The U.S. Department of Justice announced that Golshan deliberately ran various online scams and hacked into hundreds of victims’ digital accounts, such as social media, Zelle, and Apple support, from April 2019 to February 2023. His whole scheme cost hundreds of victims around $740,000 in losses over several years.
Golshan used VPN tools and multiple account names to conceal his identity. He also improved his skills to commit more complex online crimes over time.
Golshan tricked carriers, such as T-Mobile, into switching phone numbers from rightful owners to his SIM cards. This let him get past SMS-based two-factor authentication and take over social media accounts.
SIM swapping is a technique used by fraudsters to get control of your phone number by convincing your mobile carrier to activate a new SIM card that they have. With your phone number, they can bypass two-factor authentication and access your online accounts, such as bank accounts, social media accounts, and cryptocurrency wallets.
SIM swapping is a form of identity theft and can cause significant financial and reputational damage to the victims. According to a report by the Federal Trade Commission (FTC), SIM swapping increased by 400% in 2020, affecting more than 29,000 consumers and causing $29.8 million in losses.
Amir Hossein Golshan is one of the most notorious SIM swappers who was recently sentenced to eight years in prison for his crimes. He targeted hundreds of victims, including celebrities, influencers, and models, and stole their money, digital assets, and online identities. He also impersonated Apple support staff and tricked victims into giving him access to their iCloud accounts, where he stole their NFTs and cryptocurrencies.
NFTs, or non-fungible tokens, are unique digital identifiers that are recorded on a blockchain and are used to certify ownership and authenticity of digital content, such as artworks, photos, videos, and music. NFTs have become a popular form of digital collectibles and investments, with some NFTs selling for millions of dollars.
Golshan’s case is one of the first to involve NFT theft, which is a new and emerging threat in the digital space. NFT theft can occur when hackers gain access to the private keys or passwords of the owners, or when they exploit vulnerabilities in the platforms or protocols that host the NFTs.
To protect yourself from SIM swapping and NFT theft, you should take the following steps:
- Activate number porting security on your carrier, which requires a PIN or password to transfer your phone number to a new SIM card.
- Use a physical security key or an authenticator app instead of SMS for two-factor authentication, as they are more secure and less vulnerable to SIM swapping.
- Limit the sensitive information you share online, such as your birthday, phone number, email address, and security questions, as they can be used by scammers to impersonate you or access your accounts.
- Use a reputable and secure crypto wallet or NFT platform, and keep your private keys or passwords safe and offline. Do not share them with anyone or enter them on suspicious websites or apps.
- Monitor your online accounts and phone activity regularly, and report any suspicious or unauthorized transactions or changes to your carrier, bank, or platform.