Archive

iCloud account hacker jailed for three years after preying on rappers and sports celebrities

iCloud account hacker jailed for three years after preying on rappers and sports celebrities

A man, who posed as an Apple customer support representative, has been sentenced to three years and one month in a federal prison after breaking into the accounts of rappers, as well as NBA and NFL players.

Kwamaine Jerell Ford’s fraudulent scheme ran from at least as early as March 2015 until about March 2018, and saw the 27-year-old from Dacula, Georgia, try to obtain the iCloud passwords of his victims.

Ford broke in to over 100 iCloud accounts after sending out emails from the email addresses applemememberservices@usa.com and apple_customer@usa.com, designed to spoof legitimate Apple customer service accounts.

In the emails Ford would claim to his intended victim that their account had been locked, and that they had to reconfirm their login credentials (including the answers to their security questions) in order to regain access.

On some occasions Ford even went so far as to call his victims, posing as an Apple employee, and requested that his victim provide their passwords and other credentials over the telephone.

Unfortunately, Ford’s victims failed to spot anything suspicious in the emails, or the addresses that they had been sent from.

With the stolen credentials, Ford would reset his victims’ account passwords to lock them out and used the personal identifiable information he was able to access, including credit card details, to purchase goods and services and transfer money into accounts under his own control.

Quite why Ford focused his attention on defrauding high-profile professional athletes and rappers is unclear, but his attacks certain bore fruit.

In a three-year period, Ford spent $322,567 using the stolen credit card numbers. His purchases included flights, car travel, hotels, restaurants, and cash transfers to his online financial accounts.

Last week, Ford was sentenced to three years and one month in prison to be followed by three years of supervised release, for computer fraud and aggravated identity theft. In addition he has been ordered pay US $697,270 in restitution.

“In today’s high tech world, citizens entrust their personal information to a number of service providers and expect that information to be protected,” said the appropriately-named FBI special agent Chris Hacker. “Unfortunately, identity thieves are becoming more creative and more devious. But the FBI’s dedicated agents are determined to keep up with that devious creativity to protect our citizens and bring suspects like Ford to justice.”

Remember to always be suspicious of any website that asks you to confirm your login credentials, as it might have been designed with phishing in mind. Be even more cautious if an actual human asks you to confirm your passwords over the phone.

And, wherever possible, enable two-factor authentication to have an additional layer of security for your online accounts should your password accidentally fall into the hands of an unauthorised party.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.