File scanning isn’t enough anymore: How NordVPN defines “next-gen antivirus”

The problem with the current definition

The cybersecurity industry has always defined antivirus generations by how they detect malicious files. Early tools matched files against known attack signatures. Later generations added heuristics, behavioral analysis, sandboxing, and machine learning-based classification.

Each generation addressed the same question: Is this file malicious? But the threat landscape has changed. Most attacks today — phishing, scams, identity theft, and social engineering — don’t rely on a malicious file. The current definition of “antivirus” hasn’t kept pace.

Viruses are no longer the biggest threat

Most cybersecurity threats today don’t involve a virus. Consider what actually threatens people online:

• Scams have turned into sophisticated social engineering operations. Fake e-commerce stores use convincing product pages, fabricated reviews, and functioning checkout flows to steal payment details. Fraudulent SMS messages impersonate delivery services, tax authorities, and banks. Phone-based scams use caller ID spoofing and AI-generated voices to extract money and personal information. None of these attacks needs a malicious file to succeed.
• Phishing has evolved far beyond the misspelled emails of a decade ago. Phishing pages today are pixel-perfect replicas of legitimate sites, often hosted on compromised domains with valid SSL certificates. They’re designed to steal credentials, session tokens, multi-factor authentication codes, and personal data used for account recovery.
• Identity theft ranks as the top security concern for NordVPN users.¹ Attackers can gain unauthorized account access through credential stuffing, session hijacking, SIM swapping, and social engineering. Once inside, they can take over the account by locking out the original owner. Attackers can also use stolen personal data to open new lines of credit or commit fraud in the account owner’s name.
• Malware and malicious files remain a big threat. What people download and what runs on their devices still demands inspection and control. But files are now just one malicious vector among many.

A digital threat protection tool that only addresses malicious files ignores most of the attacks people face. 

Redefining “antivirus”

The term antivirus comes from an era when malicious files were the primary digital threat. Decades of marketing by legacy security brands turned “antivirus” into a generic term for security software — the way “Kleenex” became the word for tissues and “Band-Aid” for adhesive bandages. That association isn’t going away.

The enterprise security industry recognized the limitations of traditional antivirus software first. Leading cybersecurity firms introduced the next-generation antivirus (NGAV) to supplement or replace signature-based file scanning. NGAVs use a combination of behavioral detection and machine learning algorithms to identify threats, helping detect malicious processes, fileless malware, and exploit behavior that legacy antivirus often misses.

For enterprise environments, NGAVs remain an important evolution. But they were largely built for managed corporate devices, dedicated security teams, and a threat model centered on endpoint compromise. They rely on extensive behavioral telemetry that a privacy-first consumer product shouldn’t collect.

So the word antivirus now carries two definitions — the legacy model built for everyday users at a time when malicious files were the primary threat and the enterprise NGAV model built for managed corporate environments. The legacy definition is outdated, and the enterprise one was never meant for individual users. Neither covers the threats people face on personal devices today.

People still search for “antivirus” when what they actually need is protection from malware, phishing, identity theft, scams, and account takeovers. The definition should catch up with the threats it’s expected to cover.

NordVPN defines “next-gen antivirus” as a comprehensive digital threat protection tool. Under this definition, a next-gen antivirus covers protection across five areas:

• Scam protection — detecting fraudulent websites and fake shops, alerting users about scam SMS messages, identifying suspicious calls, and protecting banking sessions.
• Phishing protection — evaluating URLs, email links, and web content in real time to catch credential harvesting before it reaches the user.
• Identity and account takeover protection — monitoring for identity theft attempts, detecting fraud patterns, scanning dark web leaks for exposed personal information, and alerts for compromised credentials. On the account side: detection and alerts about unauthorized access attempts through credential stuffing, session hijacking, SIM swapping, and social engineering, as well as flagging weak credentials before attackers can exploit them.
• Tracker and ad blocking — removing cross-site trackers, fingerprinting scripts, and intrusive ads that erode privacy, slow performance, and create additional entry points for targeted social engineering.
• File and device protection — scanning downloads and quarantining or removing malicious files before they can run.

NordVPN isn’t reinventing the antivirus category — it’s just expanding it to cover the threats people already expect an antivirus to handle.

How we built our next-gen antivirus

Effective digital protection requires balancing three competing commitments — we don’t profile users, we measure data that helps improve the product, and we build the product to work without requiring user attention.

