What are the risks having visited a counterfeit or phishing web page on iOS?
I received from a regular colleague a sharing e-mail in iOS Outlook, and clicked the link. It opened a web page asking for my credentials, which I did not enter because I recognized the page as counterfeit.
- Is there any way to tell whether simply visiting the page resulted in a drive-by injection?
- Is there anything I should do to ensure my device is as clean as it was before clicking the link?
- Is there a reason to uninstall and reinstall Outlook on the phone?
Technical Details
- iOS 14.0.1 ;
- Microsoft Outlook for iOS 4.57.2 ;
- iPhone Xs Max
Solution 1:
It's very unlikely that you were infected with anything or that anything negative happened overall if you did not enter your credentials. My reasoning for this is as follows:
- It asked for your credentials, which indicates the goal was phishing not infecting your devices
- Drive-by infections are not impossible, but they're also not easy. Unless you're a high profile target it's unlikely you would ever interact with one.
I don't believe there is any reason to be concerned based on how you described this.