U.S. trying to extradite the man who roped Facebook and Google into a classic phishing expedition.
1 May 2017 – Compiled by Ky Krauthamer
Proving that the world’s biggest tech companies are not immune from mundane phishing scams, the two companies swindled out of $100 million by a Lithuanian man have been identified as Facebook and Google.
Fortune outed the companies on Thursday, revealing the results of an investigation that may lead to more than just embarrassment for the giant corporations. The case will also contribute to the bad reputation of several Eastern European countries as havens for laundered money.
According to U.S. authorities, the scheme was audacious and highly successful. Between 2013 and 2015, a Lithuanian man named Evaldas Rimasauskas convinced Facebook and Google to transfer some $100 million to bank accounts he controlled, under the impression they were dealing with an old customer, Quanta Computer of Taiwan. Using genuine-looking email addresses, Rimasauskas impersonated Quanta using forged invoices and company stamps.
Lithuanian authorities arrested Rimasauskas in March, the U.S. Justice Department announced, also saying most of the fraudulently obtained money had been recovered.
Rimasauskas’s lawyer Linas Kuprusevicius told Fortune his client cannot expect a fair and impartial trial in a U.S. court if he is extradited, and accused FBI agents of “frightening him with long years in U.S. prisons.”
U.S. securities law requires corporations to disclose significant events to investors, Fortune writes – such as the departure of an executive or a major fraud. The magazine’s review of public records found no indication either company disclosed it had fallen for the phishing scheme – possibly because most of the funds were recovered, or perhaps because the amounts concerned were trivial for the multi-billion-dollar behemoths.