A new flaw in Apple's iPhone software lets hackers collect your password with a single email

Apple CEO Tim CookReutersApple CEO Tim Cook speaks at the WSJD Live conference in Laguna Beach.

A new bug in Apple’s iOS mobile operating system has the potential to collect the passwords of users with a single malicious email.

The Register reports that security researcher Jan Souček discovered that Apple ignores a key line of code in incoming emails: <meta http-equiv=refresh>

What that code means is that emails opened on an iPhone, iPad or iPod can be used by hackers to load any HTML content inside an email.

The flaw lets hackers send an email that looks like it’s from a real company, but is actually used to steal your password through a fake form that looks legitimate.

Here’s a video explaining the flaw:

Souček says that Apple knew about the flaw since January, when he filed a bug report with the company. But so far the flaw hasn’t been fixed.

We reached out to Apple for comment on this article and will update if we hear back.

NOW WATCH: Kids settle the debate and tell us which is better: an Apple or Samsung phone

NOW WATCH: Tech Insider videos

Want to read a more in-depth view on the trends influencing Australian business and the global economy? BI / Research is designed to help executives and industry leaders understand the major challenges and opportunities for industry, technology, strategy and the economy in the future. Sign up for free at research.businessinsider.com.au.