RSS Feed

Case 3. Phishing against Google and Facebook

Created: 28.11.2018

Case Overview

In summary, according to the US attorney’s office for the Southern District of New York, scammers stole over $100 million from Facebook and Google in a creative way. Basically, they e-mailed the tech giants and asked for it. The scheme that included setting up a fake business and sending phishing e-mails to employees of Facebook and Google. The scheme ultimately duped those multi-million dollar companies out of more than a hundred million in total between 2013 and 2015.


Rimasauskas and his fellows in 2013 forged a very convincing email using fake email account. They loooked like they were sent from a Taiwan company called Quanta. They send emails with fake invoices. For the banks not to suspect a thing they managed to forge supporting documents for these transactions with fake signs and reals names of the bosses. 2015 - $98m from Facebook and $23m from Google. But since he was busted and arrested, most of the money was paid back.

Lessons Learned

It was a spear phishing attack targeting guys from finance. Since they are used to trasfering these large amounts of data, no one suspected a thing. This attack took place for a long time, not $110 at once.



[1] IBM course