A Cyber Scammer Tricked Facebook and Google into Wiring Away Millions. Still Think You’re Not a Target?
Some cyber fraud schemes are elaborate. Some are eerily simple. This one clearly gets categorized in the latter category.
A Lithuanian man, Evaldas Rimasauskas, pleaded guilty to stealing more than $100 million from tech giants Facebook and Google simply by asking for the money via email. Rimasauskas and associates posed as a Taiwan-based company called Quanta Computer and sent invoices to the companies. And the companies paid.
The New York Times explains: “After money was wired from the tech companies to the bank accounts in Cyprus and Latvia, the Justice Department said in its statement, Rimasauskas ‘caused the stolen funds to be quickly wired into different bank accounts in various locations throughout the world, including Latvia, Cyprus, Slovakia, Lithuania, Hungary and Hong Kong.’ The statement added that he also helped to supply banks with forged documents to explain the large transfers of money.”
Did they nab the ring leader?
It’s hard to say. Rimasauskas was “far from a major actor” in the scheme, according to his lawyer Paul D. Petrus Jr.
Rimasauskas claims that he simply opened the bank accounts and did nothing with them afterward. Still, he agreed to forfeit $50 million and could face up to 30 years in prison.
If the biggest tech companies in the world can succumb to cyber scams, so can you. It’s likely that Facebook and Google employ some of the greatest minds in cyber security — yet a simple scheme like this one was still remarkably effective.
Did Facebook and Google get their money back?
Pretty much. As the New York Times put it, “In emailed statements on Sunday, Facebook said the company had ‘recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation,’ and Google said it had ‘detected this fraud and promptly alerted the authorities. We recouped the funds and we’re pleased this matter is resolved.’ ”
Why this should scare you …
Facebook and Google may have gotten their money back, but that’s not always the case.
And if the biggest tech companies in the world can succumb to cyber scams, so can you. It’s likely that Facebook and Google employ some of the greatest minds in cyber security — yet a simple scheme like this one was still remarkably effective.
That’s because email is becoming an increasingly important tool for scammers. Sometimes, all it takes is a slight variation of an email address to appear legitimate at a glance. Think about it, [email protected] looks really similar to [email protected] — especially to a busy person skimming through a mountain of unread email.
The FBI reported that business email compromise (BEC) has increased 1,300 percent since January 2015 — with losses in excess of $3 billion.
“Carried out by transnational criminal organizations that employ lawyers, linguists, hackers and social engineers, BEC can take a variety of forms. But in just about every case, the scammers target employees with access to company finances and trick them into making wire transfers to bank accounts thought to belong to trusted partners — except the money ends up in accounts controlled by the criminals.”
Don’t expect cyber crime to subside anytime soon either.
In fact cyber criminals are now pocketing an estimated $1.5 trillion annually. That’s five times the approximate cost of natural disasters in 2017 and $500 billion more than U.S. insurance industry net premiums written in 2017. In the United States, 17 million Americans lost $18 billion to cyber scammers in 2018. People are even hacking medical devices like defibrillators.
If you think your “cyber” policy covers you for any and all losses related to a computer, you’re sorely mistaken. &