Man steals hundreds of thousands of personal pictures from people’s iPhones by pretending to work for Apple

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

A man stolen hundreds of thousands of personal photos and videos from people’s iPhones, the FBI has said.

The hacks were an attempt to steal nude photos of women, with targets being suggested over the internet, according to a report in the Los Angeles Times.

The hacker posed as an Apple customer service representative to gain access to people’s iCloud photos, the report said. Once he had, he would steal images and then make them available to people online.

As such, Apple’s servers themselves were not hacked, and they stayed securely within iCloud. But because victims were tricked into handing over their logins, the hacker was able to gain access to those iCloud accounts and steal the photos.

In all, the attacker had successfully gathered images and videos of 306 victims, and amassed them into a collection of 620,000 photos and 9,000 videos, the FBI said. They were then hosted on Dropbox so that they could be more easily shared.

The case recalls the infamous iCloud photo hack which saw celebrities targeted for access to their photos online, which were then stolen and then distributed over the internet.

Apple’s website notes that scammers will often impersonate the company and pretend to be from its support hotline, often in convincing ways. It also notes that attackers could use fraudulent emails, fake promotions, or unwanted calendar invitations to try and find a way into getting people to share information or hand over money.

Among other advice, its website urges people to refuse to engage with any calls they suspect of being malicious. “If you get an unsolicited or suspicious phone call from someone claiming to be from Apple or Apple Support, just hang up,” Apple advises.

Such calls can use fake Caller ID to give the impression they are calling from Apple and “often claim that there’s suspicious activity on your account or device to get your attention”. Attackers might use flattery or threats to trick people into handing over information or money.