Apple addresses "Masque Attack" concerns - says there's nothing to fear14
Yes, it may sound unlikely to you that anyone would ever follow a shady link and then choose to trust an obviously untrustworthy source, but hey – it's a big, big world, and in it – there are a lot of gullible folks – or just children, playing on their parents' iDevices. Also, enterprise apps need to be installed from proprietary sources, not the App Store, so theoretically – it's possible that a phone could be infected in that manner as well.
So, Apple has now acknowledged the Masque Attack method and has dedicated a page on its support website, citing the dos and don'ts of installing enterprise apps from a 3rd party website. Here's a synopsis: If you see the “Untrusted App Developer” warning prompt – click “Don't Trust” and get the app out of your phone faster than you throw a burning coal off of your lap.
On the matter, Apple told the guys over at iMore:
So there you go kids. Don't go following a shady message that reads "OMG, this game is wayy better than Flappy Bird *questionable link here*" and you should be fine.
source: Apple via iMore