Our (University of Thessaly) website https://pelionsummerlab.net is being marked for phishing. Is there any way to avoid this? Is it because of our mailchimp form? It’s application season and I want to make sure students have access to the website for information as soon as possible. Thanks in advance!
-Aarati
the best thing to do is to file a report for a possible false-positive:
Thank you. I have submitted the form but haven’t heard back yet. In your experience, have you found certain things might mistakenly trigger suspicion from Avast? For example, the Mailchimp form or google analytics?
Of course I heard back right when I sent that 
Thanks Avast! Looks like our site is unblocked now. But I guess for the future, is there anything I should be aware of when building a site that might be perceived as suspicious by the software?
As with free website construction, someone has to pay for the bill.
There were 8 trackers found on that weebly website:
-www.google.com
-fonts.gstatic.com
-www.gstatic.com
-geolocation.onetrust.com
-privacyportal.onetrust.com
-p.typekit.net
-use.typekit.net (as Privacy Badger informs).
The website was not malicious, so an av-vendor would not flag these.
One could improve security like with:
Security Headers
Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors ‘none’.
Missing security header to prevent Content Type sniffing.
Missing Strict-Transport-Security security header.
Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src
polonus
i don’t think that there is anything to worry about.
Website is no longer being flagged by avast online security and privacy.
pol