You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Clicking on spam links

Whilst trying to delete a spam email on my iPad, I must have brushed against the link, as a tab opened up. I immediately closed down the tab.


should I be doing anything else and is there any danger?


Grateful for advice.

iPad Air 2, iPadOS 15

Posted on Mar 17, 2023 12:28 AM

Reply
Question marked as Top-ranking reply

Posted on Mar 17, 2023 2:42 AM

Accidental triggering of embedded links is an unavoidable hazard when using a touch-based User Interface - such as found in iPad and iPhone. Immediately closing the opened Safari (or other browser’s) Tab was the appropriate course of action.


If the link was malicious, in opening the link, whatever was going to happen will have happened. In all likelihood, a malicious page will have required additional interaction in order to elicit further response from a potential victim.


While it is difficult to fully prevent accidental activation of embedded links (some of which can be intentionally designed to be activated), there are measures and precautions that you can take to mitigate or block the potential impact of malicious websites, links and content.


The majority of threats to which you will be invariably exposed will surface via web pages or embedded links within email or other messaging platforms. Browser-based attacks can be largely and successfully mitigated by installing a good Content and Ad-blocking product. One of the very best and most respected within the Apple App Store - designed for iPad, iPhone and Mac - is 1Blocker for Safari.

https://apps.apple.com/app/1blocker-for-safari/id1365531024


1Blocker is highly configurable - and crucially does not rely upon an external proxy-service of dubious provenance, often utilised by so-called AntiVirus products intended for iOS/iPadOS. Instead, all processing by 1Blocker takes place on your device - and contrary to expectations, Safari will run faster and more efficiently.


Unwanted content is not simply filtered after download (a technique used by basic/inferior products), but instead undesirable embedded content is blocked from download - improving both speed and efficiency of the Safari. 1Blocker has also introduced its new “Firewall” functions - that are explicitly designed to block “trackers”. Being implemented at the network-layer, this additional protection works across all Apps. Further updates to 1Blocker have introduced additional network extensions, extending protection to other Apps.


A further and strongly recommended) measure to improve protection is to use a security focussed DNS Service in preference to automatic DNS settings. This can either be set on a per-device basis in Settings, or can be set-up on your home Router - and in so doing extends the benefit of this specific protection to other devices on your local network. I recommend using one of the following DNS services - for which IPv4 and IPv6 server addresses are listed:


Quad9 (highly recommended)


9.9.9.9

149.112.112.112

2620:fe::fe

2620:fe::9



OpenDNS


208.67.222.222

208.67.220.220

2620:119:35::35

2620:119:53::53



Cloudflare


1.1.1.1

1.0.0.1

2606:4700:4700::1111

2606:4700:4700::1001



Use of the above DNS services will help to shield you from “known bad” websites and URLs - and when used alongside 1Blocker, or other effective Content Blocker, provides defence in depth.


There are advanced techniques to further “harden” iOS/iPadOS (such as using DoH, DoT and DNSSEC); while fully and effectively supported by iOS/iPadOS, Apple doesn’t expose this capability via device settings - but there are easy ways to access this functionality. Aside from installing a device-profile from a external device-management system, a really easy way to set and manage DoH/DoT settings is to use a third-party utility App - DNSecure:

https://apps.apple.com/app/dnsecure/id1533413232


This App does exactly what is needed to effectively configure DoH/DoT - and is free to download and install. Many DNS providers are already preconfigured - including Quad9 and Cloudflare. Additional secure DNS providers can be added if required.


Apple has recently introduced its new Private Relay to its iCloud+ subscribers - in part employing ODoH (a variant of DoH) as an element of this new functionality. More details of this feature can be found here:

About iCloud Private Relay - Apple Support


In summary, there are many mitigations that you can use to better secure your iPad from malware and other potential threats. A good content blocker, combined with secure DNS and other protections offered by iPadOS can reduce your exposure to malicious links, content and threat actors.


I hope you find this information and insight to be helpful.


