That shiny new iPhone might look good and do a lot, but it could also fall victim to a phishing scam, according to security researcher Aviv Raff.
CNET has reported that Raff has revealed both the mail and Safari browser apps on the iPhone could be fooled by a phishing attack. It’s possible for a hacker to send a mail that would seem to be from a trusted site – maybe a social networking or financial site – with a link to the site enclosed.
Although clicking on the site will open what appears to be a genuine site, it’s spoofed, of course. iPhones 1.1.4 and 2.0 are vulnerable to the hack.
Until a patch has been deployed, Raff’s sensible advice is to "avoid clicking on links in the Mail application which refers to trusted websites (eg, bank, PayPal, social networks, etc). Instead, a user should enter the URL of the website manually in the Safari application."