A few days ago, the internet ceased to exist on the news that “hackers” had leaked hundreds of nude images of famous female celebrities, notably model Kate Upton and Hunger Games actress Jennifer Lawrence. Initial reports claimed that the leaks were illegally obtained by breaking into the celebs’ cloud storage account, but now the FBI is pursuing a new angle: The possibility of a “phishing” scam.

Phishing is a form of social engineering that criminals use to get access to otherwise confidential information, places or things. Rather than attack the mechanics of a system, social engineering involves exploiting human weakness – our willingness to help one another and comply with requests – to get around security measures. In the case of phishing, it usually involves an email altered to make it as though it was sent from an official source, often asking the target to provide information like usernames and passwords. In reality, the information is collected and then exploited by the phishers.

TMZ reports that in the case of Kate Upton and at least three others, the emails they received were made to look like they came from computer manufacturer Apple.

Phishing has been around nearly as long as the internet itself, though it’s more often used to obtain PII for financial gains, not access to nude photos. According to one source, the hacked accounts included images from over 100 celebrities. Only a portion have been leaked so far; it’s unclear whether the rest ever will if they truly exist.