Amir Hossein Golshan, 25, was sentenced to eight years in jail by a Los Angeles District Court docket and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, service provider fraud, assist fraud, account hacking, and cryptocurrency theft.

Golshan pleaded responsible on July 19, 2023, for hijacking the Instagram account of a distinguished social media influencer. He additionally confessed to finishing up a sequence of schemes from April 2019 to February 2023.

“From at the very least April 2019 to February 2023, Golshan knowingly executed a number of on-line schemes to defraud lots of of victims by varied on-line scams and unauthorized intrusions into victims’ digital accounts, together with social media account takeovers, Zelle fee fraud, and impersonating Apple assist,” reads the U.S. Division of Justice announcement.

“In whole, Golshan’s whole scheme triggered roughly $740,000 in losses to lots of of victims over a number of years.”

Golshan tried to cover his id by utilizing VPN (digital personal community) instruments and a number of account names. Over time, he reportedly honed his craft to orchestrate more and more extra refined on-line crimes.

By social engineering, Golshan satisfied carriers, together with T-Cellular, to switch cellular phone numbers from professional subscribers to his SIM playing cards. This allowed him to bypass SMS-based two-factor authentication (2FA) and hijack social media accounts.

In a single high-profile case from December 2021, he hijacked the Instagram account of a Los Angeles-based mannequin by SIM swapping after contacting her from a hijacked pal’s account.

Subsequent, he abused his entry to the account by utilizing it to message a lot of her pals, asking them to ship cash to Zelle and PayPal accounts he managed.

Moreover, Golshan extorted the mannequin for $2,000, threatening to delete the social media account he had hijacked.

In different instances, Golshan marketed Instagram verification companies, duping victims into sending him funds starting from $300 to $500 in alternate for a verification badge on their accounts.

By the above schemes, it’s estimated that Golshan made $82,000 from roughly 500 victims.

Later, in August 2022, the prolific scammer posed as Apple Assist personnel to achieve unauthorized entry to Apple iCloud accounts.

He deceived victims into believing he would improve their account safety, tricking them into sharing their six-digit safety code, enabling the scammer to bypass current protections.

By accessing different individuals’s iCloud storage, Golshan was capable of steal digital belongings, together with $319,000 price of NFTs and $70,000 price of cryptocurrency. The scammer resold these belongings on an NFT market inside 24 hours for $130,000.

To defend towards SIM swapping assaults, activate quantity porting safety in your service, use a bodily safety key or authenticator app as an alternative of SMS, and restrict the delicate info you share on-line.

The Federal Communications Fee (FCC) has just lately adopted new guidelines to guard shoppers from SIM-swapping assaults, making fraudulent quantity transfers tougher.