Threat Detected:- HTML:Paypal-B [Phish]

Good morning,

After running an anti-virus scan yesterday, Avast picked up this possible threat HTML:Paypal-B [Phish] see link below for more.
I’m not sure if it’s a real threat, or a False Positive?
Using the search facility above others have found this to be a False Positive in the past, although their issues were not the same as mine, they didn’t pick this threat up from an A/Virus scan.

If I “Send for Analysis” will I hear back?
Also if I send it for analysis will I be sending a copy of this file or the actual file?

https://postimg.cc/image/4x4bjz9kb/

Any advice or help would be appreciated.

your link does not work. attach screenshots here, see below the box you write in here > Attachments and other options

at what location was it found … full file path

If I "Send for Analysis" will I hear back?
Usually only for false positive requests
Also if I send it for analysis will I be sending a copy of this file or the actual file?
Copy

The link worked for me.

Paypal security is not optimal to say the least, see from these scan results: https://www.htbridge.com/websec/?id=ekedIL6b
The cookie is missing SameSite flag, make sure it does not store sensitive information.
Misconfiguration or weakness

COOKIE: X-PP-SILOVER
The cookie is missing SameSite flag, make sure it does not store sensitive information.
Misconfiguration or weakness
The cookie is missing HttpOnly flag, make sure it does not store sensitive information.
Misconfiguration or weakness
The cookie is missing Secure flag, make sure it does not store sensitive information.
Misconfiguration or weakness

COOKIE: AKDC
The cookie is missing SameSite flag, make sure it does not store sensitive information.
Misconfiguration or weakness
The cookie is missing HttpOnly flag, make sure it does not store sensitive information.
Misconfiguration or weakness

Not-secured connection- htxps://23.194.182.174/ with PHISHING threat… (no third party tracking seen?).

Whenever the site is brought up as a fake phish from inside a mail-link, avast may detect HTML:Paypal-B [Phish].

polonus

Pondus,

I’m sorry the link didn’t work for you, although it worked for DavidR, rather strange. I did try posting a screenshot yesterday, but for some reason or other I could only get a link to work, or not as the case may be :wink:

I’ll have another go to show the location:-

http://i68.tinypic.com/106zzuq.jpg

Rather odd that, it worked first time today!
The red bits if you’re wondering are just covering my name which I added.

Polonus,

I’m assuming by that it may not necessarily be a False Positive, but possibly a potential threat, so good to have it removed ?

Thanks to all who replied.

I'm assuming by that it may not necessarily [b]be a False Positive, but possibly a potential threat[/b], so good to have it removed ?
Only avast lab can answer that

Pondus,

Your probably right.

I let VirusTotal scan the file, only 2 out of 59 detected a problem, Avast and AVG. I believe Avast and AVG are now one IIRC.

http://i67.tinypic.com/nh1ftj.jpg

http://i67.tinypic.com/2lvo00w.jpg

http://i66.tinypic.com/2rrwejd.jpg

http://i63.tinypic.com/2zhjpy0.jpg

If I send it for analysis do I send it as Potential Malware or a False Positive?

Hello,
use https://www.avast.com/false-positive-file-form.php

Milos

Thank you for the link, now sent to Avast.

Update.

I heard back from Avast on the 16th July 2018 which I though was quite quick. Their reply is below in Blue text.
I didn’t post up here a day or so later as Avast A/V was still detecting it as a threat. Now however Avast A/V doesn’t detect any problem with it.
It’s good to know it was a False Positive.

Many thanks to Avast for checking this out and updating your database.

Hello,

Thank you for reporting this false positive.

Our virus specialists have now cleared its reputation in our database.

With URLs this change should be instant, but it might take up to 24 hours with files.

For future reference you might also find the following article to be useful: Avast Clean Guidelines.

Best regards,

Avast Customer Care