The most recent victims of scam are none other than technology giants Facebook and Google. One man, Evaldas Rimasaukas, had single-handedly, swindled over a US$100 million from both the multimillion dollar companies by a way of a simple email fraud trick that he had cleverly set up.
Chain Of Events
The basis of his modus operandi, or MO, was that he would send the tech behemoths invoices for things that had never ordered and received payments for those invoices, despite them not ever being delivered to Google or Facebook. 40-something Evaldas had dug deep into the operations of these two companies and noted that they had a few companies that they regularly deal with on a large scale.
He selected one Asian-based manufacturing plant to support his devious scheme and began to impersonate this particular company. He presented himself as the Asian company, Quanta Computer, which was where Facebook and Google got their computer supplies from, by doctoring their official stamps, letterheads and invoicing style to create near-accurate copies of the real thing.
Evaldas then send these fake invoices via email to the procurement departments of Facebook and Google, where the invoices were promptly paid for and the money sent directly to his many different bank accounts, spread across Eastern Europe. In a span of only two years, Evaldas’ trick earned him more than US$100 million in fake payments by both these tech giants.
How Was It Possible
The thing that had made this possible was the fact that Facebook and Google deal with large amounts of volume, especially when purchasing items and making payments. As such, paying huge amounts at once is only a day-to-day thing at work, as far as their procurement units are concerned and this is what had caused a string of unfortunate oversights that had led to this occurring.
The key here is that no one in either procurement departments had taken the extra step to verify the invoice and check with the respective departments, if the order was ever made. Should they have been more vigilant with the way they processed digital invoices and issued payments, Google would not have lost a chunk of US$ 23 million while Facebook would have got to keep the staggering US$98 million that it had paid to Evaldas’ fake company.
What we’ve learnt from this is that, we should always be wary when dealing with the digital form of almost anything, an invoice, a payment, an account. These can all be easily copied to resemble the originals or the original owners may have been hacked, giving access to scammers to use these tools to solicit payments.
Also, it is always best to check twice when receiving any email or digital note that requires us to pay some form of monetary remittance. Some of these may be fake invoices and your payment would be wired to an offshore bank account in one of the smaller, lesser-known countries in the world, never to be seen again.
Also, when entering any banking details or personal information into a digital site or into an email form, always check that the URL is valid and is indeed verified as the original URL that belongs to the particular person, company or organization. This is to prevent scammers from accessing your personal particulars only to use them for their benefit at your bank or any digital payment or online currency accounts that you may have.
Fraudsters are everywhere and their schemes can come in all forms and scales, especially those who try to scam people via emails and texts, in order to gain full access to your personal and confidential details. If you suspect that you may be a victim of email fraud or text message scams, a simple email lookup and phone number search would be able to help you identify your scammer.