Evaluation of an Additional Security Feature for VPN’s
In September/October 2024, AV-TEST performed a comparison test of ExpressVPN, IPVanish VPN, Mullvad VPN, NordVPN and Proton VPN. The test focused on their additional capabilities of blocking malicious URLs and phishing websites as well as false positive avoidance.
To maintain an unbiased review, NordSec did not provide any samples (including malicious or clean files, URLs, or related metadata) and had no influence or prior knowledge of the samples selected for testing. All tested links and malicious samples were verified by AV-TEST as recent and active at the time of testing.
The test focused on the detection rate of links pointing directly to portable executable (PEs) malware (e.g., EXE files), links pointing to other types of malicious files (e.g., html, JavaScript) and phishing URLs. A total of 3,209 malicious samples were tested. In addition, AV-TEST evaluated false positive rates by downloading popular applications from both HTTP and HTTPS websites and conducted an additional false positive test on popular, verified clean websites.
A total of 2,298 test cases were used to determine if the product causes any disruption during normal use.
Detailed information on the test setup and test scenarios can be found in the following sections of this report.