Massive Facebook and Google Scam
All types of cyber-attacks are on the rise and not just in America. Companies all over the world are having to deal with cyber thieves. Thieves work constantly coming up with new ways to infiltrate even the best networks. This ongoing problem is being illuminated by a recent arrest involving a Lithuanian man.
Just recently, an indictment was handed down by the U.S. Attorney for the Southern District of New York for Evaldas Rimasauskas and other co-conspirators who remain unnamed. These criminals set up a company in Latvia called Quanta Computer, which is an authentic hardware manufacturing company based in Taiwan. They were able to create invoices, corporate logos, contracts and letters that looked exactly like what a business person might expect to see from Quanta Computer.
Next, they went to work creating fake emails—again these were difficult to spot as false. These cyber thieves did their homework. Over the course of several years, they fraudulently bilked Google and Facebook out of millions of dollars. They sent dummy invoices from 2013 to 2015 to both companies, tricking them into paying for products and services that they never received.
The Cyber Thief Is Caught!
The 50-year-old cyber thief was extradited to New York in 2017, where he pled guilty to one count of wire fraud agreeing to forfeit $49.7 million. His sentencing will take place in July of 2019. He could face up to 30 years in prison for his crimes.
The Department of Justice alleged that Rimasauskas was the recipient of wire transfers to numerous bank accounts throughout Cyprus, Latvia, Slovakia, Hong Kong, Lithuania, and Hungary. These payments were set up to launder the money so it could not be traced back to its origins.
After extensive questioning, Evaldas Rimasauskas admitted to devising the elaborate scheme. U.S. Attorney Geoffrey Berman said that “Rimasauskas thought he could hide behind a computer screen halfway across the world while he conducted his fraudulent scheme, but as he has learned, the arms of American justice are long, and he now faces significant time in a U.S. prison.”
The company owners of Quanta Computer have not commented but historically, phishing scams like this do harm innocent victims. Often a company will face a marked decline in business if their name is associated with any type of scandal or phishing scam.
Did Google & Facebook Get Their Money Back?
Though the indictment doesn’t name Google and Facebook specifically, the two tech giants have confirmed to some news sources that they are Victim-1 and Victim-2, respectively.
A Bloomberg report says that “The scheme netted about $23 million from Google in 2013 and about $98 million from Facebook in 2015, according to a person familiar with the case.” Spokespeople from both companies have stated that they’ve recouped all or most of their losses from the scam.
What Type Of Email Scam?
This type of scam is known as a Business Email Compromise. The FBI has warned business owners that this type of scam is up by 1,300 percent in the last 3 years. This is due in part to how easy it is these days to falsify records. Cybercriminals can craft an email that looks exactly like it came from Apple or Microsoft. When consumers see a reputable company is involved, they often let their guard down.
Though companies don’t always report their losses to the FBI, it is estimated that American businesses are now being bilked out of several billion dollars each year from fraudulent phishing scams.
Another Major Data Breach?
A massive collection of compromised emails and passwords was discovered last year. It’s being referred to as Collection #1 and contains 773 million records, making it one of the largest data breaches to date. It’s almost become common to hear of major data breaches like this where the names and information of millions of consumers are exposed. Though it is so common, Americans cannot get complacent about cybersecurity.
At Radius Executive IT Solutions, we encourage our clients to take a proactive, layered approach to cybersecurity. This includes:
- Simulated phishing campaigns
- Dark Web scanning and monitoring
- Ongoing security training for all employees
- Enterprise-grade firewalls and antivirus
- Apply patches and updates regularly
This is just the short-list! Good cybersecurity doesn’t just happen. It takes a strong, ongoing approach that looks at every angle to see where a data breach could occur. As we move into the future, it will be more important than ever to maintain the highest level of cybersecurity that your company can afford.
How Can Breach Secure Now! Help?
Breach Secure Now! and Radius Executive IT Solutions feature one of the top security alert and simulated phishing platforms today. 91% of all successful data breaches started with a spear-phishing attack. In spite of all the hype, end-users continue to be the weakest link in cybersecurity. That’s why employee training is so important and that includes the executives at your company.
Breach Secure Now! and Radius Executive IT Solutions will train your employees to better manage threats like social engineering, spear-phishing, and ransomware attacks. This has proven to be one of the most effective ways to avoid becoming the victim of a cyber-attack.
Remember… if it could happen to Google and Facebook, it could darn sure happen to your company!