Security researcher Aviv Raff says the iPhone versions of Mail and Safari are vulnerable because of a basic design flaw in the Apple iPhone makes it susceptible to a URL spoofing vulnerability.

Until Apple issues a security update, Raff says users should avoid clicking on links to trusted sites within e-mail and instead type in URLs manually.

Technical details are being withheld until Apple releases a patch.