Amir Hossein Golshan, 25, was sentenced to eight years in jail by a Los Angeles District Courtroom and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, service provider fraud, help fraud, account hacking, and cryptocurrency theft.
Golshan pleaded responsible on July 19, 2023, for hijacking the Instagram account of a outstanding social media influencer. He additionally confessed to finishing up a collection of schemes from April 2019 to February 2023.
“From at the least April 2019 to February 2023, Golshan knowingly executed a number of on-line schemes to defraud lots of of victims via varied on-line scams and unauthorized intrusions into victims’ digital accounts, together with social media account takeovers, Zelle fee fraud, and impersonating Apple help,” reads the U.S. Division of Justice announcement.
“In complete, Golshan’s total scheme brought on roughly $740,000 in losses to lots of of victims over a number of years.”
Golshan tried to cover his id through the use of VPN (digital personal community) instruments and a number of account names. Over time, he reportedly honed his craft to orchestrate more and more extra subtle on-line crimes.
By way of social engineering, Golshan satisfied carriers, together with T-Cell, to switch cellphone numbers from official subscribers to his SIM playing cards. This allowed him to bypass SMS-based two-factor authentication (2FA) and hijack social media accounts.
In a single high-profile case from December 2021, he hijacked the Instagram account of a Los Angeles-based mannequin via SIM swapping after contacting her from a hijacked buddy’s account.
Subsequent, he abused his entry to the account through the use of it to message lots of her associates, asking them to ship cash to Zelle and PayPal accounts he managed.
Moreover, Golshan extorted the mannequin for $2,000, threatening to delete the social media account he had hijacked.
In different circumstances, Golshan marketed Instagram verification providers, duping victims into sending him funds starting from $300 to $500 in alternate for a verification badge on their accounts.
By way of the above schemes, it’s estimated that Golshan made $82,000 from roughly 500 victims.
Later, in August 2022, the prolific scammer posed as Apple Help personnel to realize unauthorized entry to Apple iCloud accounts.
He deceived victims into believing he would improve their account safety, tricking them into sharing their six-digit safety code, enabling the scammer to bypass current protections.
By accessing different individuals’s iCloud storage, Golshan was in a position to steal digital belongings, together with $319,000 price of NFTs and $70,000 price of cryptocurrency. The scammer resold these belongings on an NFT market inside 24 hours for $130,000.
To defend in opposition to SIM swapping assaults, activate quantity porting safety in your service, use a bodily safety key or authenticator app as a substitute of SMS, and restrict the delicate info you share on-line.
The Federal Communications Fee (FCC) has not too long ago adopted new guidelines to guard shoppers from SIM-swapping assaults, making fraudulent quantity transfers tougher.