False Positive for Site Infection?

Hello,

I run a pet sitting website that uses PayPal for payouts when users complete jobs through our site (sittingforacause[.]com). Our site stores the users PayPal email address in order to send them payments. I just had an Avast user inform me that Avast is blocking access to my site, specifically our PayPal page (https://www.sittingforacause[.]com/paypal[.]php), with the screenshot showing the threat as “HTML:Paypal-B [Phish]”. I just ran a bunch of SSL tests on various websites that check for site issues, they all came back clean.

Why is this issue happening? Can we get whitelisted?

Ashley Jacobs
Sitting for a Cause

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

See nothing here: https://www.threatminer.org/domain.php?q=www.sittingforacause.com
nor here: https://www.threatcrowd.org/domain.php?domain=www.sittingforacause.com
No issues: http://retire.insecurity.today/#!/scan/8f3661fa9fbcb9e8f33f874df932e2180fff6f91409605d7d5ad1c0e30430ccd

Wait for an avast team member to give the final verdict, we are volunteers with relevant knowledge but cannot unblock,
probably you were flagged because other abuse on same IP:
see: http://urlquery.net/report/398c50e8-9ff1-4dca-bf13-6c07815e878b

polonus (volunteer website security analyst and website error-hunter)

Detection will be fixed

Thank you very much!

Quick question: how long does it take for detection to be fixed?

Hi SittingforaCause,

As far as I am aware, generally speaking, avast team could be as quick as to fix a FP with a coming update.

Make sure you update your av definitions accordingly to keep up with their newest detection definitions.

polonus