At 8pm on Wednesday 10 May 2023, we found out that some users of Avast.com Antivirus software were seeing warning about phishing when they visit pages that link to the Green Web Foundation greencheck badges that companies use to show that their site is marked as green. It appears that Avast.com’s AI categorisation services have mistakenly marked all traffic from api.thegreenwebfoundation.org as suspect – this is a false positive, – it’s totally safe to have these badges on your site.
We go into more (technical) detail explaining why, and what you can do below.
If you see an image like this in your browser when visiting a site you used to visit before, it’s probably Avast’s URL:Phishing protection triggering this issue, and it’s wrong. We’ve raised it with Avast.com to get it resolved.
Why does this happen?
Right now, we are not sure.
We currently think this might be a case of the domain being mistakenly classified by AI as a suspect domain. This might be because the the url you use to load an image, does not end with .png or .jpeg, like you might expect – and this is because we generate an image dynamically that is specific to the site we are checking.
The Green Web Foundation has served nearly 4 billion checks against our database from api.thegreenwebfounation.org, with nearly 2 billion of them in the last two years. All traffic has been sent over a secure HTTPS connection.
We have had the same green badge working for at least ten years without issue, and we use a stack of secure, well tested, well known software to power our platform. But you don’t need to take our word for it – our platform source code has been open for years, so you can see the specific code we use for serving images yourself.
What are we doing about it?
To an extent, our ability to fix this is determined by Avast.com – if every network request your computer makes is intercepted by Avast software on your computer, then we have very little control over your experience.
We are contacting them and escalating this as a priority, and for transparency, sharing updates on github issue listed below.
What you can do
Do not switch off the protection from Avast.com
First of all, while this is poor experience, and switching off Avast.com protection stop showing the alert messages, it also removes the protection it offers. We can not recommend this.
Raise a false positive with Avast.com
Avast have a website with a special form for raising false positives. We suggest you raise an issue to explaining that it’s creating a very poor experience for you, and any other users visiting your site. You can acess the false positive form on Avast’s site.
Follow the issue we created on github for updates
We are posting updates to a dedicated issue as we get them, and investigate on github. If you want, updates, you can follow the issue and receive notifications as they happen. Visit the issue on github.
If you really need the green badge on your website and can not wait til this is resolved
Finally, if you really need to show your green badge, you can make a copy to upload and serve it from your own site. This will mean that people see the green badge, but it because it is not served from our site, it won’t trigger the phishing alert. The downside is that any updates or changes are our end will not be reflected, so it may look out of date soon, as we are midway through a refresh of our brand.