If you’re into expanding your knowledge on internet security then you can check out The Hated One on YouTube. Although I have to warn you, he is very restrictive, like, he’s against FaceID, TouchID and other biometrics. He’s against any proprietary software, Apple, Microsoft etc.
Regarding your particular question, the entirety of your connection contains of
- your pc/laptop/smartphone
- your wifi router or 4g access point
- all other servers on the way, including your internet provider
- the destination server
What VPN does is that it introduces another server on the way. So for your router and all the servers on the way (2 & 3), it appears that you’re connecting with the VPN. The destination server thinks that you’re connecting from the VPN address. So what it does, is that it obscures the servers you’re connecting with to anyone on the way, and it obscures your location to the destination server.
The additional advantage is encryption of the connection, but all banking websites and even facebook/gmail etc use HTTPS since a long time, which also has encryption.
Many YouTubers are sponsored by VPN providers, so they will tell you how important it is to use a VPN. But I think if you use a known device and a trusted internet connection, and HTTPS, then I don’t see the need for VPN. Unless you really don’t want anybody on the way to know who you’re connecting with.
I think a far greater risk comes from exploits that reside on your own machine, like a hacked OS, hacked browser, some keyloggers etc.That’s why it’s essential to run a up-to date version of your operating system and not install any crap from unknown sources.