-5

I am on a non jailbroken device and I accidentally clicked on an ad on webmd and it took me to a fishy looking website. Do I have a chance of getting malware?

Anders
  • 64,406
  • 24
  • 178
  • 215
John Black
  • 1
  • 1
  • *A fishy looking website* does not tell us much. –  Aug 24 '16 at 12:13
  • @JanDoggen, true, but it also doesn't have to. I feel like answers to this question should be easily understandable by people who aren't IT security geeks. – Verbal Kint Aug 24 '16 at 12:19
  • To help understand the answers, it may help to understand that the real truth is that there is *always* a chance of getting malware, no matter what operation you do. You can *always* have come across a new case that nobody has ever dealt with before. However, what we can discuss is how *likely* it is that you get malware from any activity -- most activities have a low enough probability of infection that it's not worth concerning yourself with the risk. The answers you see are capturing the level of risk, not an absolute possibility of being infected. – Cort Ammon Aug 24 '16 at 13:47

3 Answers3

2

Most of the "fishy" websites you are likely to come across are mediocre attempts at getting access to your phone or device through some scam. Essentially the old

"You're computer/phone is infected, call Apple support here: (555) 555-5555"

Complete with popups intended to scare people into giving up personal information and/or access to their computer.

In your case, I doubt that just visiting the page will give you malware. As long as it doesn't download any files to your phone and as long as you don't open suspicious files or enable some third-party script in the browser (if you're prompted to run a script, don't), then you should be fine. Even JavaScript can be leveraged for malicious purposes, but again, your browser should protect against most of these threats as long as you don't tell it otherwise.

Now, if someone has found a 0-day vulnerability that enables them to circumvent your browser and phone security just by visiting a webpage (highly unlikely) then the IT security community has a lot more to worry about.

To conclude, don't run scripts, don't download files, if a file is downloaded, don't open it, delete it, and don't give out any personal information of any sort. If you followed this when you visited the website then you're probably fine.

Oh, and in the future look into free adblock extensions/addons for your browser. If there aren't ads, you can't click on them.

Verbal Kint
  • 737
  • 1
  • 6
  • 20
0

If you are connected to the internet, there is always a risk that you get malware. However, how risky it is depends on what you do online. Visiting "fishy" sites is generally a bad idea, so the answer to your question is a definitive maybe.

Here are some things that will help you think about how big the risk is:

  • If you downloaded and/or opened any files (even if they were not executables) the risk increases.
  • If your phone OS and browser is not up to date with the latest patches, the risk increases.
  • If you have Flash or Java plugin enabled, the risk increases.
  • If the website you clicked gets a bad review by Google Safe Browsing the risk increases.

Do note, that even if you don't tick any of the boxes above the risk is still larger than zero. There have been vulnerabilities in the past allowing remove code execution without any plugins or downloads, and who knows what 0-days are out there at the moment. Still, the risk might be low enough for you to shrug it off, or at least not panic about it.

Anders
  • 64,406
  • 24
  • 178
  • 215
-2

There is always a chance, however very unlikely. Malware for phones does exist, though it is commonly attacking Android (so it seems). Nevertheless, it is possible if, for example, Safari is suffering from a 0-day vulnerability.

If you haven't left any personal information, I wouldn't be worry about it.

Yorick de Wid
  • 3,346
  • 14
  • 22