Auth0.com flagged as URL:Phishing by Avast

When our users go to the authentication page, avast is flagging this as “URL:Phishing” and aborted the connection to auth0.com.

Essentially a similar issue as:

Can anyone shed light as to how this was resolved with avast?

Hey @ton, welcome to the Auth0 Community!

Do you have the specific IP being flagged? Below I have shared a list of IP addresses that need to be whitelisted just in case. Thanks in advance!

@James.Morrison Thanks. The problem is not on our side. The problem is on our users/customer’s side. It is not reasonable to ask all our users (who are using avast) to whitelist the IP addresses. Frankly, most of them would be uncomfortable whitelisting addresses for security reasons.

Is there some way to resolve this directly with avast? or any alternative solution where we wouldn’t have to involve our users? Thanks in advance.

You could try reporting it as a false positive to Avast. They can then whitelist the domain in their virus definitions.

I can understand the frustration Ton and I’m here to help. I am just looking for any specific details I can gather so I can help move this forward. Can you get share a screenshot of the alert or any additional information Avast says on this front? Thank you.

Screenshot from our user above.

I’ve also reported this false positive to avast via:

Just want to see if there is more we can do here.

Thanks.

After following up with our Security team, I was able to confirm that other than submitting a request for review to Avast for the false positive. There is nothing more we can do from our side.

I understand that’s not the ideal workflow but going forward I will build out a FAQ and get it reviewed by the teams to validate it’s validity on handling miss categorizations by Avast. Once completed I will share it here in this topic. I will continue to keep this topic open until then. Thank you.

Good morning, I wanted to share the FAQ built off of this. Please let me know if you have any further questions!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.