A Los Angeles man has pleaded guilty to using SIM swapping to perpetrate multiple cybercrime schemes targeting hundreds of victims.
Between April 2019 and February 2023, the man, Amir Hossein Golshan, 24, engaged in account takeovers, Zelle payment fraud, and Apple support impersonation, causing roughly $740,000 in losses to his victims.
According to the plea agreement, in December 2021, relying on SIM swapping – a technique in which a threat actor convinces a phone carrier to transfer a phone number to a SIM card in the attacker’s control – Golshan took over the Instagram account of an influencer with over 100,000 followers.
Using the unauthorized access to the account, he contacted the victim’s friends impersonating the influencer, asking them to send money via Zelle, PayPal, and other platforms, obtaining thousands of dollars from the unsuspecting victims.
He also locked the influencer out of her accounts and sent her messages demanding a $2,000 ransom for returning control of the accounts.
According to the plea agreement, Golshan admitted to using SIM swapping against two other victims in January 2022. After taking control of one of the victims’ social media accounts, he demanded a $5,000 ransom, threatening to release personal videos and photos.
Golshan targeted roughly 500 individuals in SIM swapping and Zelle fraud schemes, receiving approximately $82,000 in payments from his victims.
Court documents show that the defendant also impersonated Apple support personnel to gain access to victim accounts and steal NFTs, cryptocurrency, and other digital goods, defrauding five victims of between $2,000 and $389,000 each.
Golshan pleaded guilty to unauthorized computer access, access to a computer to defraud, and wire fraud. Scheduled for sentencing on November 27, he faces up to five years in prison for the computer access counts and up to 20 years in prison for wire fraud.