Author Topic: Website being blocked for Phishing - most likely in error  (Read 2931 times)

0 Members and 1 Guest are viewing this topic.

Offline stevec5375

  • Jr. Member
  • **
  • Posts: 37
Website being blocked for Phishing - most likely in error
« on: October 26, 2021, 09:20:34 PM »
I am trying to access my doctor's patient portal.  I'm getting an Avast error that the site is suspected of phishing.  I have tried this on 3 different browsers and get the same problem.  I suspect that the website is fine.  This didn't start until this morning after the Chrome extension was updated.

hXXps://8743.portal.athenahealth.com/

Can someone tell me what's going on?

I'm running on Windows 7 Home.

Thanks.



« Last Edit: October 26, 2021, 10:33:47 PM by stevec5375 »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Website being blocked for Phishing - most likely in error
« Reply #1 on: October 26, 2021, 10:14:16 PM »
Please 'modify' your post change the URL from https to hXXps, to break the link and avoid accidental exposure to suspect sites, thanks.

Reporting a Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php.
You should get a response in a day or two.

It's strange that the main domain/site isn't found suspect, only the 8743.portal.domain-name
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33892
  • malware fighter
Re: Website being blocked for Phishing - most likely in error
« Reply #2 on: October 26, 2021, 11:37:52 PM »
That particular sub-domain has an insecure connection - http- see: https://sitereport.netcraft.com/?url=8743.portal.athenahealth.com

See the malicious files connected to the IP address: https://www.virustotal.com/gui/ip-address/208.78.141.21/relations
Could have been an IP related detection for emotet malware, but I also find it to kick-up an internal server error,
a so-called 500 Internal Server Error.  So address Boston for that.

Also DNS issues: https://dnsviz.net/d/portal.athenahealth.com/dnssec/athenahealth.com/SOA
-portal.athenahealth.com/A (NODATA)
-portal.athenahealth.com/AAAA (NODATA)

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline stevec5375

  • Jr. Member
  • **
  • Posts: 37
Re: Website being blocked for Phishing - most likely in error
« Reply #3 on: October 27, 2021, 04:09:02 PM »
The problem has been fixed.  Here is the email from support at Avast.


Hello,
Thank you for contacting Avast and reporting false positive URL detection. I am glad to help.

Reported website was checked by Avast virus specialists and based on the findings the detection was turned off.

The website is now marked as clean in the Avast virus database. This change should be instant but it might take up to 24 hours in some cases. Please accept my apology for the inconvenience caused.

If the detection persists after the 24 hours, please update Avast virus database first and reply to this email with attached files:
1. Take a screenshot of the Avast detection dialog with "See details" in the bottom-right corner displayed.
2. Take a screenshot of the Avast virus database - go to Avast Antivirus to "Menu - About"

Have a nice day!

Best Regards,

Fran
The Avast Support Team

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Website being blocked for Phishing - most likely in error
« Reply #4 on: October 27, 2021, 05:54:13 PM »
The problem has been fixed.  Here is the email from support at Avast.

<snip>

Thanks for the confirmation the issue has been resolved.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security