In this 2015 blog post Explaining Avast’s HTTPS scanning feature, an email address is mentioned: banks‑whitelist@avast.com
. Search for it as text, there is only one result.
By default the antivirus “spies” on every HTTPS connection to check whether there is malware on the site. This includes banking websites, i.e. if you visit your bank, the antivirus sees everything you see about your money. Avast s.r.o. totally understands the user’s concern about privacy, and gives the said email address at which you can request that your bank will also be not “spied on”.
According to my experience in Firefox, you can tell whether a connection is “spied on” (i.e. protected) by Avast by clicking the padlock icon () to the left of the URL to show the Site information popup.
- If the connection is “spied on”, you will see the following warning message: Connection verified by a certificate issuer that is not recognized by Mozilla.
- If it is not “spied on”, you will see no warning message.
I have never seen this warning message on www.bankofamerica.com, therefore I suppose this bank is on the whitelist, so the list still exists. Other banks have the warning message, e.g. Bank of China at www.boc.cn.
The question is, how do you ask Avast s.r.o. to whitelist another bank? The said email address does not work any more. (I know how to add it as an exception locally on my computer. The question is not about that.)