A virtual private network can help hide your browsing activity, but it won’t stop you from clicking a fake banking link or downloading a malicious file.

NordVPN‘s answer is to make its VPN app do more than encrypt your connection. The company announced Wednesday that it’s bringing its antivirus features closer to the center of its VPN app, as NordVPN expands into a broader digital privacy and security service.

According to Domininkas Virbickas, product director at NordVPN, the updated app is organized around three main areas: Connect, Protect and Monitor. In practice, that means you can access NordVPN’s VPN, scam and phishing protection and monitoring tools such as Dark Web Monitor from the same app, instead of treating them as separate products.

NordVPN says the shift reflects how online threats have moved beyond traditional malware and now include phishing pages, fake online stores, scam messages, identity theft and account takeover attempts.

Traditional antivirus software was largely built around detecting malicious files. NordVPN says its approach is meant to stop more threats earlier, before you hand over your credentials, make a payment on a scam site or download something harmful.

Virbickas told CNET via email that the company’s next-generation antivirus uses two layers of detection. At the web level, URLs and domains are checked in real time using threat intelligence feeds, rule-based systems and machine learning models built for specific threats, including phishing URL detection and scam pattern recognition. If something reaches the device, Virbickas said a second layer uses file scanning powered by machine learning models trained to identify malware before it can run.

“The difference is not only what is being detected, but when,” Virbickas said. “The goal is to prevent harm before the user has to deal with cleanup.” 

Today’s scams are built around deception

Online threats no longer rely entirely on malicious files but rather on deception, Virbickas said. Users are frequently tricked into handing over credentials, bank information or other sensitive data via fake websites, fraudulent messages, scam calls (that rely on spoofing and impersonation) or another type of social engineering. 

“People still use the word ‘antivirus’ as shorthand for digital security, but the threats they need protection from have changed dramatically,” NordVPN CTO Marijus Briedis said in the announcement. “Modern protection should address the real risks people face online today, from phishing and scams to malicious downloads.”

The company said its protection technologies blocked 4.8 million threat events in April, a figure that includes malware, phishing, scams, malicious websites and other harmful or suspicious content encountered by users.

As data harvesting online intensifies, privacy is more important than ever. Virbickas said that NordVPN’s privacy approach revolves around “collecting the minimum signal needed to make a threat decision,” with checks happening locally on the device where possible. If server-based analysis is required, data is stripped of any identifying information.

Not every feature is included in every NordVPN plan. NordVPN’s current plans are Basic, Complete and Prime, all with a 30-day money-back guarantee and the option to upgrade or add features online. 

Putting more privacy and antivirus tools in one place could make online protection feel less scattered, without requiring you to download separate apps. But one app can’t make you immune to the wide range of cybersecurity threats. Strong passwords, multifactor authentication, software updates and a healthy suspicion of weird links are still important.