Apple iPhone prone to phishing, say Net forums

The much-hyped iPhone 3G by Apple is becoming notorious on the Net for its security flaws. According to recent reports by online forums and top gizmo sites on the web, the Apple iPhone has become vulnerable to serious security threats like phishing and spyware.

For instance, a security flaw in Apple Inc’s iPhone allows unauthorised users to gain easy access to your private contacts and emails even when the device is ‘locked’, say top mobile review site like intomobile.com and the iphoneblog.com, a site developed around iPhone users. The iPhone comes locked when you buy it from the market. It’s only the operator who can unlock the phone legally.

Meanwhile, network and mobile security experts also point out the flaws in the iPhone’s Safari web browser. “The iPhone’s Safari browser is one of the most vulnerable browsers and is prone to not only phishing but also to spread of spyware. Using APPLE SDK (software development kit), a hacker can create phone spying software which can anonymously send or receive SMS without notifying the owner,” said network security firm Appin’s CEO, Rajat Khare.

According to online forums, flaws in the mail and Safari applications bundled with the iPhone leave users of the device at greater risk of phishing attacks. Apple failed to reply to ET’s repeated email queries on the issue. Another vulnerability in the iPhone is URL-spoofing.

It means that a dodgy domain pointed to by a specially crafted URL can appear to be that of a trusted brand when viewed through the iPhone’s mail or Safari browser applications. The iPhone does not display the URL of a link embedded into an email, making it easier to trick the user into pointing the Safari browser to a phishing website. Even the dialing process of iPhone can be hijacked via JavaScript, the blog sites report.

Meanwhile, Gizmodo, a too Gizmo review site and a MacRumors.com claim that it takes only three taps to gain access to the locked iPhones. “Earlier hacking reports were predominantly on the Windows platform, now with iPhone gaining popularity, hackers have trained their eyes on it. Although Apple has released the latest version of security software, it is unlikely that it will solve the issues completely,” said Trend Micro country manager – India and SAARC