Avast is flagging my site for phishing

My site was hacked. We’ve fixed the hack, changed all pertinent passwords and removed malicious content. Avast is still flagging as an attack site for phishing.

How do I get a review and removed from the flagging listing?

Rob Cochran
SS-CMMS
https:/ss-cmms.com

https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

Looks like you have more issues than Avast as it it also detected by other scanners.

I just refreshed a previous scan (3 days old) and the number has reduced a little - https://www.virustotal.com/gui/url/49ec0728311e5e5db292ba93040983434d19acb663707786481595157bc7f9b8/detection

Considered a low security risk on this check - https://sitecheck.sucuri.net/results/https/ss-cmms.com - but with some points.

Outdated software reported here - https://awesometechstack.com/analysis/website/ss-cmms.com/?protocol=https%3A

These may or may not be what Avast is alerting for - but you should certainly address this.

Apart from what DaviR has been reporting on your websites’ status, based on various scan reports,
I can add that,

5 instances at VT flag this website: https://www.virustotal.com/gui/url/86bd3315f91aad20ada2bd8c444dc9cbf9c1fda308a2d21456157c422a53cf8f/detection

A redirect link to -https://www.capterra.com/p/148947/SS-CMMS/#reviews is giving the green by avast online security.

No cloaking detected, nor spammy looking links, nor iframes for that matter,
so wait for a final verdict from avast team, as they are the only ones to come and unblock.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

I would have thought that virustotal would have gone for the domain name and not have different unique detection returns url entries for http and https when they are basically returning the same data with the same companies making the detections.

Hi DavidR,

But such information can be critical, where https/http downgrade attacks are being performed.
It is all about a secure and less secure or rather insecure connection to a website’s server (front-end/back-end),

pol

http should be being redirected to https on that site, I didn’t see any related points raised on the scans.

I checked and it does redirect to https and good news for ‘rob347’ the OP, I got no alert.

@ the Topic Starter & DavidR,

That is good news as that is the actual situation now.
That should mean, that that previous hack has successfully been mitigated.

pol