Evaldas Rimasauskas, Lithuanian citizen, was recently arrested and charged with financial fraud, identity theft and money laundering. All this after stealing 99 million dollars from Facebook and another 23 million dollars from Google between 2013 and 2015. In the end he was caught,
Rimasauskas registered the trademark Quanta Computer Inc. in Lithuania, copying the name of the Taiwanese hardware manufacturer. From that moment on, he began to send invoices to Google and Facebook for products that they had not purchased and that he had not provided either.
Companies paid those bills without any question, perhaps because everything seemed perfectly legitimate. As the DoJ points out, the forged invoices included forged contracts and letters pretending to be signed by directors of the deceived companies. The inclusion of the forged stamps of these companies had the desired effect, and the victims ended up sending the money without any additional checks.
These payments were then distributed to bank accounts in six different countries: Cyprus, Lithuania, Hungary, Slovakia and Latvia. The ruling does not specifically mention Google or Facebook, but a 2017 court order already identified both as the victims of this fraud.
The technique used by Rimasauskas was already known in the field of cybersecurity. It is the “Business Email Compromise” or BEC fraud, in which those responsible for the deception ask for money using mails addressed to companies that work with foreign suppliers and that often make money transfers.