NordVPN launches new AI-enabled tool against phishing, and looks for testers

NordVPN running on an Android smartphone being held in one hand

Perhaps the most famous VPN service on the market, NordVPN has just unveiled its first experimental project.

Sonar comes as a browser extension with the aim of harnessing the power of AI to secure users from phishing attacks and protect them from cybercrime. This is the first project to be released under the NordLabs platform.

NordVPN subscribers can register on NordLabs' waiting list for the opportunity to test the beta version of Sonar, and help the team of engineers determine whether or not the software is worth being fully released.

NordVPN Sonar: "fight fire with fire" 

"AI tools have facilitated the automation of a significant portion of phishing attacks, and it is anticipated that the frequency of such attacks will escalate in the future, posing a significant cybersecurity threat. With this new release we aim to fight fire with fire," said Vykintas Maknickas, the head of product strategy at Nord Security. 

Sonar is based on the large language model (LLM) system, the same used by popular service ChatGPT. Using this technology should help internet users identify phishing emails in an ever-changing cybercrime environment.

Maknickas explained that the team got the idea from an internal chat group where employees with less cybersecurity knowledge were sharing suspicious emails, seeking advice on whether or not they could be phishing scams.

He told TechRadar: "We decided to mimic this with a new tool where you can open an email and basically ask an AI assistant if it's phishing."

As an AI-powered browser extension, users will need to initiate it and open suspicious emails for them to be scanned. This manual control is useful, especially when compared to a blank scan, as users can actively decide to leave out sensitive communications.

NordLabs Sonar screenshots at work

(Image credit: Nord Security)

"The most interesting output was that Sonar can find some interesting patterns that traditional phishing detectors cannot comprehend," said again Maknickas.

Cybercriminals have been increasingly using AI-powered services over the last year. These tools bring them important advantages: they can now craft a ton of very personalized scam emails within seconds, meaning that phishing emails increasingly resemble legitimate communications. 

Sonar promises to be the attentive eye missing to many distracted or less knowledgeable users. Even better, it won't just scan emails and report the likeliness of them being a scam—it'll also try to educate users by highlighting the reasons why these have been flagged as phishing and the signs to look out for in future communications.

Being a privacy-focused firm, Nord also thought thoroughly about how not to endanger the data security of its customers. LLM systems are notorious for being trained, in fact, with the data people share by using the service—which is one of the reasons why ChatGPT and similar software are considered by some commentators a privacy nightmare

Yet, Maknickas assured us that Sonar isn't trained on users' inputs, but on phishing emails that are publicly viable with Nord's Threat Protection department instead.

Sonar is available for Gmail users on Google Chrome only, but more platforms will follow.

Depending on how the testing period goes, the Nord team will then decide whether to integrate Sonar on existing products or release it as a standalone tool. 

To do this, Maknickas invites as many people as possible to test Sonar, and future experimental projects, and provide feedback—completely free of charge, of course. "It will help us, the technology community, and every internet user to understand the best ways to curb cutting-edge technologies for a better and safer internet," he said.

If you haven't yet, head on over to the NordLabs website and sign up on the waiting list to access Sonar and upcoming experimental projects. The next one set to be launched by the end of the month is Pixray, another AI-enabled tool to help distinguish AI-generated images from those created through traditional means.


We test and review VPN services in the context of legal recreational uses. For example: 1. Accessing a service from another country (subject to the terms and conditions of that service). 2. Protecting your online security and strengthening your online privacy when abroad. We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.

Chiara Castro
Senior Staff Writer

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to