A man, who posed as an Apple customer support representative, has been sentenced to three years and one month in a federal prison after breaking into the accounts of rappers, as well as NBA and NFL players.
Kwamaine Jerell Ford’s fraudulent scheme ran from at least as early as March 2015 until about March 2018, and saw the 27-year-old from Dacula, Georgia, try to obtain the iCloud passwords of his victims.
Ford broke in to over 100 iCloud accounts after sending out emails from the email addresses firstname.lastname@example.org and email@example.com, designed to spoof legitimate Apple customer service accounts.
In the emails Ford would claim to his intended victim that their account had been locked, and that they had to reconfirm their login credentials (including the answers to their security questions) in order to regain access.
On some occasions Ford even went so far as to call his victims, posing as an Apple employee, and requested that his victim provide their passwords and other credentials over the telephone.
Unfortunately, Ford’s victims failed to spot anything suspicious in the emails, or the addresses that they had been sent from.
With the stolen credentials, Ford would reset his victims’ account passwords to lock them out and used the personal identifiable information he was able to access, including credit card details, to purchase goods and services and transfer money into accounts under his own control.
Quite why Ford focused his attention on defrauding high-profile professional athletes and rappers is unclear, but his attacks certain bore fruit.
In a three-year period, Ford spent $322,567 using the stolen credit card numbers. His purchases included flights, car travel, hotels, restaurants, and cash transfers to his online financial accounts.
Last week, Ford was sentenced to three years and one month in prison to be followed by three years of supervised release, for computer fraud and aggravated identity theft. In addition he has been ordered pay US $697,270 in restitution.
“In today’s high tech world, citizens entrust their personal information to a number of service providers and expect that information to be protected,” said the appropriately-named FBI special agent Chris Hacker. “Unfortunately, identity thieves are becoming more creative and more devious. But the FBI’s dedicated agents are determined to keep up with that devious creativity to protect our citizens and bring suspects like Ford to justice.”
Remember to always be suspicious of any website that asks you to confirm your login credentials, as it might have been designed with phishing in mind. Be even more cautious if an actual human asks you to confirm your passwords over the phone.
And, wherever possible, enable two-factor authentication to have an additional layer of security for your online accounts should your password accidentally fall into the hands of an unauthorised party.
*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Graham Cluley. Read the original post at: https://hotforsecurity.bitdefender.com/blog/icloud-account-hacker-jailed-for-three-years-after-preying-on-rappers-and-sports-celebrities-21420.html