News Stay informed about the latest enterprise technology news and product updates.

Apple iPhone mail, Safari prone to spoofing

A security researcher discovered some design flaws in Apple's iPhone that could leave the smartphone vulnerable to phishers and spammers.

A basic design flaw in the Apple iPhone makes it susceptible to a URL spoofing vulnerability, according to a security...

researcher who discovered the flaw.

Israeli vulnerability researcher Aviv Raff, is warning that the iPhone's mail and Safari browser applications could be exploited by an attacker using a common phishing method. The flaw was found in versions 1.1.4 and 2.0 of the iPhone firmware.

An attacker can pass a spoofed URL in a spam message, making it appear as though it came from a trusted source, such as a bank or popular social network. If the victim clicks on the link, Safari will open and display the URL as if it was from the trusted site, Raff said.

Technical details are being withheld until Apple releases a patch. Raff said Apple is aware of the problem and is working on a fix. Users should avoid clicking on links in email messages from the mail application, even if they appear to come from a trusted website, Raff said.

"Instead, a user should enter the URL of the website manually in the Safari application," he said.

Dig Deeper on Emerging cyberattacks and threats

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.