Google and Facebook confirm they fell victim to an $100m scam
Google and Facebook have confirmed that they fell victim to an alleged $100m (£77m) scam, after Fortune reported on Thursday that the two companies had been tricked into wiring more than $100m to one scammer’s bank accounts.
In March, it was reported that Evaldas Rimasauskas, 48, a Lithuanian man had been charged over an email phishing attack against “two US-based internet companies” that were not named at the time.
Rimasauskas allegedly posed as an Asia-based manufacturer and deceived the companies from at least 2013 until 2015.
“Fraudulent phishing emails were sent to employees and agents of the victim companies, which regularly conducted multimillion-dollar transactions with [the Asian] company,” the US Department of Justice (DOJ) said in March.
The emails purported to be from employees of the Asia-based firm, and were sent from email accounts made to look like they had come from the company.
The DOJ accused Mr Rimasauskas of forging invoices, contracts and letters “that falsely appeared to have been executed and signed by executives and agents of the victim companies”.
After Fortune wrote that the two victims were Facebook and Google, the companies decided to confirm the scam.
“We detected this fraud against our vendor management team and promptly alerted the authorities. We recouped the funds and we’re pleased this matter is resolved.” said a spokeswoman for Google in a statement, cited by BBC.
“Facebook recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation.” Sai also a spokeswoman for Facebook.