Avast WEBforum

Other => Viruses and worms => Topic started by: PFDanny on September 12, 2022, 12:43:56 PM

Title: Our website has been reported as a Phishing website. Its a false positive
Post by: PFDanny on September 12, 2022, 12:43:56 PM

Good Morning,

I am wondering if anyone could help us. I have already filed a false positive report but I would like to expand our contact options to here too.

The domain wxw.pharmacyfirst.co.uk is being blocked as a URL:Phishing. This is a false positive. We are a genuine GPHC registered pharmacy and has only started happening since 10am GMT.

Can anyone offer advice or support to have this removed as a URL:Phishing as this website has been in operation for over 14 years and this is the first time it has happened.

Title: Re: Our website has been reported as a Phishing website. Its a false positive
Post by: bob3160 on September 12, 2022, 01:50:56 PM

Report Suspicious File or URL:  https://www.avast.com/false-positive-file-form.php (https://www.avast.com/false-positive-file-form.php)
It comes back as clean here:
https://www.virustotal.com/gui/url/dae041f4acb1f60f8e981dbb5473ca25ca88f98d5ee456b823d93d2b0711c49c

Title: Re: Our website has been reported as a Phishing website. Its a false positive
Post by: PFDanny on September 12, 2022, 02:09:55 PM

Thanks for getting back to me. I have done this as stated in the initial post. How long does it normally take for the request to be reviewed as I've not had this problem before?

Title: Re: Our website has been reported as a Phishing website. Its a false positive
Post by: bob3160 on September 12, 2022, 02:35:42 PM

Quote from: PFDanny on September 12, 2022, 02:09:55 PM

Thanks for getting back to me. I have done this as stated in the initial post. How long does it normally take for the request to be reviewed as I've not had this problem before?

It can be anything from a couple of hrs. to a few days.

Title: Re: Our website has been reported as a Phishing website. Its a false positive
Post by: PFDanny on September 12, 2022, 02:48:00 PM

Thank you for informing me of the estimated turn around time. Hopefully this gets resolved soon.

Thanks again for your help and assistance with this

Title: Re: Our website has been reported as a Phishing website. Its a false positive
Post by: DavidR on September 12, 2022, 03:16:40 PM

Being a 'genuine GPHC registered pharmacy', doesn't mean your aren't liable to attack or outdated software.

Your site needs some work - https://en.internet.nl/site/pharmacyfirst.co.uk/1705427/ - to beef up security.

Webpage Security Score E - A+ is the best score you can get - https://snyk.io/test/website-scanner/?test=220912_BiDcQ4_A2K&utm_medium=referral&utm_source=webpagetest&utm_campaign=website-scanner

Title: Re: Our website has been reported as a Phishing website. Its a false positive
Post by: polonus on September 16, 2022, 01:07:22 PM

Hi PFDanny,

Unsatistactory trust to connecting out to dwin1 dot com, see: https://www.scamvoid.net/check/dwin1.com/

But your website as such is potentially safe:
https://www.scamvoid.net/check/pharmacyfirst.co.uk/  (just scan updated from 9 years ago).

I checked here: https://checkphish.ai/insights/url/1663324570978/undefined?back=null

Re: urlscan.io/result/8e47adc2-43cb-43b4-9fa7-42d56b595cec/ 

So nothing in particular flagged there.

But see all the risks and vulnerabilities of this website with outdated Magento CMS here.
Going over all mentioned issues with this report:
https://www.magereport.com/scan/?s=https%3A%2F%2Fwww.pharmacyfirst.co.uk%2F

Website goes unprotected against Brute Force attacks, qualified as a Medium Risk
Unprotected CMS version detected, this should qualify as a High Risk

polonus (volunteer 3rd-party cold recon website security-analyst and website error-hunter)