Market Watch: The Stomping Grounds of Cybercrime

As long as there are unknowing victims, fraud will continually persist throughout society, no matter what the medium. With the advent of modern technology, scams are now available throughout the cyberspace; a victim’s private data may be breached from hundreds of miles away. Experienced internet users have at some point encountered internet scams, such as the infamous Nigerian Prince email scam and fake pop-up warnings/virus messages that attempt to extort users when visiting certain websites. Unfortunately, some of the naïve users may have exposed themselves to the harsh implications of cyber scamming.

However, would anyone expect giant multinational tech companies - possessing some of the largest databases in the world, to be victims of an online phishing scam too? Alternatively, how about $100 million of the companies' money being lost to one scammer. 

Last month, the Department of Justice announced the charges of a 48 year-old Lithuanian man named Evaldas Rimasauskas, who was arrested by Lithuanian authorities with provisional warrants. According to the Department of Justice, Rimasauskas was charged for orchestrating a fraudulent business email compromise scheme that induced two US based internet companies to wire a total of over $100 million to bank accounts controlled by him.

Between the years 2013 to 2015, Rimasauskas registered a company in Latvia with the same name as an Asian computer hardware manufacturer. With that name, Rimasauskas masqueraded as an established business - producing electronic parts to many tech firms across the world. He then used the fabricated information to send spoof emails to two major US internet companies - one of which is a popular search engine while the other is a popular networking website. 

Recently, The Department of Justice unveiled that these two companies were Google and Facebook. 

Eventually, with the build-up of seemingly legit invoices, contacts, and documents in his spoof emails, he gained the trust of many employees across these two companies. The employees believed it to be a normal and safe business agreement for electronic goods manufacturing. After establishing this artificial mutual partnership, the employees sent a total of $100 million to a bank account which Rimasauskas was controlling.

After Rimasauskas received the $100 million from Google and Facebook, he wired the money to banks across different parts of the world, such as Latvia, Cyprus, Lithuania, Slovakia, Hong Kong, and Hungary. It is very likely that he gained access to those accounts before the scam. Fortunately, as the companies, authorities, and banks reacted quickly, the stolen money was soon recovered. Rimasauskas is currently being charged with one count of wire fraud, three counts of money laundering, and aggravated identity theft. If convicted, Rimasauskas will face 20 years of prison per wire fraud and money laundering charge, and two years for identity theft. 

This type of phishing (being the term for fraudulent scams) is known as spear phishing, and it’s generally of higher quality. They are very likely to be well planned and mainly used for financial or informational gain as well as being more likely to trick internet users into complying. The hacker/scammer takes the form of a legitimate company or organization and sends spoof emails with suspicious links or documents to their target. That attached document/link can possibly be a form of virus or malware as well. In the email, the scammers will require their target to fill in their personal data, such as account information, passwords, or whatever the scammers requested in the email provided. The spoof emails usually take the form of an emergency or something requires attention immediately. After an artificial sense of urgency is created, the targets will be more likely to act before they think, increasing the chances of sending their information. As the targets fill in the necessary information, the scammer will receive it on the other end before carrying out their real, malicious intent. Ordinary internet users sometimes receive these spear phishing scams from fake bank or fake cell phone companies as well. 

The true horror of these situations comes from the scammers' ability to access the first-hand information in order to contact their target as a legitimate company. Who’s giving them or how are they obtaining the data which should be disclosed in the first place?

Apparently, the employees of Google and Facebook fell for this spear phishing scam, and are facing the blame. Rimasauskas had researched, plotted, and organized this scam for a long period of time; at first, he registered a company in Latvia that shares the same name with an Asian manufacturer. This is his first loophole of using existing brands in foreign nations. He then created dummy bank accounts in foreign countries for the planned money laundering. Secondly, he used his Latvian company to send business emails to Facebook and Google. 

The most concerning aspect of his plan was that he must have known that Facebook and Google had a business contract with that Asian manufacturer in the first place. It was too well coordinated for him to be simply sending mass amounts of spoof emails to high tech companies, expecting some companies (especially Google and Facebook) to reach for his “phishing hook.” Either way, the employees believed Rimasauskas as their business partner and sent him the money. Facebook and Google then realized that it is a scam and called the police. Fortunately for the companies, Lithuanian authorities and the banks acted quickly and the money is able to be recovered. Though it seemed like an open-shut case, Rimasauskas provided a concern that in this ever-evolving technological world, anything can be a target of cybercrime - whether it be an individual, or some of the most influential companies on the planet.