3

I just sent an email from gmail loaded in my Chrome web browser. Also on the Windows 7 computer is AVG "anti-virus". Turns out AVG somehow managed to insert a signature into the email I sent out.

This seems like a huge breach of security, in either chrome, Gmail, or Windows 7, as I never added any AVG extensions to chrome.

How was AVG able to interact with Chrome (or Gmail) to inject the signature into my email.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Rick
  • 143
  • 6
  • This is covered in AVG's own documentation. https://support.avg.com/SupportArticleView?l=en&urlname=How-to-manage-your-AVG-email-signature-settings I found numerous articles when I googled your title question. – schroeder Feb 06 '19 at 10:38
  • 1
    I edited your title question to reflect what you wanted to ask. – schroeder Feb 06 '19 at 10:40

1 Answers1

4

Like many other antivirus AVG is doing SSL interception, i.e. it puts itself as a man in the middle into the connection between browser and server. This way it can both read and also modify the traffic and can also add this mail signature.

The browser trusts this active man in the middle since the CA AVG uses to create new certificates is added as trusted to the system/browser. See also Why is 'avast! Web/Mail Shield Root' listed as CA for google.com?.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424