Lithuanian Man Pleads Guilty to Scamming $100 Million From Facebook & Google
Evaldas Rimasauskas pleaded guilty to scamming Facebook & Google out of $100 million. How did he do it? Rimasauskas emailed them and asked for it. The scheme took place between 2013-2015.
How the phishing scam worked
According to the U.S. Attorney’s Office of the Southern District of New York, in 2016 Rimasauskas created a company that posed as Taiwan-based Quanta Computer. Rimasauskas was the “sole member of the board of directors” of this fake company and bank accounts were set up in Latvia and Cyprus. In the scam, fake email accounts were set up to mimic employee email addresses of Quanta Computer. Both Facebook and Google regularly do business with Quanta Computer in which multimillion-dollar transactions are exchanged. The phishing emails included fake invoices to employees of the tech giants.
Over the course of 2 years, Facebook and Google employees paid out over $100 million of fake invoices to Rimasauskas and his cohorts. In order to avoid suspicion from banks, Rimasauskas created forged invoices, contracts, and letters signed as executives and agents of Facebook & Google. According to Barracuda Networks, “These evolving and sophisticated attack techniques, designed to fool employees, put your business at risk for data loss, financial fraud, and embarrassing exposure.
How to Protect Your Business
How can one man halfway across the world trick huge tech giants into paying over $100 million dollars in a 2-year period? Facebook and Google are not the only companies who have been tricked into paying out fraudulent invoices and claims. In June of 2018, an Indiana couple used fake email addresses to scam Amazon out of $1.2 million. Phishing attacks against businesses are on the rise:
- Phishing attempts have grown 65% in the last year
- Around 1.5m new phishing sites are created each month (Webroot)
- 76% of businesses reported being a victim of a phishing attack in the last year
- The average financial cost of a data breach is $3.86m (IBM)
Companies like Facebook, Google, and Amazon have the financial means to absorb these cyber attacks. For small and midsize businesses, these attacks can be devastating. The good news is, with the use of proper technology and training, phishing emails can be monitored and eliminated. Technology such as Artificial Intelligence (AI) engine learns each organization’s unique communication patterns and leverages these patterns to identify anomalies and quarantine phishing attacks in real-time.
Accellis Technology Group provides technology and training to help prevent phishing attacks from becoming successful. Do not let cybercriminals win. Fill out the form below and talk with one of our cybersecurity experts today!