Phishing Scammer Takes Google & Facebook for Millions

By ASR Staff,

Since most computer users have learned to be wary of Nigerian princes who come bearing inheritance money, scammers have learned to be more sophisticated and more brazen, as demonstrated in March when both Google and Facebook were conned out of millions of dollars. 

The phishing scheme was conducted over the course of almost two years, from 2013 through 2015, at which time employees of both Google and Facebook wired money to multiple overseas bank accounts. The Lithuanian man orchestrating the long con, Evaldas Rimasauskas, masqueraded as Quanta Computer, an electronics manufacturer based in Taiwan that both computer online companies use legitimately, and they sent him a combined total of over $100m.

The FBI apprehended Rimasauskas, age 48, and the Department of Justice has formally charged him with three counts of money laundering, wire fraud and aggravated identity theft.

How could one man pull all of this off? His plan was as clever as it was nefarious. Rimasauskas created a Latvian company and named it Quanta Computer, the same name as the Quanta Computer based in Asia that both Facebook and Google use. After registering and incorporating his company, he opened and managed several bank accounts in Latvia and Cyprus.

With his fake identity legitimately established, he commenced sending the fraudulent phishing emails to agents and employees of Facebook and Google. Pretending to be an agent of the Taiwan-based Quanta Computer, Rimasauskas informed the victim companies that the bank account numbers had changed and directed them to send payment to the Latvian and Cyrus-based bank accounts that bore the Quanta Computer name but were registered to Rimasauskas. Since the emails emulated the same appearance as the actual Quanta Computer, and because Facebook and Google agents were accustomed to paying out multi-million dollar invoices, Rimasauskas’ scheme succeeded in tricking the companies completing the instructions to wire money.

Immediately after receiving the funds, Rimasauskas quickly wired money into various bank accounts in multiple locations worldwide, from Latvia to Hong Kong. To maintain the scheme, Google and Facebook received forged invoices that claimed to be from executives of the actual Quanta Company — they even included the Taiwan-based company’s embossed corporate stamps that Rimasauskas had forged — instructing billing agents to submit payments to banks to cover funds transmitted via wire transfer that had been fraudulent.

Understandably, this case has companies and individuals alike up in arms and concerned that cyber criminals are capable of such sophisticated attacks. Even cyber security teams are daunted. In fact, according to a survey of more than 460 cyber security practitioners and managers, confirming the number of breaches of organizational and individual data is impossible, and the methodologies of cyber attacks are becoming more complex, sophisticated and more difficult to detect. In 2016, of respondents in the same survey, 75 percent expected to be victimized in a cyber attack that year, and 42 percent admitted that they believed their teams were only capable of thwarting “simple incidents only.”

The common outcry is that if industry moguls like Facebook and Google can be scammed through a phishing scheme then it seems that anyone can. With the progression of the craftiness of cyber criminals, it is now more important than ever for both companies and individuals to take steps to protect themselves.

There are many options for ensuring identity protection. Individuals can:

  • Call to verify all invoices. If a letter or email is received indicating a change in banking or billing, call the company. Do not use the phone number in the currently-received letter, but rather the old phone number on file.
  • Employ an identity theft protection agency that provides protection on a “pro-active” basis, and offers advanced internet monitoring for identity theft and for lost wallet. Other vital protection measures include fraud protection through credit alerts, address monitoring, intuitive threat detection and 24/7 live personal service.
  • Type the URL. Instead of clicking the URL link in a correspondence, type the URL into a new tab. Often a different link could be embedded in a safe-looking URL.
  • Enhance computer security. Check that all firewalls and security software packages are up-to-date and make sure all computers in use have the latest security patches. Conduct financial transactions on a secure website, one that uses encryption. If a site is secure, there will be a closed padlock icon in the status bar and the URL link will begin with “https” not “http.”

As evident from this latest phishing scheme, cyber thieves will try anything in this modern, computerized world, so companies and individuals must do everything to protect themselves.

Was this article helpful?

Yes

Comments are closed.