Amir Hossein Golshan, 25, was sentenced to eight years in jail by a Los Angeles District Courtroom and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, service provider fraud, assist fraud, account hacking, and cryptocurrency theft.
Golshan pleaded responsible on July 19, 2023, for hijacking the Instagram account of a distinguished social media influencer. He additionally confessed to finishing up a collection of schemes from April 2019 to February 2023.
“From not less than April 2019 to February 2023, Golshan knowingly executed a number of on-line schemes to defraud lots of of victims via varied on-line scams and unauthorized intrusions into victims’ digital accounts, together with social media account takeovers, Zelle fee fraud, and impersonating Apple assist,” reads the U.S. Division of Justice announcement.
“In whole, Golshan’s total scheme precipitated roughly $740,000 in losses to lots of of victims over a number of years.”
Golshan tried to cover his identification through the use of VPN (digital personal community) instruments and a number of account names. Over time, he reportedly honed his craft to orchestrate more and more extra subtle on-line crimes.
By means of social engineering, Golshan satisfied carriers, together with T-Cellular, to switch cellular phone numbers from professional subscribers to his SIM playing cards. This allowed him to bypass SMS-based two-factor authentication (2FA) and hijack social media accounts.
In a single high-profile case from December 2021, he hijacked the Instagram account of a Los Angeles-based mannequin via SIM swapping after contacting her from a hijacked pal’s account.
Subsequent, he abused his entry to the account through the use of it to message lots of her buddies, asking them to ship cash to Zelle and PayPal accounts he managed.
Moreover, Golshan extorted the mannequin for $2,000, threatening to delete the social media account he had hijacked.
In different circumstances, Golshan marketed Instagram verification companies, duping victims into sending him funds starting from $300 to $500 in change for a verification badge on their accounts.
By means of the above schemes, it’s estimated that Golshan made $82,000 from roughly 500 victims.
Later, in August 2022, the prolific scammer posed as Apple Assist personnel to achieve unauthorized entry to Apple iCloud accounts.
He deceived victims into believing he would improve their account safety, tricking them into sharing their six-digit safety code, enabling the scammer to bypass present protections.
By accessing different individuals’s iCloud storage, Golshan was capable of steal digital property, together with $319,000 value of NFTs and $70,000 value of cryptocurrency. The scammer resold these property on an NFT market inside 24 hours for $130,000.
To defend in opposition to SIM swapping assaults, activate quantity porting safety in your provider, use a bodily safety key or authenticator app as a substitute of SMS, and restrict the delicate data you share on-line.
The Federal Communications Fee (FCC) has not too long ago adopted new guidelines to guard shoppers from SIM-swapping assaults, making fraudulent quantity transfers tougher.
