Enabling the NordVPN Scam, phishing, and malware protection feature on older macOS versions

Introduction

This article explains how to set up Scam, phishing, and malware protection (formerly Threat Protection Pro™) on macOS Ventura, Sonoma, and Monterey.

Before you start

Scam, phishing, and malware protection is only available with selected NordVPN plans.
If you can't see the shield icon in the app, you may have the App Store version. You need to switch from the NordVPN macOS App Store app to the sideloaded version.
You will need your computer's password to complete the setup.
If you are using a newer macOS version, check out enabling Scam, phishing, and malware protection on macOS instead.
In the redesigned app, the main Scam, phishing, and malware protection tab no longer shows per-feature toggles. All sub-feature toggles are now grouped under three super-feature blocks - Anti-malware, Advanced browsing protection, and Ad and tracker blocker - inside the Advanced settings screen, accessed from the Protection preferences card on the main page.

Here's what to do

For macOS Ventura and Sonoma

Open the NordVPN app and click the shield icon in the left bar.
In the hero section, click Turn on protection. This launches the setup wizard.
Click Set up Scam, phishing, and malware protection.
Click System settings > Privacy & security and allow the NordVPN application to load. Once done, return to the NordVPN app and click Continue.
In the System Settings window, go to Privacy & Security and click Allow next to the message about system software from NordVPN being blocked.
Enter your computer's password or use Touch ID and click Update settings.
Return to the NordVPN app and click Continue.
Click Add proxy configurations, then click Allow in the pop-up window.
If prompted, restart your web browsers to enable full protection.
Click Continue in the NordVPN app.
Go to System settings > Privacy & security > Full disk access and click the toggle switch next to NordVPN Scam, phishing, and malware protection.

Once setup is complete, the status badge in the left app section will change to ACTIVE. If the badge shows Not active. Waiting for VPN, connect to a VPN server to activate protection. If it shows OFF, click Turn on protection.

If a Permissions alert banner appears on the main page or Protection history view, click Let's do it to re-open the setup wizard and grant the missing system extension permissions.

For macOS Monterey

Open the NordVPN app and click the shield icon in the left bar.
Click Turn on protection, then click Set up Scam, phishing, and malware protection.
Click the button to go to System settings > Privacy & security. Once the settings load, return to the NordVPN app and click Next.
Click Add proxy configurations, then click Allow in the pop-up window. Return to the NordVPN app and click Next.
If prompted, restart your web browsers to enable full protection.
Click Next in the NordVPN app.
Go to System preferences > Security & privacy > Privacy and select Full Disk Access.
Check the box for NordVPN Scam, phishing, and malware protection.

To enable the cloud-based scanner

In the redesigned app, the Cloud-based threat scanner sits inside the Malware scanner inner view, under the Anti-malware block of Advanced settings.

Click the shield icon in the left bar of the NordVPN app.
Click the Protection preferences card to open Advanced settings.
Under the Anti-malware block, click the Malware scanner row to open its inner view.
Make sure the malware scanner is toggled on, then click the toggle next to Cloud-based threat scanner to enable it.

By default, both Cloud-based threat scanner (to respect privacy) and Auto-delete malicious files (to prevent accidental permanent file loss) are turned off. Both toggles are disabled while the malware scanner is off.

Good to know about the redesigned experience

Pause and resume: Click Pause protection in the hero section to temporarily disable all superfeatures for 5 min, 15 min, 30 min, 1 hour, or 24 hours. A pause toast with a countdown timer is shown across all screens of the tab. Click Resume protection at any time, or wait for the timer to elapse. Pause state is not preserved between app restarts.
Action required banner: If there are files in quarantine or vulnerable apps detected, a Security issues found banner appears below the hero section with a Review and resolve CTA that takes you to Protection history > All threats.
Superfeature "Turned off" banners: In Protection history, if all sub-features of a superfeature are disabled, a banner appears in the corresponding tab (Malicious files, Malicious websites, or Ads and trackers) with a Turn on CTA.
Quarantine auto-cleanup: Quarantined files are automatically deleted after 30 days. Hover the info icon next to the Quarantined files heading for details.
History limit: Protection history stores up to 100 entries per category (Malicious files, Malicious websites, Ads, and trackers), excluding quarantined files. When the cap is reached, the oldest entry is removed (FIFO), and the newest is added at the top.
Threat statuses you'll see: BLOCKED, UNBLOCKED, DETECTED, ALERTS OFF, ALLOWED, DELETED, QUARANTINED, COULDN'T DELETE, plus vulnerability levels LOW LEVEL VULNERABILITY, MEDIUM LEVEL VULNERABILITY, and CRITICAL LEVEL VULNERABILITY.

