Recently I was made aware of a popular mobile phone spyware that stated it could be used on "non-jailbroken" iPhones. Since this is down my alley, I decided to look into it. As I researched the software, I noticed that it required the proposed iPhone users iCloud log in credentials. "Ah Ha!", I thought, "now I know what's going on!" You see, I've tested another software just like this before, only it was under another name.
What is happening is this....many iPhone users have their iPhones connected to Apple's iCloud. The iCloud will backup many of the features the user uses on their iPhone such as contacts, pictures, location, call history, etc.. So what this spyware does is after it logs into the victim's iCloud account, the software will scarf up all the data there and then report back to the spyware servers all the items I just listed. All the "bad guy" has to do is log in to the spyware's server and look at all the collected data. And the iPhone user will have no clue how it happened.
Will this spyware show up on the iPhone? NO! And that's the "beauty" (if I may use that word) of this type of spyware. You won't see it.
So what should an iPhone user do to protect their phone and data? The answer may not be what you want to hear, but it's this: have a very strong password. Your security is as strong as your password, simple as that. I don't make the rules so don't shoot the messenger. And do NOT give out your iCloud credentials to anyone.
If you need privacy, you will not get it without taking some precautions. Do not leave your phone lying around and do not give out your passwords. That's a start.
Keep them to yourself.