Optimizing for one at the expense of the others produces a product that’s either invasive, unreliable, or too complex to use. A product shaped by all three principles is harder to make, but it’s also easier to trust.

We don’t profile

NordVPN is a privacy company. Our users trust us because we don’t surveil them. That commitment creates a hard constraint — threat detection has to work with less data than it would otherwise need.

Our rule is simple — only the data needed to identify a threat leaves the device. When analysis has to happen on our servers rather than the device, we strip any link to the user before the data moves.

In practice, that means:

• Files are checked by hash where possible, not by content.
• URLs are stripped of query parameters and personal path fragments before any cloud lookup — no URL is linked to a specific user.
• Authentication cookies are hashed, and only the first eight characters leave the device.

Our data schema has no field for user identifiers. That means privacy protection doesn’t depend on anyone following the rules — the system enforces it by design.

We measure without watching

Threat detection without measurement is guesswork. We need to know whether our phishing classifier is improving, whether our scam detection is catching new patterns, and where our models are missing threats. Answering those questions requires feedback data.

But feedback data collected without constraints is how security software becomes surveillance software. We avoid that risk by measuring detection systems, not collecting personal data. Every layer of our stack produces aggregate performance data:

• Machine learning classifiers report detection rate and false-positive ratio.
• Fuzzy hashing reports classification speed.
• Threat intelligence feeds report feed freshness.

The product computes these metrics across population-level samples. The models retrain on anonymized threat samples and statistical summaries. No user browsing history enters the feedback loop. We can tell you whether our phishing model is improving, but we can’t tell you what a specific user was doing when it flagged a threat.

We design our product to be invisible

The best security is the kind people never have to think about — no configuration, no alert fatigue, no technical expertise required. Building a product that’s invisible to users requires us to observe how people interact with it. We define the minimum data we need to improve user experience and stop there.

With user consent, we track:

• Information on whether each feature is on or off and how often it’s used.
• Volume metrics — how many threats were blocked over a defined period.
• User satisfaction scores collected through direct surveys.

None of these data points tells us what a specific user was doing. They tell us whether the product is working well enough that users never have to think about it.

Data at this level is non-sensitive by design. It can’t be combined to reconstruct behavior, infer intent, or build a profile.

NordVPN’s approach to AI: Small models for specific jobs

NordVPN employs small, dedicated machine learning models, each trained for a well-defined detection task. Rather than building a single model that attempts to classify all threats, we develop purpose-built models for distinct threat categories:

• A model trained to evaluate URLs for phishing characteristics.
• A model focused on identifying the patterns of scam e-commerce pages.
• A model that analyzes file behavior for malware indicators.
• A model tuned to detect social engineering patterns in messaging.

Some models are lightweight enough to run directly on the user’s device. Others run inside the browser extension. Models that require more processing power run in the backend. When processing happens locally, the relevant data stays on the device and isn’t sent to external servers for analysis.

Each model can be independently validated and updated, so when effectiveness drops, we can trace the cause. And because each model runs separately, none of them demands user attention or interrupts the experience.

This separation also makes measurement precise. When a dedicated phishing model underperforms, we know exactly what to retrain and on what data. When a scam detection model produces false positives, we can adjust it without side effects on malware detection. Because each model has a single job, we can pinpoint exactly what failed and why.

Machine learning models work well within a defined scope, but they break down when treated as a complete solution. Our models work alongside rule-based systems, threat intelligence feeds, and human review, each covering what the others can’t.

For classifying threats in real time across millions of different devices and contexts, small dedicated models are the most effective approach we’ve found that doesn’t sacrifice user privacy.

Where we go from here

The term antivirus isn’t going away. It’s how people think about digital protection, search for it, and buy it. The industry can either keep narrowing the definition to file scanning and treat the rest of the threat environment as someone else’s problem, or build products that match what the word already means to the people using them.

We chose the second option. We’ve built one product that covers scam protection, phishing detection, identity monitoring, and file security — grounded in privacy, measured rigorously, and designed to work without asking users to become security experts.

A digital threat protection tool that covers phishing, scams, identity theft, and malware — that’s what we believe the antivirus category should deliver today.

References

¹ Šlekytė, I. (2025, June 25). NordVPN research reveals: One in three people fall victim to online scams. NordVPN. https://www.nordvpn.com/blog/scam-experience-research/