Something odd in email received from iPhone

[ThelmaLou]

I got an email from a friend of mine a little while ago. He sent it from his iPhone, and it wasn’t a forwarded message. It was a personal note to me. In the middle of the text of the message were three identical links to a porn site- at least that’s what the links looked like (all three to “girlswhof*ck.com”). Of course, I didn’t click on the links. This is a professional friend, an elderly gentleman, and I don’t know whether to call this to his attention or not. I’m not offended, and if this means he’s looking at porn on his iPhone, that’s way fine by me. I don’t want to embarrass him by blowing his cover. But if this means his email is infected with something, I’d like to tell him. He does have an automatic signature- just his first name- and his name was embedded in the third link. I looked at the full header and it did say iPhone Mail at the bottom. How would links like that get into someone’s outgoing iPhone email? Should I say something or discreetly keep it to myself?

If the above is not clear, it was like this:

text text text text
pornLink
pornLink
Name*pornLink * (No space between his name and the third link)

[ThelmaLou]

I emailed him and said there was something weird with his email and could he resend it. He replied that in his sent file, the text of the email was cut off and porn links inserted, and that was “unintended and unexplained.”

How would something like this get into someone’s sent email?

[beowulff]

Is his phone jailbroken?
Who is is email provider?

[ThelmaLou]

I don’t know what jailbroken means. He has gmail.

Okay… I looked up jailbroken. From what I understand, I’d say no. He’s not techie and probably wouldn’t know about this or want to do it. (If I understand what it is.)

[beowulff]

Jailbreaking is a way to install non-Apple-approved apps. It’s a popular thing to do, but it leaves the user vulnerable to malware.

A Google search turns up several theoretical attacks against Gmail, including this one, which could explain what you are seeing. I don’t know if any of these attacks were ever widespread, or if Google has patched their vulnerability.

[ThelmaLou]

I’m pretty sure he hasn’t installed any rogue apps. Thanks for the link.

[BigT]

ThelmaLou:

I got an email from a friend of mine a little while ago. He sent it from his iPhone, and it wasn’t a forwarded message. It was a personal note to me. In the middle of the text of the message were three identical links to a porn site- at least that’s what the links looked like (all three to “girlswhof*ck.com”). Of course, I didn’t click on the links. This is a professional friend, an elderly gentleman, and I don’t know whether to call this to his attention or not. I’m not offended, and if this means he’s looking at porn on his iPhone, that’s way fine by me. I don’t want to embarrass him by blowing his cover. But if this means his email is infected with something, I’d like to tell him. He does have an automatic signature- just his first name- and his name was embedded in the third link. I looked at the full header and it did say iPhone Mail at the bottom. How would links like that get into someone’s outgoing iPhone email? Should I say something or discreetly keep it to myself?

If the above is not clear, it was like this:

text text text text
pornLink
pornLink
Name*pornLink * (No space between his name and the third link)

That sounds like someone got his password, got into his account, and hacked his signature. If so, the solution would obviously be to change his password and signature. It would probably be easier to do on a regular computer, but you might be able to do it on the phone.