Author Topic: Avast catches phishing site but does nothing to permanently blacklist/block.  (Read 2310 times)

0 Members and 1 Guest are viewing this topic.

Offline Wayne158

  • Newbie
  • *
  • Posts: 13
When I open ANY site in Edge, the real site launches, then a second later a new tab opens, you see phishing sites real address for a split second, then an imposter site will materialize.

Do you know how old it gets killing bogus tabs 30 times a day, 7 days a week? FOR MONTHS??!!
I actually contacted tech support about this issue months ago and this is no lie, was told "well it doesn't appear to be malicious" which I translate as "We don't know how to resolve, so live with it."

Initially Avast would flag it and I'd get an avast placeholder page that said bad site in the offending tab and an Avast pop-up window saying saying we blocked this site (see attachments)

It is so bad I can get the tab page and the Avast popup anytime I want to. That is how I got and screen shotted the two jpg's.

It gets better. 
Whoever was the bad actor behind the phishing site figured out how to get past Avast security so the Avast warning tab and popup went away but the same behavior continues to this day.
Something has changed in that Avast is flagging the attack again.

THE OFFENDING ADDRESS IS IN THAT AVAST POPUP 
                              FIX IT


You know what the saddest part is, that I envision bad actor is ROFL about?
When I open Avast the phishing site is right behind it launching.
Ain't that a hooT
 
« Last Edit: May 12, 2022, 05:11:35 AM by Wayne158 »

Offline Wayne158

  • Newbie
  • *
  • Posts: 13
PART TWO
Avast tab opening then phishing site opening. SEE ATTACHMENT
Note the open tabs. Last one is where phishing site tried to open after I launched 2nd legit Avast tab.
« Last Edit: May 12, 2022, 05:20:24 AM by Wayne158 »

Offline r@vast

  • Avast team
  • Massive Poster
  • *
  • Posts: 2761

Offline Wayne158

  • Newbie
  • *
  • Posts: 13
So you are telling me Avast can't handle anything but plain vanilla fresh install of anyone's browser. Or use your browser. That's how I interpret that article.
Which means Avast isn't robust enough to block site from launching phishing tab unless it is configured your way? You can catch but you can't block??

You do know that address that initially pops up in your warning IS a problem site? Google is good for helping me figure things like that out.
It is good that Avast catches the attack. What my beef is, is that I, the user, has to close the launched phishing page 30 times a day because you can't block the attempt.

I get security patches from Microsoft it seem like everyday. Microsoft isn't telling the user it must not tweak or customize Windows, Office 365 or Edge. Microsoft just asks people and businesses to report the problem, they validate the hole that is allowing bad actor in, and closes vulnerability via patch.
Make me wonder if Microsoft is really who is doing all the heavy lifting here to catch virus, malware, ransomeware and phishing attacks

Offline r@vast

  • Avast team
  • Massive Poster
  • *
  • Posts: 2761
Hi,

Understandably, it can be frustrating. Please accept our apologies for any inconvenience caused.

The source of these malicious connections is generally in the browser settings - either a malicious extension or website-specific settings.
The fastest way to resolve similar situations is usually by resetting the browser to the default settings.



Offline Wayne158

  • Newbie
  • *
  • Posts: 13
As a final addendum to this help question. I found and blocked specific site and all my problems stopped.

Offline Bob265

  • Newbie
  • *
  • Posts: 1
I'm having this same problem.... I surf to a page that looks legitimate, but there is some kind of malware linked to it --- most often it is PDF:PhishingX-gen[Phish] --- Avast says it blocks the threat but it does not. I have had this crop up multiple time this week (15 this month alone)... and I do see malware symptoms on my machine that disappear after I run a full virus scan and quarantine the threat. But now I'm running a resource intensive full virus scan multiple times a week? Why can't Avast just quarantine the threat when it encounters it?

This is another occurrence where Avast products are causing me to do more work that degrade my PC's performance. Combined with all the Avast sales spam and CPU/RAM overhead... it's causing me to look for alternatives to all the Avast products. I've also never gotten any support for tickets I open so likely I am once more talking into a vacuum.

Offline Wayne158

  • Newbie
  • *
  • Posts: 13
I kicked Avast to the curb probably going on a year ago.
Between Microsoft Defender, 1Password, and being super diligent about website addresses, email addresses that are straight up phishing via email it got to be I was subscribing to an Apology site.
For $50 bucks a year we'll apologize to you.
Yours Truly,
Avast

My information has been compromised twice and neither was via me doing something stupid on my computer.
Both were from hackers breaking into corporate databases that I was on.
The most recent being Luxottica (spelling may be wrong) who is like one of if not the biggest player in the world of glasses. I bought sunglasses from Lenscrafters. One guess who owns Lenscrafters.

I recommend the following site to everyone concerned about internet security.
Dude who runs site is high roller employed by Microsoft in their security group. a real eye opener. just put in your email and you can see not only that it has been compromised, but by who so your email may be out there in numerous security breaches.
I don't have children and I've been messing with computers since 1983, both breaches were corporate breaches, not me getting breached, because of their lax security practices.
It's a jungle out there. If you don't know what or who, delete it. If legit, they'll probably be back. If a scam they probably won't.

https://haveibeenpwned.com/