My GF received a random email from iTunes saying that she had started a new subscription, its a very convincing email until closer inspection. Anyway she clicked the link at the bottom to cancel it and it took her to a phishing website which looks like the apple id login page...(falm palm) This website was loaded via a proxy site which contained a random php script before forwarding to the final site.
Im a sys admin so im highly security conscious. In hindsight I wish I saved the email so I could load the link in a VM to inspect the HTML code. However I think there's a possibility it could of been an XSS or CSRF attack.
So this email and link was pressed on an iphone 6 using the safari browser built into the phone (there was no senstive webpages open on safari at that time), i have since disabled javascript and deleted all her cookies and will reformat when I get a chance later on, iv asked her to change facebook, bank, paypal passwords etc too on a different PC.
I dont know very much about iphone security, do you think this is still a threat after the steps I have taken if it is indeed an XSS and CSRF attack?
If its standard phishing, she never logged into the bogus itunes site with any credentials so im happy thats ok.