By Jonathan Davies

Security experts are warning iCloud users against an email scam following the leak of hundreds of nude images of celebrities including Jennifer Lawrence, Kate Upton and Arianna Grande.

Online security firm, Symantec, believes criminals are now targeting iCloud users, claiming to be Apple support. Users are asked to confirm their log in details as a safety measure following the leak of celebrity images, but the information goes to the hackers, rather than Apple.

In a blog post, Symantec's Satnam Narang said: “In addition to email scams, some users may be the recipients of a text message claiming to be from Apple Protection or another privacy or security group within Apple.

“The text claims that an unauthorized attempt to sign-in to the users’ iCloud account was detected and they need to respond back with their Apple ID and password or have their account locked out. This type of scam is what’s known as SMSishing (SMS/text phishing).”

Earlier today (Tuesday) the FBI and Apple announced they are investigating the hacking.

Laura Eimiller, a spokesperson for the FBI, said the Bureau is “aware of the allegations concerning computer intrusions and the unlawful release of material involving high profile individuals, and is addressing the matter”.

“Any further comment would be inappropriate at this time,” she said in a statement.

Apple spokeswoman Natalie Kerris said the company is “actively investigating” the hacks, while Lawrence’s spokesperson stated on Monday that “the authorities have been contacted and will prosecute anyone who posts the stolen photos of Jennifer Lawrence”.

The FBI has previously investigated leaked images of celebrities like Scarlett Johansson, Mila Kunis and Christina Aguilera, all of which resulted in convinctions.

The likes of actress Jennifer Lawrence, model Kate Upton and musician Arianna Grande were among more than 100 victims targetted by the alleged hack of iCloud. Some claimed the alleged images of them are fake, Jennifer Lawrence admitted the photos are real but described the incident as a “flagrant violation of privacy”.

The anonymous hacker, who uploaded the images to 4Chan, a website notorious for shady uploads, claims to have hacked iCloud, although other theories suggest they may have been lucky to guess password and answers to security questions.

Mike Ellis, CEO and digital identity expert at ForgeRock, said:

"Big businesses as well as large, trusted government organisations need to manage vast and growing numbers of employee and customer digital identities. As we enter the digital transformational era this kind of crisis is only going to get worse. Global brands and large organisations that fail to take the right steps to address the growing complexity of identity relationship management risk not just a big dent in their reputation and trust, as iCloud is surely likely to face, but serious commercial or social consequences too as customers switch to more trusted brands or switch off entirely altogether. This example is just the tip of the iceberg and must be addressed sooner than later.”

Netflix customers have also been warned against a separate, but very similar email scam.

Are you concerned about cyber security? You can email your reactions to

Join us on
Follow @freshbusiness