What is phishing and does antivirus stop it?
Phishing is fake messages and websites tricking you into entering passwords or payment details. Good security suites block many known phishing sites in the browser, but the scam evolves faster than blocklists, so your own skepticism and a password manager remain the strongest defense.
Phishing does more damage than viruses these days because it attacks the human, not the machine: a mail that looks like your bank, a parcel-delivery text, a login page that is pixel-perfect fake. There is no file to scan; you hand over the keys yourself.
Security suites help at the edges: web protection modules in Bitdefender, Norton, and F-Secure block known phishing domains before the page loads, and banking-protection modes (Trend Micro's Pay Guard, F-Secure's banking protection) isolate your browser during payments. Genuinely useful, but always one step behind brand-new campaigns.
The structural defenses are different tools. A password manager simply refuses to autofill your password on a fake domain, which converts the best phishing page into an obvious dud. Two-factor authentication makes a stolen password insufficient. And the habit that beats everything: never log in through a link in a message; open the site or app yourself. Treat antivirus as the net under the tightrope, not the tightrope.