no mention of collecting anonymized usage data, nor did it include disclaimers about the tool being in beta or lacking guarantees. The latest version also dropped the name of the operator, previously listed as CMO Ltd., leaving users with no clear idea who is behind the app.
The only clue is an email domain that redirects to a barebones Phoenix Software Solutions page hosted on a free Wix site — hardly the kind of professional presence expected of a privacy company.
Silence from the developer
Koi Security says the extension has morphed over the past few months from a basic VPN to what it calls a “privacy-invading extension.” When researchers pressed the developer for proof of legitimacy — such as a company profile or GitHub account — the developer stopped responding.
Why it matters
VPNs are supposed to protect privacy, but they also require users to place deep trust in whoever operates them. Experts say FreeVPN.One highlights the risks of using free, unknown extensions, which may offer little protection and instead create new privacy dangers.
As the report puts it, putting your browsing data in the hands of an obscure developer who can screenshot every page you visit “is not exactly confidence-inspiring.”
Perfect — here’s the merged consumer tip sheet, combining the “what to do” warnings with the “trusted alternatives” advice in one easy-to-drop-in box:
🛡️ Consumer Tip Sheet: Staying Safe With VPNs
What to Watch Out For
🚩 Beware of “free” VPNs: If you’re not paying, your data may be the product. Many free services track or sell user activity.
🚩 Check the developer’s transparency: Legitimate providers disclose who they are, where they’re based, and how they handle data. If that info is missing or vague, steer clear.
🚩 Read the privacy policy carefully: Look for plain statements about what is collected (or not collected). Sudden changes in the policy are a red flag.
🚩 Avoid browser extensions as your main VPN: Extensions are easier to manipulate. A standalone VPN app from a trusted provider is generally safer.
🚩 Uninstall questionable tools: If you’ve installed FreeVPN.One or something similar, remove it and consider changing your passwords.
What to Look For Instead
✅ Paid services: Reliable VPNs usually charge a fee, which supports secure infrastructure instead of monetizing your data.
✅ Independent audits: Top providers (e.g., ExpressVPN, NordVPN, Surfshark, Proton VPN) have undergone third-party audits verifying “no logs” claims.
✅ Clear ownership: Trustworthy VPNs name the company and jurisdiction they operate under.
✅ Strong privacy stance: Look for no-logs policies, open-source apps, and clear data-handling practices.
✅ Extra protections: Many quality VPNs now include malware blocking, tracker prevention, and kill switches for added security.
💡 Pro tip: Before committing, check for independent reviews from outlets like Wired, PCMag, or TechRadar. Transparency and outside verification are key signs of trustworthiness.