I was browsing my spam folder on my phone in the gmail app and stupidly let curiosity get the better of me. The app had blocked images by default but I clicked to allow them as well as accidentally clicked a link in the email while scrolling through. A page began to load but I closed it before anything visually loaded as soon as I saw the URL.
I was on a Oneplus 5 android phone connected to my home WiFi. Android version 9 with August 1, 2019 security patch. Gmail app last updated Feb 12th 2020. The gmail app had permissions to my contacts, calendar, and storage at the time I clicked the link. The phone is rooted with magisk but no root prompts were given so I don’t think this is an issue..?
The email was a spam email about someone who had viewed me on linkedin recently. From long-pressing to copy the url, the link I believe I clicked was http://mycity.citywork.vn/wp-content/uploads/2020/twisterrt.php
I’ve already run a malwarebytes virus scan from the mobile app on the phone (came up clean) and changed the passwords (from another PC) to all 5 emails that I had linked in the gmail app as well as cleared the app caches and storage.
I was wondering if any experts could let me know what damage could possibly have been done considering the scenario (android device, home network, gmail app, clicked links in possibly malicious spam email causing a page to load, but no further prompts, user input, or changes as far as I was able to see), as well as if possible to investigate the link to determine what it was attempting to do/load.
I’m a fairly technical (and fairly paranoid) person looking for a fairly technical answer in terms of the potential of whether something malicious could have been run/installed on the device and whether a full device wipe is recommended.
Thanks in advance for your help!