What can we learn from the man who stole $122 million from Google and Facebook without them even noticing?
Lithuanian Evaldas Rimasauskas pleaded guilty last week to wire fraud, aggravated identity theft, and money laundering, the sum of which netted him $99 million from Facebook and $23 million from Google. What may sound like a complicated scheme was actually shockingly simple: Rimasauskas sent invoices to Facebook and Google, and the companies paid him. He never delivered any goods or services, but the companies paid him anyway.
We tend to picture hackers as criminal masterminds. We see them as geniuses, cracking some impossible code to infiltrate our computers in ways we can’t hope to understand. But in reality, many scammers are just normal people who manage to exploit common weaknesses in human nature. They take advantage of things like our trust in authority and how busy we are.
Rimasauskas falsified documents like invoices, contracts, and company letters to fake his deals. He impersonated a Taiwanese hardware company called Quanta Computer Inc. by registering the same business name in Latvia. For years, the tech giants didn’t notice these requests for money were fraudulent — they didn’t scrutinize the documents closely enough to notice anything was amiss.
This is not unlike phishing, in which fraudsters impersonate your bank, PayPal, or email provider in order to trick you into handing over personal details that can help them steal your identity. A fake email from your bank that looks nearly identical to the real thing can be hard to spot, especially when we’re used to trusting our bank and we’re probably busy or multitasking.
So, if you’ve ever fallen victim to any kind of social engineering ruse, don’t feel bad. As you can see, it happens to the best of us.
What can we learn from Rimasauskas’s ingenious hoax? Unlike the tech giants, you probably don’t have spare millions lying around. So here are some tips to make sure you don’t accidentally part with your money.
When you receive an invoice, double check that you actually received the product or service you’re getting billed for.
Learn how to spot phishing attempts so you never get fooled by fake requests for your personal data.
Don’t open emails from someone you don’t know and never download attachments or open links from unknown senders.
Understand that scams are done on mobile, too, and make sure you secure your phone.
Watch out for malicious schemes on social media, which are on the rise.
Knowledge is power, and understanding how common scams work is the best way to avoid them. A little vigilance goes a long way in helping you stay safe in all aspects of your digital life.
Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all of your devices with award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN.
Join Avast's Avast's Christopher Budd at the National Council on Aging's Age+Action Conference to learn how to protect elders from tech support scams.
Avaddon ransomware group targeted Asia-based insurer AXA with DDoS attacks and ransomware just a week after the insurance company announced it was dropping support for ransomware payments in France.