Ask HN: Avast injected their signature into my email. How did they do it?

6 points by pablogancharov ↗ HN

5 comments

[ 2.6 ms ] story [ 30.7 ms ] thread
How did you send the mail?
Gmail web client using Firefox. I don't have any avast extension or anything. Im just curious of how they can intercept emails.
I would look at the certificate that is seen in firefox. And i woukd still look at the extensions and plugins. Some antiviruses install themselfs as extensions.
> Once the user sends or receives an email, Avast will scan it and add an email signature without the user's consent. The signature indicates that the sender of the email is "Virus-free" and includes a link to the Avast official website.

UI control or browser code injection?

It sounds like Avast may be using browser code injection to add their signature to your emails without your consent. This practice can be intrusive and raise privacy concerns. However, there are legitimate services like https://exclaimer.com/ that allow users to add signatures to their emails with their consent and control over the content. If you're experiencing unwanted signatures, it's important to check your browser settings and consider whether any extensions or security software might be responsible.