An exploit dubbed ROPEMAKER relies on taking advantage of email design functionality, namely by remotely changing CSS in HTML-based emails after they ve been sent. The attack doesn t involve changing the actual content of the email, but instead what s displayed to the end user, the researcher says. The Android mail client did a good job at thwarting the exploit, but the researcher couldn’t definitively say that all versions of the mobile operating system were a safe alternative.
Source: https://threatpost.com/ropemaker-exploit-allows-for-changing-of-email-post-delivery/127600/