Recently when setting up NordVPN on a new Mac, it’s been exhibiting some extremely bizarre behaviour. When installing “NordVPN IKE” from the AppStore and attempting to login, it now shows a prompt (which you must accept) explaining that they will be using your email address and some other information. If you accept this and proceed, rather than logging in within the app, it now tries to redirect you to a browser URL to authenticate. However the URL it directs you to is not nordvpn.com as one would expect, but auth.zwyr157wwiu6eior.com (yes you read that correctly), before redirecting to the URL nordaccount.com. On proceeding through logging in, I was redirected to the following dubious looking range of different URL’s:
- nordvpn.com ✔
- nordaccount.com ✘
- nord-apps.com ✘
- nord-help.com ✘
- nordcheckout.com ✘
- auth.zwyr157wwiu6eior.com ✘
This is worrying, as the first thought that would cross any security-conscious person’s mind would be “is this a scam?” or “have I been exploited?” or “has NordVPN been exploited?”
I immediately did some searches to ascertain whether these are legitimate URL’s and if this is expected? For a security company that would want to instill trust in people, one would assume all URL’s would strictly be https://nordvpn.com only. Otherwise people will naturally assume it’s a scam. On reviewing the NordVPN website, it specifically says:
The core part of NordVPN’s webpage URL will always be https://nordvpn.com/.https://nordvpn.com/blog/nordvpn-fake-site-scam/
However clearly this is not the case! Either something is compromised, or NordVPN are putting in place some bizarre processes which are not going to make people feel safe. This is 101 basics for “scam checks”. This is concerning and doesn’t make much sense.
I’ve now cancelled my subscription. To add insult to injury, cancelling a subscription with NordVPN is surprisingly not simple. Doing a quick google search will reveal a number of people complaining about how hard this simple process should be. Strangely, when you review the list of “Apple Subscriptions” (to find the NordVPN subscription), most listings include the name of the service or product that is being subscribed to. However the NordVPN listing has only “Auto-renew subscription”. Without doing further investigation, you have no idea what this “Auto-renew subscription” relates too! This too is either shortsighted, or intentionally made unclear to make the process more difficult.
This is disappointing because up until now NordVPN has been useful, however I will no longer be using the service. Some people actually suggest not to use VPN Services at all which is interesting, but for the mean time I’ll look for something else. Please let me know in the comments section if you can recommend a good alternative!