Additional tips

If prompted, make sure to restart your browsers to enable ad and tracker blocking.
If setup fails, a Couldn't start toast appears with Get help and Try again buttons again. If your Mac is managed by an organization and the system extension is blocked, a Managed device toast appears instead — contact your IT administrator to allow the NordVPN system extension.
In case you're experiencing any issues with NordVPN Scam, phishing, and malware protection on macOS, visit our guide on troubleshooting them.

Was this article helpful?

Still having issues?

Live chat

Contact our support to solve an issue live.
Email form

Fill out an email form so we can help you with an issue.

Email us

Our Support team will get back to you within 24 hours. We’ll reply to the email address you provide.

Attach a file (Optional)

Supported formats: JPEG, PNG.

We couldn’t process your form. Please try again or come back later.

By clicking “Submit”, you agree to our Terms of Service and acknowledge our Privacy Policy.

Thank you! We've got your message and will get back to you within 24 hours.

By clicking “Chat with support”, you agree to our Terms of Service and acknowledge our Privacy Policy. Chat functionality relies on cookies. By starting the chat, you agree to their use. Learn more in our Cookie Policy.

{ "chatTitle": "NordVPN Support", "chatCustomText": { "actionPaymentCompleted": "Payment Completed", "actionPaymentError": "An error occurred while processing the card. Please try again or use a different card.", "actionPostbackError": "An error occurred while processing your action. Please try again.", "clickToRetry": "Message not delivered. Click to retry.", "clickToRetryForm": "Form not submitted. Click anywhere on the form to retry.", "connectNotificationText": "Sync your conversation and continue messaging us through your favorite app.", "connectNotificationSingleText": "Be notified when you get a reply.", "conversationListHeaderText": "My conversations", "conversationListRelativeTimeJustNow": "Just now", "conversationListRelativeTimeMinute": "1 minute ago", "conversationListRelativeTimeMinutes": "{value} minutes ago", "conversationListRelativeTimeHour": "1 hour ago", "conversationListRelativeTimeHours": "{value} hours ago", "conversationListRelativeTimeYesterday": "Yesterday", "conversationListTimestampFormat": "MM/DD/YY", "conversationListPreviewAnonymousText": "Someone", "conversationListPreviewCarouselText": "{user} sent a message", "conversationListPreviewFileText": "{user} sent a file", "conversationListPreviewFormText": "{user} sent a form", "conversationListPreviewFormResponseText": "{user} filled a form", "conversationListPreviewImageText": "{user} sent an image", "conversationListPreviewLocationRequestText": "{user} sent a location request", "conversationListPreviewUserText": "You", "conversationTimestampHeaderFormat": "MMMM D, h:mm A", "couldNotConnect": "Offline. You will not receive messages.", "couldNotConnectRetry": "Reconnecting...", "couldNotConnectRetrySuccess": "You're back online!", "couldNotLoadConversations": "Couldn't load conversations.", "emailChangeAddress": "Change my email", "emailDescription": "To be notified by email when you get a reply, enter your email address.", "emailFieldLabel": "Email", "emailFieldPlaceholder": "Your email address", "emailFormButton": "Submit", "emailLinkingErrorMessage": "Please submit a valid email address.", "errorPrefix": "Error:", "fetchHistory": "Load more", "fetchingHistory": "Retrieving history...", "fileTooLargeError": "Max file size limit exceeded ({size})", "fileTypeError": "Unsupported file type.", "formErrorEntryRequired": "This entry is required", "formErrorInvalidEmail": "Email is invalid", "formErrorNoLongerThan": "Must contain no more than ({characters}) characters", "formErrorNoShorterThan": "Must contain at least ({characters}) characters", "formErrorUnknown": "This doesn't look quite right", "formFieldSelectPlaceholderFallback": "Choose one...", "frontendEmailChannelDescription": "To talk to us using email just send a message to our email address and we'll reply shortly:", "headerText": "How can we help?", "imageClickToReload": "Click to reload image.", "imageClickToView": "Click to view {size} image.", "imagePreviewNotAvailable": "Preview not available.", "inputPlaceholder": "Type a message...", "inputPlaceholderBlocked": "Complete the form above...", "introAppText": "Message us below or from your favorite app.", "lineChannelDescription": "To talk to us using LINE, scan this QR code using the LINE app and send us a message.", "linkError": "An error occurred when attempting to generate a link for this channel. Please try again.", "linkChannelPageHeader": "Sync your conversation", "locationNotSupported": "Your browser does not support location services or it's been disabled. Please type your location instead.", "locationSecurityRestriction": "This website cannot access your location. Please type your location instead.", "locationSendingFailed": "Could not send