It’s a scam. Do not interact with the message - or click any links. If the message is a pop-up window or appears in you browser, just close the window or browser tab. If email, delete the message.
Due to the system architecture of iOS/iPadOS, unless jailbroken (don’t go there!), your iPad is not susceptible to traditional malware infection per-se. However, as with all computer systems, there are still vulnerabilities and exploits to which you remain vulnerable.
There is one potential source of immediate risk that you would be well advised to check - this being for a vulnerability that is often exploited that gives the appearance of a malware infection. The exploit involves your iPad/iPhone Calendar - the symptom being your Calendar appearing to have been populated with regular events that warn of malware infection or other dire warnings of doom.
Whilst not a malware infection in the traditional sense, if this exploit is observed on your device, it is highly probable that you were manipulated (via a simple click on a website link) into “subscribing” an additional (unwanted) Calendar to your device - and this unexpected Calendar is exposing unwanted calendar events and sending you unexpected “adverts” or other warnings.
If you see this issue, you’ll need to check for what’s out of place...
iOS/iPadOS13 and earlier: Settings > Passwords and Accounts
iOS/iPadOS14: Settings > Calendar > Accounts
Look for an “account” that shouldn’t be in the list of accounts - as this will likely include the Calendar that contains all the unwanted events. When/if you find the suspect account, tap - then select Delete Account. This should resolve this specific problem in its entirety.
Prevention is better than cure…
Browser-based attacks can largely be mitigated by installing a good Content and Ad-blocking product. One of the very best and most respected within the Apple App Store - designed for iPad, iPhone and Mac - is 1Blocker for Safari.
https://apps.apple.com/gb/app/1blocker-for-safari/id1365531024
1Blocker is highly configurable - and crucially does not rely upon an external proxy-service of dubious provenance. All processing takes place on your device - and contrary to expectations, Safari will run faster and more efficiently.
Unwanted content is not simply filtered after download (a technique used by basic/inferior products), but instead undesirable embedded content blocked from download. A further benefit on metered services, such as cellular connections where you data may be capped or chargeable, this not only improves speed but also saves you money. Recent update of 1Blocker has introduced a “firewall” network-extension that broadens protection to include all network enabled Apps.
A further measure to improve protection is to use a security focussed Recursive DNS Service in preference to automatic DNS settings. This can either be set on a per-device basis in Settings, or can be set-up on your home Router. This measure can significantly reduce of exposure to know exploits - as malicious domains are “sink-holed” such that many exploits will be blocked prior to execution. I strongly recommend using one of the following services - for which IPv4 and IPv6 server addresses are listed:
Quad9 (recommended)
9.9.9.9
149.112.112.112
2620:fe::fe
2620:fe::9
OpenDNS
208.67.222.222
208.67.220.220
2620:0:ccc::2
2620:0:ccd::2
Cloudflare+APNIC
1.1.1.1
1.0.0.1
2606:4700:4700::1111
2606:4700:4700::1001
Use of the above DNS services will help to shield you from “known bad” websites and URLs - and when used alongside 1Blocker, or other Content Blocker provides defense in depth.
There are advanced techniques to further “harden” iOS/iPadOS, but these are perhaps beyond the immediate skills of novice users.
I hope this information and insight proves to be helpful.
