You may have heard about apps that secretly share your data with third-party trackers. It might be a game sharing your in-app purchases, a transit app sharing your location, or a fitness app sharing your heart rate or sleep habits. Marketers often buy this data and use it to serve you personalized ads as they track you across the internet, without you ever knowing.
The best way to reduce tracking and take back some control over your online privacy is to stop this data from leaving your device in the first place. That’s why we developed Threat Manager.
How Threat Manager works
Threat Manager uses a blocklist to automatically stop any app on your device from communicating with third parties known to be malicious—that includes trackers, scammers, and malware sites. This gives you more control over who has access to your data.
Some web browsers, like Safari, already offer similar protection. What makes Threat Manager different is that it works across all apps on your device, not just web browsers. No matter which app is trying to share data, or whether the app is open or running in the background, Threat Manager will stop it from talking to any blocklisted parties.
Our blocklist is automatically updated to include new threats as they emerge. As long as the feature is activated and your VPN is connected, you’ll be protected.
Threat Manager + VPN = Even stronger protection
Your VPN app already prevents bad actors from listening to your traffic on the way to its destination. But what if your traffic’s destination is a bad actor—either because you accidentally tapped a suspicious link, or one of your apps is sharing data with trackers behind your back? Your VPN app doesn’t protect you from these threats… until now!
With Threat Manager enabled, ExpressVPN not only shields your traffic from third-party listeners (like your ISP). It also blocks your traffic to malicious third parties (like trackers and scammers).
Who’s on the blocklist?
Threat Manager’s blocklist is open source, compiled from the following publicly available lists of known trackers and malware hosts:
- DigitalSide Threat-Intel (Malware Domains List)
- Fademind (Risky Hosts)
- Fademind (2o7 Network Trackers)
- Geoffrey Frogeye (First-Party Trackers)
- AdguardTeam (CNAME-Cloaked Tracking Abuses)
- Mandiant APT1 Report
Activate Threat Manager to deactivate invasive data sharing
Threat Manager is an extra layer of privacy protection, but it doesn’t come at an extra cost. If you’re subscribed to ExpressVPN and you have an iOS, Android, Mac, Windows, Linux, or Aircove device, you already have free access to this new feature!
To activate it on iOS or Android, make sure your app is updated to the latest version, then tap “Options” -> “Settings” -> “Threat Manager”.
For Mac, first ensure that you’re running the latest version of the app, then go to “Settings” -> “Preferences” -> “Threat Manager” -> click on the box to toggle on Threat Manager.
For Windows, first ensure that you’re running the latest version of the app. Then, click on the menu icon and go to “Options” -> “Threat Manager” -> click on the box to toggle on Threat Manager.
On Linux, you can easily toggle on Threat Manager within the Terminal by running the following command:
expressvpn preferences set block_trackers true
If you’re using Aircove, Threat Manager is already set up with the router.
Note: Threat Manager is only active while your VPN is connected and using the Lightway protocol or the “Automatic” protocol setting.
If you need help activating Threat Manager, simply start a live chat with our Support Team, available 24/7.
Privacy should be a choice. Choose ExpressVPN.
30-day money-back guarantee