location", "locationServicesDenied": "This website cannot access your location. Allow access in your settings or type your location instead.", "messageError": "An error occured while sending your message. Please try again.", "messageIndicatorTitlePlural": "({count}) New messages", "messageIndicatorTitleSingular": "({count}) New message", "messageRelativeTimeDay": "{value}d ago", "messageRelativeTimeHour": "{value}h ago", "messageRelativeTimeJustNow": "Just now", "messageRelativeTimeMinute": "{value}m ago", "messageTimestampFormat": "h:mm A", "messageDelivered": "Delivered", "messageSeen": "Seen", "messageSending": "Sending...", "messageTooLongError": "Max message size limit exceeded ({size}).", "messengerChannelDescription": "Connect your Facebook Messenger account to be notified when you get a reply and continue the conversation on Facebook Messenger.", "newConversationButtonText": "New Conversation", "notificationSettingsChannelsDescription": "Sync this conversation by connecting to your favorite messaging app to continue the conversation your way.", "notificationSettingsChannelsTitle": "Other Channels", "notificationSettingsConnected": "Connected", "notificationSettingsConnectedAs": "Connected as {username}", "prechatCaptureGreetingText": "Hi there 👋\nTo start off, we'd like to know a little bit more about you:", "prechatCaptureNameLabel": "Your name", "prechatCaptureNamePlaceholder": "Type your name...", "prechatCaptureEmailLabel": "Email", "prechatCaptureEmailPlaceholder": "name@company.com", "prechatCaptureConfirmationText": "Hi there! I’m the Nordbot AI here to assist you. How can I help you today?", "prechatCaptureMailgunLinkingConfirmation": "You'll be notified here and by email at {email} once we reply.", "sendButtonText": "Send", "settingsHeaderText": "Settings", "shareLocation": "Location", "smsBadRequestError": "We were unable to communicate with this number. Try again or use a different one.", "smsCancel": "Cancel", "smsChangeNumber": "Change my number", "smsChannelDescription": "Connect your SMS number to be notified when you get a reply and continue the conversation over SMS.", "smsChannelPendingDescription": "Check your messages at {number} to confirm your phone number.", "smsContinue": "Send", "smsInvalidNumberError": "Please submit a valid phone number.", "smsLinkCancelled": "Link to {appUserNumber} was cancelled.", "smsLinkPending": "Pending", "smsPingChannelError": "There was an error sending a message to your number.", "smsSendText": "Send me a text", "smsStartTexting": "Start Texting", "smsTooManyRequestsError": "A connection for that number was requested recently. Please try again in {minutes} minutes.", "smsTooManyRequestsOneMinuteError": "A connection for that number was requested recently. Please try again in 1 minute.", "smsUnhandledError": "Something went wrong. Please try again.", "syncConversation": "Sync conversation", "tapToRetry": "Message not delivered. Tap to retry.", "tapToRetryForm": "Form not submitted. Tap anywhere on the form to retry.", "telegramChannelDescription": "Connect your Telegram account to be notified when you get a reply and continue the conversation on Telegram", "unsupportedMessageType": "Unsupported message type.", "unsupportedActionType": "Unsupported action type.", "uploadDocument": "File", "uploadInvalidError": "Invalid file.", "uploadPhoto": "Image", "uploadVirusError": "A virus was detected in your file and it has been rejected", "viberChannelDescription": "Connect your Viber account to be notified when you get a reply and continue the conversation on Viber. To get started, scan the QR code using the Viber app.", "viberChannelDescriptionMobile": "Connect your Viber account to be notified when you get a reply and continue the conversation on Viber. To get started, install the Viber app and tap Connect.", "viberQRCodeError": "An error occurred while fetching your Viber QR code. Please try again.", "wechatChannelDescription": "Connect your WeChat account to be notified when you get a reply and continue the conversation on WeChat. To get started, scan this QR code using the WeChat app.", "wechatChannelDescriptionMobile": "Connect your WeChat account to be notified when you get a reply and continue the conversation on WeChat. To get started, save this QR code image and upload it QR code scanner.", "wechatQRCodeError": "An error occurred while fetching your WeChat QR code. Please try again.", "whatsappChannelDescriptionDesktop": "Sync your account to WhatsApp by scanning the QR code or clicking the link below.\nThen", "whatsappChannelDescriptionMobile": "Sync your account to WhatsApp by clicking the link below.\nThen", "whatsappLinkingError": "An error occurred while fetching your WhatsApp linking information. Please try again." }, "chatCustomScreenReaderAnnouncement": { "supportTyping": "{author} is typing", "supportSays": "{author} says:", "sentImage": "{author} sent an image", "sentFile": "{author} sent a file", "sentCarousel": "{author} sent a carousel", "sentLocation": "{author} sent a location" } }