14 DAY TRIAL // The FBI kicked off the investigation of the massive photo leaks from Apple iCloud accounts of female celebrities and started by checking for phishing attacks, since this is one of the most used methods to collect account login information.
The law enforcement agency looks into phishing attempts on at least four victims (Kate Upton, Mary Elizabeth Winstead, Jennifer Lawrence, and Lea Michele) of the celeb photo leak incident, inside sources told TMZ.
They may have fallen for one of the oldest scams in the book and may have been tricked into signing into bogus websites claiming to be for Apple services, delivering the Apple ID account credentials straight to the perpetrators.
Some of the celebrities did not fall into the trap and avoided replying to the fraudulent messages.
On Wednesday, Denise Richards tweeted that she was targeted by the crooks through emails asking for the keys to her account. It is unclear though what online services were targeted, but given the leaked photos scandal, it's possible that the actress/model referred to Apple’s.
“had over 10emails sent 2 me asking for my password & if I didn't reply with the info my accounts would be shut down good thing I didn't send,” reads her tweet.
Another star who avoided falling for the phishing trick is Eva Longoria, who told Access Hollywood that her Apple account was broken into frequently. “I've had a lot of problems of people breaking into my email,” she said.
The celebrity also revealed receiving unsolicited phone calls from stores, one caller saying they were working at Apple Store in San Antonio, probably with the purpose of obtaining her username and password.
It is unclear at the moment what was the exact method used by the perpetrators to steal the photos of the celebrities, but looking into phishing attempts is a good starting point.
On Monday, the FBI released a statement announcing their involvement in the matter, but did not offer any clues about the course they were taking.
Apple also started to revise the security measures against unauthorized access to their service.
If the hackers are identified and arrested, they could face sentences of many years in prison. In 2010, a man from the Chicago area was sentenced to two and a half years of jail time for recording a video of television personality Erin Andrews changing in a hotel room.
The photos depicting the unclothed celebrities were published on Sunday evening on anonymous boards such as 4Chan and AnonIB. Some of the posts have been deleted as a protection measure for the websites to avoid unnecessary legal battle.
had over 10emails sent 2 me asking for my password & if I didn't reply with the info my accounts would be shut down good thing I didn't send
— Denise Richards (@DENISE_RICHARDS) September 3, 2014