Hi all,
I work in ING Bank Spain and our transactional website ( https://ing.ingdirect.es/pfm/) was reported as phishing by your antivirus. This morning we reported a false positive using your webform and contacting your social media accounts, but nothing happened so far. Could you please review this and remove this URL from your DDBB as soon as you can?. You are currently affecting more than 2 million customers.
Thanks.

Already been reported here: https://forum.avast.com/index.php?topic=223475.0

We have to wait until after the week-end for an avast team member to appear and react,
and give a final verdict, as they are the only ones that could come to block and unblock.

We here are just volunteers with relevant knowledge:

11 website security related recommendations given here:
https://webhint.io/scanner/eaaa91e8-377b-4012-a874-cab8af42a2db#Security
C-grade scan result: https://observatory.mozilla.org/analyze/ing.ingdirect.es
2 retirable jQuery libraries detected: https://retire.insecurity.today/#!/scan/2308afcd41e9e62ea7e0e5f8deed7e0d3427aebdc569bdca84c3257b3ccc0b48
Susceptible to MiM attacks → https://webscan.upguard.com/#/https://ing.ingdirect.es/pfm/#login/validation/isnomi%2Fmwx%2B1bafjhphwraz9srfd3h6a8ecn4bggwdu%3D

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

Thanks Polonus.
I was expecting some moderator to maybe help us. I know it’s weekend but I would expect a 24x7 for reporting false positives.
Thanks anyway!

Hi monica.moreno,

You are welcome.
Avast Team members are now aware of the issue.
They are known to react as quickly as with a forthcoming update,
if need be.

kind regards,

polonus

Hello,
it should be fixed now.

Milos