A Lithuanian Phisher Tricked Two Big US Tech Companies Into Wiring Him $100 Million

According to a recent indictment from the U.S. Department of Justice, a 48-year-old Lithuanian scammer named Evaldas Rimasauskas managed to trick two American technology companies into wiring him $100 million. He was able to perform this feat "by masquerading as a prominent Asian hardware manufacturer," reports The Verge, citing court documents, "and tricking employees into depositing tens of millions of dollars into bank accounts in Latvia, Cyprus, and numerous other countries." From the report: What makes this remarkable is not Rimasauskas' particular phishing scam, which sounds rather standard in the grand scheme of wire fraud and cybersecurity exploits. Rather, it's the amount of money he managed to score and the industry from which he stole it. The indictment specifically describes the companies in vague terms. The first company is "multinational technology company, specializing in internet-related services and products, with headquarters in the United States," the documents read. The second company is a "multinational corporation providing online social media and networking services." Both apparently worked with the same "Asia-based manufacturer of computer hardware," a supplier that the documents indicate was founded some time in the late '80s. What's more important is that representatives at both companies with the power to wire vast sums of money were still tricked by fraudulent email accounts. Rimasauskas even went so far as to create fake contracts on forged company letterhead, fake bank invoices, and various other official-looking documents to convince employees of the two companies to send him money. Rimasauskas has been charged with one count of wire fraud, three counts of money laundering, and aggravated identity theft. In other words, he faces serious prison time of convicted -- each charge of wire fraud and laundering carries a max sentence of 20 years. The court documents don't reveal the names of the two companies. Though, one could surely think of a few candidates that would fit the descriptions provided in the court documents.

IBM and Microsoft

You're welcome

Re:IBM and Microsoft

"multinational technology company, specializing in internet-related services and products, with headquarters in the United States," that's IBM you fuckwit, Microsoft has social media now that it bought LinkedIn.

Google & Facebook

[xQx]

Okay, so who's the "Asia-based manufacturer of computer hardware," ... founded some time in the late '80s.

Thanks Google. Huawei was founded in 1987.

Podesta didn't fall for it - his "expert" did

[Zontar_Thing_From_Ve]

It reminds me of how people were talking about the Podesta email incident as some massively complex hacking job. It wasn't -- they found out he still used Yahoo Mail and phished him. I can't believe that (a) one of the most powerful political operatives in the Clinton campaign uses Yahoo Mail, and (b) that he fell for it.

Actually the email seemed suspicious to Podesta so he asked his 20-something security "expert" to look at it. Now keep in mind that probably almost all of us know to have a mouse hover over a link in an email to see where it really goes. For example, if a link supposed to go to mycompany.com actually goes to gizshiz.com or mycompanyname.ru, yeah, you should be smart enough to think those are probably not really mycompany.com. The problem was that his "expert" didn't do this. He simply looked at the email, immediately proclaimed it to be legit and insisted that Podesta immediately click on the link and change his password. Insiders refused to name the "expert" or say whether he still has a job. My guess is that he does. But Podesta correctly got suspicious and asked for help, he just put his faith in someone to help him who didn't deserve it. For all the reported use the Democratic Party made of cutting edge analytics when Obama ran for president, they seem to have really weird ideas at the very top about security. I still maintain that had Bill and Hillary used their fortunes to hire real security experts for the foundation's email server and ran something like a hardened form of BSD on it, it could have mitigated a lot of the damage of using a private server, but no, they just had to use some local 2 man operation that was basically a small, local equivalent of Geek Squad and they used them because they were nearby and cheap, not good.

Re:Sentences

[Kiuas]

If the financial institutions knew this was bad paper they wouldn't have kept hundreds of billions of dollars worth of it on their own books.

The institutions responsible for creating said CDOs certainly knew, or at least had all the information required to know. I mean they intentionally took loans they knew would get bad credit rating and then used essentially a loophole in the regulations to get the rating higher than it should be. There's no way to argue that they didn't know what they were doing. At the same time, they obviously have to keep some of the papers themselves to maintain the appearance of it being a safe investment. I mean it'd be impossible to try and sell the subprime 'AAA' CDOs as a completely safe and a risk free product if you yourself kept none of it, it would look highly suspicious and reveal the scam to any potential buyer.

People like Michael Burry (a mathematician btw) were able to 'predict' the financial crisis simply by going through the contents of these instruments by hand and crunching the numbers. If a single smart investor is able to figure this out just by looking at the data, do you seriously expect me to believe the banks themselves that operated this scheme and agreed to settle and be fined for it were unaware that they were peddling bullshit? Huh? This obviously doesn't mean everyone at the banks knew what was going on, but certainly key people did, because they have to have knowledge on the kind of instruments they're themselves creating/selling. It's de facto impossible to argue that they didn't know.

Besides, the banks involved, including Bank of America, still made money even after factoring in the settlements they've had to pay since. The six largest players in the scheme have been fined approximately 150 billion for the scandal, while their combined profit over that time (2007-2014) totaled around 700 billion, that's the whole point of the argument I was making: the banks knew what they were up to, provably so, and they also knew they'd be able to turn a profit even if the scheme collapsed because by that time they'd have sold off most of these products.