March 22, 2017 by

Lithuanian Phishing Scammer Tricks US Tech Giants to Wire Him $100 Million

An indictment by the Department of Justice has revealed that a Lithuanian man tricked two US-based internet companies to wire him a total of over $100 million through a phishing scam.

48-year-old Lithuanian national Evaldas Rimasauskas succeeded in scamming two unnamed American tech companies into wiring him $100 million by masquerading as an Asian hardware manufacturer, according to the Justice Department. In doing so, the scammer managed to trick company employees into wiring tens of millions of dollars to bank accounts in a number of countries including Cyprus, Latvia and other countries.

It’s all the more notable that Rimasauskas’ phishing scam succeeded in tricking the technology industry, which one would normally associate with being adept in safe cybersecurity practices. It’s all the more remarkable, taking into the account the amount of money he managed to steal.

Acting US Attorney Joon H. Kim stated:

rom half a world away, Evaldas Rimasauskas allegedly targeted multinational internet companies and tricked their agents and employees into wiring over $100 million to overseas bank accounts under his control. This case should serve as a wake-up call to all companies – even the most sophisticated – that they too can be victims of phishing attacks by cyber criminals. 

While Rimasauskas was first indicted in December last year, the DOJ unsealed the documents following the arrest of the man last week.

The first of the two unnamed companies are described as “a multinational technology company, specializing in Internet-related services and products, with headquarters in the United States. The second victim company was summed up as “a multinational corporation providing online social media and networking services, with headquarters in the United States.”

Rimasauskas first registered and incorporated a Latvian company with the same name as the Asian computer hardware manufacturer. From here, the scammer sent phishing emails to employees and agents of the companies. Rimasauskas also forged invoices, contracts and letterheads purporting to be executed and signed by agents and executives of his victims, complete with faux corporate stamps submitted to banks to facilitate the large volume of funds that came in via wire transfers.

Rimasauskas is charged with one count of wire fraud and three counts of money laundering, each of which carries a maximum sentence of 20 years in  prison. The accused is also charged with a single count of aggravated identity theft, which carries a mandatory 2-year minimum prison sentence.

Image credit: Flickr.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Snapchat Phishing Attack Swipes Credentials of Over 50,000 USers

Details have emerged on a phishing attack which saw hackers steal the credentials of over 50,000...

Read more arrow_forward

Google Research: Phishing Poses the Greatest Cybersecurity Threat

A new study by Google has revealed insights to better explain how emails and other accounts are...

Read more arrow_forward

Hackers Find a New Way to Attack Nuclear Plants: Template Injection

Hackers have leveraged phishing, a long successful method to execute cyberattacks, with a template...

Read more arrow_forward