infection in ~Library/Application Support/Mobilesync/Backup/xxxxx
Solution 1:
It does not mean that your Mac or iPhone is infected and you should not delete the file.
From Wikipedia:
Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by e-mail spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
So ClamAV has found a spoofed email stored somewhere in your iPhone Backup. Unless you clicked on the the links in the email, that's no problem.
However, if you delete the file, you will break the backup of your iPhone.
The best solution is to either:
- tell ClamAV not to scan the folder; or
- tell iTunes to encrypt your iPhone backups so that ClamAV won't be able to scan them.