Wednesday, December 25, 2024
HomeCyber AttackSerial ‘SIM Swapper’ Sentenced to Eight Years in Prison

Serial ‘SIM Swapper’ Sentenced to Eight Years in Prison

Published on

SIEM as a Service

In a digital age marred by deceit, 25-year-old Amir Hossein Golshan stands as a testament to the dark underbelly of cyberspace. 

Hailing from downtown Los Angeles, Golshan’s intricate orchestration of fraudulent schemes has earned him a federal prison sentence of 96 months. 

His exploits, spanning from April 2019 to February 2023, encompassed a range of online scams, leaving a trail of financial ruin and emotional turmoil for countless victims.

- Advertisement - SIEM as a Service

Golshan’s arsenal included the sophisticated tactic of SIM swapping, a method by which he coerced mobile carriers into transferring victims’ phone numbers to SIM cards under his control. 

This cunning maneuver granted him unauthorized access to victims’ online accounts by intercepting two-factor authentication codes.

Document
Free Webinar

Live API Attack Simulation Webinar

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked. The session will cover: an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Social Media Subterfuge

Venturing into the realm of social media, Golshan seized control of victims’ accounts, leveraging them for nefarious ends, reads the Attorney’s report.

Impersonating the account owners, he manipulated friends and followers, coercing them into unwittingly participating in money transfers that lined his pockets.

Golshan’s deceptive prowess extended to falsely advertising non-existent Instagram services, ensnaring individuals who believed in his deceptive offerings. 

The financial fallout of his fictitious promises resulted in unsuspecting victims sending payments for services that were never intended to materialize.

Apple Support Artifice

Pretending to be a representative of Apple Support, Golshan artfully deceived victims into divulging their iCloud account credentials. 

Armed with this information, he orchestrated thefts of valuable digital property, including NFTs and cryptocurrency, plunging victims into the heart of the digital abyss.

Golshan’s fraudulent escapades exacted a heavy toll, with victims collectively losing a staggering $740,000. 

Beyond the monetary impact, the emotional distress inflicted upon his targets left them grappling with vulnerability, fear, and anxiety in the aftermath of his calculated attacks.

Facing the consequences of his actions, Golshan pleaded guilty to federal charges, including unauthorized access to protected computers, wire fraud, and computer fraud to obtain value. 

Alongside a 96-month prison sentence, he was ordered to pay $1,218,526 in restitution to his victims, underscoring the severity of his transgressions.

Golshan’s case serves as an ominous reminder of the escalating threat posed by online fraud. 

As society leans more heavily on digital platforms, a call to exercise caution reverberates. 

The digital landscape demands proactive steps to protect oneself, from refraining from sharing personal information with unverified sources to staying vigilant against the latest online scams and threats.

In this era of interconnectedness, the tale of Amir Hossein Golshan serves as a stark wake-up call, urging individuals to fortify their digital defenses against the ever-evolving specter of cyber deception.

Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store,...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...