Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook and Google Were Victims of $100M Payment Scam

Posted by msmash on from the elaborate-scheme dept.

Employees of Facebook and Google were the victims of an elaborate $100 million phishing attack, according to a new report on Fortune, which further adds that the employees were tricked into sending money to overseas bank accounts. From the report: In 2013, a 40-something Lithuanian named Evaldas Rimasauskas allegedly hatched an elaborate scheme to defraud U.S. tech companies. According to the Justice Department, he forged email addresses, invoices, and corporate stamps in order to impersonate a large Asian-based manufacturer with whom the tech firms regularly did business. The point was to trick companies into paying for computer supplies. The scheme worked. Over a two-year span, the corporate imposter convinced accounting departments at the two tech companies to make transfers worth tens of millions of dollars. By the time the firms figured out what was going on, Rimasauskas had coaxed out over $100 million in payments, which he promptly stashed in bank accounts across Eastern Europe. Fortune adds that the investigation raises questions about why the companies have so far kept silence and whether -- as a former head of the Securities and Exchange Commission observes -- it triggers an obligation to tell investors about what happened.

10 of 50 comments (clear)

  1. First rule by Chris+Mattern · · Score: 3, Interesting

    First rule of damage control for corporations hit by scams like this is to NEVER disclose it happened if you don't have to. If nobody finds out about it, there won't be any damage to your reputation and there won't be copycats inspired by it.

  2. Well by DontBeAMoran · · Score: 3, Funny

    If huge corporations such as Facebook and Google can fall victim to scammers, who are we to even try resisting?

    Help me pay for the scams I'm a victim of. Send donations directly to:
    18LQHMjKSCSU3g4f29TfmtfxHXUfnh7juB (Bitcoin)
    D9scjyKETYZesSmhjCR4vye4bc6iDqXPd6 (Doge)

    --
    #DeleteFacebook
    1. Re:Well by mysidia · · Score: 2

      If huge corporations such as Facebook and Google can fall victim to scammers, who are we to even try resisting?

      A company's large size actually works against you, when it comes to protecting against issues like this ---- the more people you have,
      the harder it is to effectively communicate a message to everyone and mobilize all the important parties against a threat....
        Instead of being agile and able to adapt, you need to rely mostly on written policies, putting systems into place, and training staff in advance.

      If your company was smaller (Unlike Google), then you can probably put new systems into place and modify existing IT systems to more quickly detect and respond to issues.

      Also, if your company has only a few million in the bank, it's unlikely that $100 Million will be stolen from you

  3. Congrats sleuth slashdot users by s1d3track3D · · Score: 2

    Should we now upvote users who figured out the companies months ago? https://news.slashdot.org/stor...

    Moral of the story, Greedy dude got caught.

  4. Nothing new here by AF_Cheddar_Head · · Score: 2

    This is and old scam updated for modern times, scammers used to send small bills for office supplies to accounting departments of large corporations hoping the bill would be paid without any checking for validity. Worked often enough that the scammers kept doing it.

  5. Smart but dumb.... by EvilSS · · Score: 2

    At some point don't you have to say to yourself "Self, we've been lucky so far. We have 15 or so mil in the bank already. This scheme really can be run from virtually anywhere. Shouldn't we pack up and move to a country that the US doesn't have an extradition treaty* with?"

    I mean Russia is right there. He could have hopped over to Kaliningrad and it would be like he never really moved, nestled between Lithuania and Poland. He had enough money I'm sure he could arrange for residency.



    *Yes, the US has an extradition treaty with Lithuania.

    --
    I browse on +1 so AC's need not respond, I won't see it.
    1. Re:Smart but dumb.... by EvilSS · · Score: 2

      Are there any NATO countries that don't have bilateral extradition treaties?

      I don't think so. The list of countries that have treaties or other arrangements is actually surprisingly larger than I thought it would be. The no-treaty list is pretty short. Even shorter when you remove the places that are dangerous and/or third-world.

