iOS email app on iPad

***Edited November 25, 2020 -This issue has been resolved by Apple, the blog is here for historical purposes.***

 

There is an extremely serious security hole that has been discovered with the iOS Mail App used on iPhones and iPads.  This attack will let an attacker take complete control of your device. The issue is in the iOS Mail App which is the default email app for Apple devices.  If you are using this application for email then you need to stop reading this right now and remove the app. (Read how to delete the app here.) Download a different app for your email, like Gmail or OutlookOnce you’ve done that you can learn more about it below. 

The Details

Completely removing the iOS Mail app from your phone may seem like a radical action, but it is completely justified.  This flaw has existed since at least 2012 and it is being actively exploited right now. 

Here is how the attck works, someone sends you an email.  In iOS 12 you have to actually click the email for it to attack. The entire email doesn’t have to load for the attack to succeed.  In iOS 13 this issue is even worse.  If you simply have Mail open in the background (and almost everyone does), then simply RECEIVING the email executes the attack and grants someone access to your phone. This is the reason we suggest deleting the app immediately.

As if all of that wasn’t bad enough, it is almost certain that you won’t even notice that this has happened. This exploit is actively being used and there are indications that it has been in effect as early as January 2018.

We take cybersecurity very seriously at Sawyer Solutions. We want to do all we can to ensure your security and that includes your mobile devices.  If you have any technology questions or concerns then please do not hesitate to reach out.  You can contact us by email or call us at (844) 448-7767.

 

by:
April 23, 2020

Is there a way to check to see if we’ve already been compromised?

April 23, 2020

Thank you so much!! I don’t think I’ve used my IOS mail app. I have Gmail and Outlook I use.
I had a question for the zoom you hosted last week. I wanted to know what your thoughts were on PC Matic?? I thought about buying the lifetime for 5 computers. Your thoughts.
Thank you for keeping us informed and safe!!

November 24, 2020

Hey Benji,

Which app is iOS email. I’m a visual person so a photo would help. A couple of people asked if there was a way to see if we’ve been compromised. I don’t see an answer. Is there a way to check? What type information does the app jeopardize?

Thanks for your help!

November 25, 2020

Karen,
Apple has resolved the issue in the post. I have updated the blog to reflect this. If you have any questions that still need answering please give me a call and I’ll be happy to answer them.

Benji

November 25, 2020

Karen,
There was no easy way to determine if you had been compromised, which is what made this threat such an problem. As far as the data is concerned it would depend on what was on the phone and what you accessed with it. It let the attacker do whatever they wanted with your phone.

Here is a screen shot of what the default mail icon looks like https://i.insider.com/5e13ba4e855cc22006284af2?width=750&format=jpeg&auto=webp

Leave a Reply

Your email address will not be published. Required fields are marked *