Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Dan50

macrumors regular
Original poster
Apr 11, 2014
168
6
Originally I received it to my gmail but then I forwarded it to my hotmail and opnened the link from there. I did not enter any info after clicking on it. It was just constantly loading the page. I only changed the password for hotmail. Should I be OK or what should I do? It was from a company I know and they got hacked.
 
If you clicked on it in an iPad you should be fine but I would delete the browser website data in settings just to remove any cookies or whatever.


It’s not going to magically obtain the password for the email it’s sent to so I wouldn’t worry about that. Other than putting data in the fake website it could have malware on the site but I think you’re okay with the iPad because it’s so locked down. Maybe someone else could confirm that?
 
So I'm assuming you got it on your phone/ipad (gmail), and forwarded it to hotmail so you could view it on a computer? Mac or PC? If you did not enter any information, you're probably ok. Just be on guard for anything strange or quirky, including system prompts for passwords, etc. Changing your hotmail password was a good preventative idea.
 
Concur with @russell_314, and @chadamorrill; you're probably fine. Partly because the OP was paying enough attention to avoid further disclosure, partly because "It’s not going to magically obtain the password for the email it’s sent to" is correct, partly because mail/safari on both iPadOS and MacOS is reasonably tight by default, and partly because I like russell's avatar pic.

I have a policy (and indoctrinated wifey, too) to NEVER click on any link in any form of messaging, even from people or companies I recognize. ALWAYS use your own known-good bookmark to go a site, then ferret out whatever the message might have said.

You can't trust the MEDIUM of messaging generally, let alone companies and people who might be pwnd by man-in-the-middle hacks. Furthermore, lots of companies themselves sell their own customer down the road to make a buck.

Where I work, all inbound and outbound eMail is converted to plain text, including hyperlinks. Full eMail headers are transcribed to a sort of "Footer" after the message. All graphics or attachments (including 1-pixel tracker bugs), inbound and outbound, are forked off to a sandbox where they're scanned (sensitive words, suspicious geolocation, domains, weird use of unicode and foreign character sets) before downloading.

Apple is missing an opportunity here, with their constant yammering about security and privacy. Apple should add this kind of "Screening and Transparency" mode to Mail, though they'd need serious upgrades for sneaky content analysis. Then let the EU chew on that.
 
I would add that probably the worse thing that might happen, since you did not enter any information, is that the website you clicked into might attempt to install a tracking cookie or other malware (which your browser or OS should block unless you're on Windows). Alternately clicking the link might also confirm that your email is valid, active, and that you will click on things, so you may get an increased volume of phishing attempts going forward.
 
  • Like
Reactions: chadamorrill
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.