3 replies
Question marked as Top-ranking reply

Mar 17, 2023 2:42 AM in response to yellowelisabeth

Accidental triggering of embedded links is an unavoidable hazard when using a touch-based User Interface - such as found in iPad and iPhone. Immediately closing the opened Safari (or other browser’s) Tab was the appropriate course of action.


If the link was malicious, in opening the link, whatever was going to happen will have happened. In all likelihood, a malicious page will have required additional interaction in order to elicit further response from a potential victim.


While it is difficult to fully prevent accidental activation of embedded links (some of which can be intentionally designed to be activated), there are measures and precautions that you can take to mitigate or block the potential impact of malicious websites, links and content.


The majority of threats to which you will be invariably exposed will surface via web pages or embedded links within email or other messaging platforms. Browser-based attacks can be largely and successfully mitigated by installing a good Content and Ad-blocking product. One of the very best and most respected within the Apple App Store - designed for iPad, iPhone and Mac - is 1Blocker for Safari.

https://apps.apple.com/app/1blocker-for-safari/id1365531024


1Blocker is highly configurable - and crucially does not rely upon an external proxy-service of dubious provenance, often utilised by so-called AntiVirus products intended for iOS/iPadOS. Instead, all processing by 1Blocker takes place on your device - and contrary to expectations, Safari will run faster and more efficiently.


Unwanted content is not simply filtered after download (a technique used by basic/inferior products), but instead undesirable embedded content is blocked from download - improving both speed and efficiency of the Safari. 1Blocker has also introduced its new “Firewall” functions - that are explicitly designed to block “trackers”. Being implemented at the network-layer, this additional protection works across all Apps. Further updates to 1Blocker have introduced additional network extensions, extending protection to other Apps.


A further and strongly recommended) measure to improve protection is to use a security focussed DNS Service in preference to automatic DNS settings. This can either be set on a per-device basis in Settings, or can be set-up on your home Router - and in so doing extends the benefit of this specific protection to other devices on your local network. I recommend using one of the following DNS services - for which IPv4 and IPv6 server addresses are listed:


Quad9 (highly recommended)


9.9.9.9

149.112.112.112

2620:fe::fe

2620:fe::9



OpenDNS


208.67.222.222

208.67.220.220

2620:119:35::35

2620:119:53::53



Cloudflare


1.1.1.1

1.0.0.1

2606:4700:4700::1111

2606:4700:4700::1001



Use of the above DNS services will help to shield you from “known bad” websites and URLs - and when used alongside 1Blocker, or other effective Content Blocker, provides defence in depth.


There are advanced techniques to further “harden” iOS/iPadOS (such as using DoH, DoT and DNSSEC); while fully and effectively supported by iOS/iPadOS, Apple doesn’t expose this capability via device settings - but there are easy ways to access this functionality. Aside from installing a device-profile from a external device-management system, a really easy way to set and manage DoH/DoT settings is to use a third-party utility App - DNSecure:

https://apps.apple.com/app/dnsecure/id1533413232


This App does exactly what is needed to effectively configure DoH/DoT - and is free to download and install. Many DNS providers are already preconfigured - including Quad9 and Cloudflare. Additional secure DNS providers can be added if required.


Apple has recently introduced its new Private Relay to its iCloud+ subscribers - in part employing ODoH (a variant of DoH) as an element of this new functionality. More details of this feature can be found here:

About iCloud Private Relay - Apple Support


In summary, there are many mitigations that you can use to better secure your iPad from malware and other potential threats. A good content blocker, combined with secure DNS and other protections offered by iPadOS can reduce your exposure to malicious links, content and threat actors.


I hope you find this information and insight to be helpful.


Mar 17, 2023 3:27 AM in response to yellowelisabeth

You’re very welcome. I genuinely hope the information is helpful.


Boiling-down mitigation measures to the absolute bare bones, adding and configuring two Apps to your iPad (and iPhone if you have one) - one with a small subscription (1blocker) and one entirely free (DNSecure) - will add considerable protection from avoidable threats.


The “why” and “benefits” are explained in detail within my initial reply.

Clicking on spam links

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.