BALTIMORE (WJZ) — A Timonium man was sentenced last week to serve two years in federal prison, followed by one year of supervised release after pleading guilty to aggravated identity theft, in connecting with schemes to use the identity information of victims to steal digital currency and social media accounts.

Jordan K. Milleson, 20, also has to pay restitution of more than $34,300, according to the statement from the Maryland U.S. Attorney’s Office.

READ MORE: Victory Villa Elementary School Closes For Power Outage

Since at least September 2017, Milleson was a hacker who accessed computers, networks and electrometric accounts without permission to perpetrate his schemes, according to the statement.

Milleson set up Internet domains and fraudulent websites, designed to appear to be legitimate websites belonging to wireless providers, but which were intended to steal account credentials and enabled Milleson and his co-conspirators to access unsuspecting victims’ electronic accounts without authorization.

He used techniques such as phishing and vishing to deceive victims into visiting the fraudulent websites and providing their credentials to access their electronic accounts.  Victims of phishing attacks were generally contacted by e-mail, phone, or text message by persons purporting to be from reputable companies in order to induce the victims to reveal confidential information.

READ MORE: COVID-19 In Maryland: Over 1,400 New Cases Reported, Hospitalizations Dip Below 800

Milleson admitted to authorities he and his co-conspirators used electronic account credentials stolen from employees and affiliates of wireless providers to access those companies’ computer networks without authorization. Milleson took over individual victims’ wireless accounts through “SIM swapping,” whereby customers’ mobile numbers, which are linked to unique subscriber identity modules (“SIM”), were instead linked to a SIM installed in a device controlled by Milleson or his co-conspirators.  Once Milleson gained control over the victims’ mobile phone numbers, he was often able to also gain unauthorized access to the victims’ other electronic accountsincluding e-mail, social media, and cryptocurrency accounts.  Milleson and his co-conspirators changed the passwords to the accounts to prevent the victims from accessing their own accounts.

One of Milleson’s victims lost all social media followers on one account and could not advertise to them, losing brand deals, the proceeds of which had been used to pay for college tuition, transportation and groceries.

Milleson admitted that he and his co-conspirators used electronic account credentials stolen from employees and affiliates of wireless providers to access those companies’ computer networks without authorization.  After obtaining access to these networks, Milleson took over individual victims’ wireless accounts through “SIM swapping,” whereby customers’ mobile numbers, which are linked to unique subscriber identity modules (“SIM”), were instead linked to a SIM installed in a device controlled by Milleson or his co-conspirators.  Once Milleson gained control over the victims’ mobile phone numbers, he was often able to also gain unauthorized access to the victims’ other electronic accountsincluding e-mail, social media, and cryptocurrency accounts.  Milleson and his co-conspirators changed the passwords to the accounts to prevent the victims from accessing their own accounts.

MORE NEWS: Maryland Weather: Severe Thunderstorm Warnings Issued, Flooding Reported Across Region

When investigators reviewed devices seized during a search of Milleson’s home following the indictment, they found several digital currency accounts, login credentials and passwords belonging to some of his victims, according to the statement. They also recovered messages between Milleson and his co-conspirators detailing their methods.

CBS Baltimore Staff