Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: velogb on December 02, 2022, 08:41:04 PM

Title: Bank emails rejected by antivirus
Post by: velogb on December 02, 2022, 08:41:04 PM

Emails I'm receiving from Chase are being rejected by Avast antivirus preventing me from reading them. They are reported as containing URL:Phishing

Title: Re: Bank emails rejected by antivirus
Post by: DavidR on December 02, 2022, 09:32:32 PM

A screenshot of the Avast Alert message might help (see my attachment on how - click to expand).

If it is a URL based alert:
You could use the - Reporting a Possible False Positive File or Website to report it - https://www.avast.com/false-positive-file-form.php (https://www.avast.com/false-positive-file-form.php).
You should get a response in a day or two.

Title: Re: Bank emails rejected by antivirus
Post by: velogb on December 03, 2022, 11:24:10 PM

Screenshot attached

Title: Re: Bank emails rejected by antivirus
Post by: DavidR on December 04, 2022, 02:33:28 AM

Whilst the second image mentions 'Deceptive Content' would mean you need to exercise caution, the URL Phishing warning in the First image is more serious.

So it isn't actually alerting on Chase (the bank presumably) ?
There would appear to be a redirect to the moveable-ink-3049.com location/site, this could well be considered as suspect, unless you know that this redirect is legitimate, it should at least be considered suspect.

You can as mentioned report this as a possible false positive:
Reporting a Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php (https://www.avast.com/false-positive-file-form.php).
You should get a response in a day or two.
You can give a brief explanation why you consider it an FP - I would also suggest you give a link pack to this topic as it contains additional information (in the screenshots).

See - https://www.virustotal.com/gui/url/2c8ba56877b02892fdd6b5a152bdd6d142fe517120bc2d804f87637a7c620413
Also - https://en.internet.nl/site/movable-ink-3094.com/1804834/ - which indicates certain weaknesses in security - not good if this is a genuine redirect from Chase.
Whilst not considered malicious - it has security weaknesses - again not good if this is a genuine redirect from Chase. Medium Security Risk https://sitecheck.sucuri.net/results/movable-ink-3094.com