March 22, 2017 by

Lithuanian Phishing Scammer Tricks US Tech Giants to Wire Him $100 Million

An indictment by the Department of Justice has revealed that a Lithuanian man tricked two US-based internet companies to wire him a total of over $100 million through a phishing scam.

48-year-old Lithuanian national Evaldas Rimasauskas succeeded in scamming two unnamed American tech companies into wiring him $100 million by masquerading as an Asian hardware manufacturer, according to the Justice Department. In doing so, the scammer managed to trick company employees into wiring tens of millions of dollars to bank accounts in a number of countries including Cyprus, Latvia and other countries.

It’s all the more notable that Rimasauskas’ phishing scam succeeded in tricking the technology industry, which one would normally associate with being adept in safe cybersecurity practices. It’s all the more remarkable, taking into the account the amount of money he managed to steal.

Acting US Attorney Joon H. Kim stated:

rom half a world away, Evaldas Rimasauskas allegedly targeted multinational internet companies and tricked their agents and employees into wiring over $100 million to overseas bank accounts under his control. This case should serve as a wake-up call to all companies – even the most sophisticated – that they too can be victims of phishing attacks by cyber criminals. 

While Rimasauskas was first indicted in December last year, the DOJ unsealed the documents following the arrest of the man last week.

The first of the two unnamed companies are described as “a multinational technology company, specializing in Internet-related services and products, with headquarters in the United States. The second victim company was summed up as “a multinational corporation providing online social media and networking services, with headquarters in the United States.”

Rimasauskas first registered and incorporated a Latvian company with the same name as the Asian computer hardware manufacturer. From here, the scammer sent phishing emails to employees and agents of the companies. Rimasauskas also forged invoices, contracts and letterheads purporting to be executed and signed by agents and executives of his victims, complete with faux corporate stamps submitted to banks to facilitate the large volume of funds that came in via wire transfers.

Rimasauskas is charged with one count of wire fraud and three counts of money laundering, each of which carries a maximum sentence of 20 years in  prison. The accused is also charged with a single count of aggravated identity theft, which carries a mandatory 2-year minimum prison sentence.

Image credit: Flickr.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Google Research: Phishing Poses the Greatest Cybersecurity Threat

A new study by Google has revealed insights to better explain how emails and other accounts are...

Read more arrow_forward

Hackers Find a New Way to Attack Nuclear Plants: Template Injection

Hackers have leveraged phishing, a long successful method to execute cyberattacks, with a template...

Read more arrow_forward

Nearly 50% of Organizations are Victims of Ransomware Attacks

A new study has revealed that ransomware attacks targeting organizations continue to be one the...

Read more arrow_forward