An indictment by the Department of Justice has revealed that a Lithuanian man tricked two US-based internet companies to wire him a total of over $100 million through a phishing scam.
48-year-old Lithuanian national Evaldas Rimasauskas succeeded in scamming two unnamed American tech companies into wiring him $100 million by masquerading as an Asian hardware manufacturer, according to the Justice Department. In doing so, the scammer managed to trick company employees into wiring tens of millions of dollars to bank accounts in a number of countries including Cyprus, Latvia and other countries.
It’s all the more notable that Rimasauskas’ phishing scam succeeded in tricking the technology industry, which one would normally associate with being adept in safe cybersecurity practices. It’s all the more remarkable, taking into the account the amount of money he managed to steal.
Acting US Attorney Joon H. Kim stated:
rom half a world away, Evaldas Rimasauskas allegedly targeted multinational internet companies and tricked their agents and employees into wiring over $100 million to overseas bank accounts under his control. This case should serve as a wake-up call to all companies – even the most sophisticated – that they too can be victims of phishing attacks by cyber criminals.
While Rimasauskas was first indicted in December last year, the DOJ unsealed the documents following the arrest of the man last week.
The first of the two unnamed companies are described as “a multinational technology company, specializing in Internet-related services and products, with headquarters in the United States. The second victim company was summed up as “a multinational corporation providing online social media and networking services, with headquarters in the United States.”
— Jeff Roberts (@jeffjohnroberts) March 21, 2017
Rimasauskas first registered and incorporated a Latvian company with the same name as the Asian computer hardware manufacturer. From here, the scammer sent phishing emails to employees and agents of the companies. Rimasauskas also forged invoices, contracts and letterheads purporting to be executed and signed by agents and executives of his victims, complete with faux corporate stamps submitted to banks to facilitate the large volume of funds that came in via wire transfers.
Rimasauskas is charged with one count of wire fraud and three counts of money laundering, each of which carries a maximum sentence of 20 years in prison. The accused is also charged with a single count of aggravated identity theft, which carries a mandatory 2-year minimum prison sentence.
Image credit: Flickr.