Apple Intelligence is now available on iPhone, iPad, and Mac!

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Junk email automatically previewed - any risk? (iPadOS)

Hi all,


As I tried to delete a junk email, I noticed that the email automatically previewed (iPadOS Mail App). Does this pose any threat to my device?


Many thanks.

iPad (6th gen) WiFi

Posted on Jun 26, 2020 3:29 PM

Reply
Question marked as Top-ranking reply

Posted on Jun 26, 2020 4:35 PM

Yes - and no...


Before proceeding, it is worthwhile to state that iOS/iPadOS, if not jailbroken, is not susceptible to malware infection in the traditional sense per-se - but, in common with all computing systems, is vulnerable to many other threats and threat actors. Immunity from threat is a myth - falsely perpetuated.


As to your question...


Many email messages contain images - some visible, some not. These images may be used to

  • detect that an email has been accessed
  • attempt to deliver a malicious payload via the Mail client
  • attempt to load a malicious linked page via your default web browser (Safari).


The best defence is to “harden” your iPad. Doing so will allow you to review email content - without automatically downloading or triggering embedded content.


To “harden” the iPad and its desired behaviour it is necessary to change/set some settings for various App elements in iPadOS.


1) In iPad Settings, disable Automatic loading of remote images:

Settings > Mail > Load Remote Images - set to OFF


2a) Open the Mail App. From the sidebar, open an email that contains an embedded web-link to a safe/trusted website.

2b) From the main message pane, long-touch the embedded link to a web-age; a preview window will open.

2c) At the top of the preview window, tap Hide Preview (this inhibits loading of image elements); selecting Show Preview reverses this setting such that the preview will download potentially malicious content. This setting is “sticky”.


3) Install and configure a good quality Content Locker; highly recommend for iOS/iPadOS/macOS is 1Blocker for Safari:

https://apps.apple.com/gb/app/1blocker-for-safari/id1365531024


The full benefits of installing a comprehensive Content blocker - that processes locally on the iPad without reliance upon an external proxy - is beyond the immediate scope of this reply.


4) Change your DNS server settings to use a high security Recursive DNS provider. Quad9 is highly recommended:


Quad9

9.9.9.9

149.112.112.112

2620:fe::fe

2620:fe::9


OpenDNS

208.67.222.222

208.67.220.220

2620:0:ccc::2

2620:0:ccd::2


Cloudflare+APNIC

1.1.1.1

1.0.0.1

2606:4700:4700::1111

2606:4700:4700::1001


Items (1) and (2) are essential hardening settings. If you concerned about email threat, these should be considered as a minimum.


Item (3) I strongly recommend for its depth of protection in defending against browser-based attacks - but comes with a small cost. Item (4) comes at no cost and adds protection against a multitude of internet threats; (3) and (4) provide complementary “defence in depth”.


Implementing all four measures provides considerable protection from a high proportion of internet threats to which your iPad (and other computing devices) are exposed.


I hope this information and guidance is helpful to you - resolving any concerns you may have.


6 replies
Question marked as Top-ranking reply

Jun 26, 2020 4:35 PM in response to Bookieme

Yes - and no...


Before proceeding, it is worthwhile to state that iOS/iPadOS, if not jailbroken, is not susceptible to malware infection in the traditional sense per-se - but, in common with all computing systems, is vulnerable to many other threats and threat actors. Immunity from threat is a myth - falsely perpetuated.


As to your question...


Many email messages contain images - some visible, some not. These images may be used to

  • detect that an email has been accessed
  • attempt to deliver a malicious payload via the Mail client
  • attempt to load a malicious linked page via your default web browser (Safari).


The best defence is to “harden” your iPad. Doing so will allow you to review email content - without automatically downloading or triggering embedded content.


To “harden” the iPad and its desired behaviour it is necessary to change/set some settings for various App elements in iPadOS.


1) In iPad Settings, disable Automatic loading of remote images:

Settings > Mail > Load Remote Images - set to OFF


2a) Open the Mail App. From the sidebar, open an email that contains an embedded web-link to a safe/trusted website.

2b) From the main message pane, long-touch the embedded link to a web-age; a preview window will open.

2c) At the top of the preview window, tap Hide Preview (this inhibits loading of image elements); selecting Show Preview reverses this setting such that the preview will download potentially malicious content. This setting is “sticky”.


3) Install and configure a good quality Content Locker; highly recommend for iOS/iPadOS/macOS is 1Blocker for Safari:

https://apps.apple.com/gb/app/1blocker-for-safari/id1365531024


The full benefits of installing a comprehensive Content blocker - that processes locally on the iPad without reliance upon an external proxy - is beyond the immediate scope of this reply.


4) Change your DNS server settings to use a high security Recursive DNS provider. Quad9 is highly recommended:


Quad9

9.9.9.9

149.112.112.112

2620:fe::fe

2620:fe::9


OpenDNS

208.67.222.222

208.67.220.220

2620:0:ccc::2

2620:0:ccd::2


Cloudflare+APNIC

1.1.1.1

1.0.0.1

2606:4700:4700::1111

2606:4700:4700::1001


Items (1) and (2) are essential hardening settings. If you concerned about email threat, these should be considered as a minimum.


Item (3) I strongly recommend for its depth of protection in defending against browser-based attacks - but comes with a small cost. Item (4) comes at no cost and adds protection against a multitude of internet threats; (3) and (4) provide complementary “defence in depth”.


Implementing all four measures provides considerable protection from a high proportion of internet threats to which your iPad (and other computing devices) are exposed.


I hope this information and guidance is helpful to you - resolving any concerns you may have.


Junk email automatically previewed - any risk? (iPadOS)

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.