      --
      I browse on +1 so AC's need not respond, I won't see it.
    2. Re: Smart but dumb.... by EvilSS · · Score: 2

      So are Russia and China war town shithole or tiny island?

      --
      I browse on +1 so AC's need not respond, I won't see it.
  6. Paradoxical. by Gravis+Zero · · Score: 4, Insightful

    the investigation raises questions about why the companies have so far kept silence and whether [...] it triggers an obligation to tell investors about what happened.

    The problem is that disclosure is paradoxical.

    1) Scammed corporations need to tell their stockholders because if the information is found out, it could negatively affect the value of the stock therefore it's in the interest of the stockholders to be told.
    2) By covering it up, corporations prevent the stock from dropping and thus maintaining the value of the stock which is in the interest of the stockholders therefore the information should be withheld from stockholders.

    Until a legislative imperative resolves this paradox, corporations will take the path that aligns with their own interests.

    --
    Anons need not reply. Questions end with a question mark.
  7. Common by Solandri · · Score: 4, Informative
    If you ever start a business, you'll be inundated with these types of phishing attacks. Most of them are actually by postal mail too.
    • Letters and envelopes designed to look like government correspondence, saying you need to renew your business registration for $200. The actual requirement (annual statement of information) is about $20, and can be done online. These scam artists trick business owners who don't know into thinking it's $200 (effectively $20 for the filing, $180 for their "service"). My dad (a family practice doctor) didn't learn this until after he retired, and he found one of these letters in my trash and demanded to know why I was throwing out a government notice. By our estimate he paid over $5000 to these crooks during his career. These got so bad that many states passed laws requiring any correspondence for a service assisting with filing government forms have "THIS IS NOT A GOVERNMENT NOTICE" printed all over.
    • Letters masquerading as subscription renewals for things you haven't actually subscribed to. They're hoping someone in accounting doesn't know you haven't actually subscribed to it, assume it's a renewal so they won't investigate it to see if it's legit, and just pay it.
    • Package delivery fees for your clients. If you're in a business where your customers temporarily or permanently share your address (hotel, landlord, etc), sometimes your customers don't pay their bills to other companies. These companies then try to trick you into paying the bill because you share the same address. They'll send you a legit invoice with your company name as the purchaser/recipient. Buried down in the handwritten description of the charge it'll mention your client who is the actual payer.
    • A company who sold merchandise to one of our customers tried to pull this on us too. They said that was the billing info the customer gave them. I give them the benefit of the doubt - I assume it was a mixup between billing address and shipping address.
    • Information harvesting. These aren't a direct financial attack. I think they're just collecting marketing info so they can sell it. The most memorable one I got was by phone. They claimed to be from the DMV and asked some basic information about our company (size, revenue). Some of our vehicles are registered with the DMV for off-road-only use (i.e. on our property only) so it's not unusual for us to get a call from the DMV about this. But when they started asking about our payroll info, the alarm bells went off. I asked why the DMV needed that info, and they hung up. Thinking back, I think they actually said they were calling from the "DNV" not the "DMV".
    • These can come by mail too. I've gotten one designed to look like the Bureau of Labor Statistics forms our company was sometimes randomly chosen to fill out. Only difference was the destination fax number. I only noticed it because while I was prepping the report, I noticed I had already sent the report for that month. That's when I dug into it a little more and discovered the fax number was different.
    • Designed to look like another bill. I've gotten two of these - one mimicking a utility bill, one saying I had to pay something for my Google account. The Google one was an obvious fake. The one mimicking my electric bill was really good. If I had been paying it by hand, it might have slipped through. I caught it because according to my accounting program, I had already paid the electric bill that month. I think they were counting on people making the payment check out to "SCE" instead of "Southern California Edison", and mailing it in that handily provided return envelope with pre-printed address.
    • Standard fake IRS notices, telling you to call a phone number to pay. The phone number goes to the scammer, not the IRS.

    Taken individually, these attacks are usually pretty easy to spot. But when you're hit with so many of them over the years, even if you catch 99% of them, a few will slip through.