A judge sentenced Amir Hossein Golshan from Los Angeles to eight years in prison after he used a tactic named 'sim swapping' to take control of victims' online accounts and engage in blackmail.
Sim swapping is one reason using the phone as a two-step factor authentication method is not a good idea. The attacker can take over the phone number using various social engineering tactics and reroute security confirmations to another sim card, bypassing the 2FA measures.
"Amir Hossein Golshan, 25, was sentenced by United States District Judge Otis D. Wright II, who also ordered him to pay $1,218,526 in restitution," said the US Attorney's Office in a press release. "At today's hearing, Judge Wright said Golshan's crimes went 'beyond just money' and that they showed a 'wanton cruelty' that caused the victims to live in a state of 'constant fear and worry.'
Golshan defrauded hundreds of victims from 2019 up to 2023 when authorities finally caught up with him. He managed to take over social media accounts, impersonated Apple support, and was even involved in Zelle payment frauds. In total, the criminal accrued approximately $740,000.
For example, in one of the more significant attacks, he managed to take over the Instagram account of a known influencer and asked for money from people on the friends list, gathering a few thousand dollars. Golshan eventually resorted to blackmail, asking the victim for $2,000 for the return of the account.
"During Golshan's SIM swapping and Zelle fraud schemes, Golshan fraudulently received approximately $82,000 in payments from approximately 500 victims, usually in increments of $300 to $500 per victim," the District Attorney explained.
United States District Judge Otis D. Wright II sentenced Golshan to eight years in prison and ordered him to pay $1,218,526 in restitution.