Security researchers at SPI Labs Inc. are warning iPhone owners not to use a special feature allowing you to dial phone numbers over the Internet using the iPhone’s Safari browser.

While this feature was created for our convenience, it’s also very easy for attackers to exploit a bug in this feature to trick unknowing victims into dialing expensive “900” numbers or even keep track of phone calls made over the Web.

“Because this vulnerability can be launched from Web sites, everybody who has an iPhone has the potential to get exploited,” Hoffman said. Hoffman also warns that, “The iPhone could even be stopped from dialing out, or set to dial out endlessly.”

SPI says it is working with Apple to create a fix.

Security firm: Don’t use iPhone Web dialer [Via InfoWorld]