{"id":314853,"date":"2017-04-28T17:05:46","date_gmt":"2017-04-28T17:05:46","guid":{"rendered":"http:\/\/citifmonline.com\/?p=314853"},"modified":"2017-04-28T17:05:46","modified_gmt":"2017-04-28T17:05:46","slug":"google-facebook-duped-in-huge-scam","status":"publish","type":"post","link":"https:\/\/citifmonline.com\/2017\/04\/google-facebook-duped-in-huge-scam\/","title":{"rendered":"Google, Facebook duped in huge ‘scam’"},"content":{"rendered":"
Google and Facebook have confirmed that they fell victim to an alleged $100m (\u00a377m) scam.<\/p>\n
In March, it was reported that a Lithuanian man had been charged over an email phishing attack against “two US-based internet companies” who were not named at the time.<\/p>\n
They had allegedly been tricked into wiring more than $100m to the alleged scammer’s bank accounts.<\/p>\n
On 27 April, Fortune reported that the two victims were Facebook and Google.<\/p>\n
The man accused of being behind the scam, Evaldas Rimasauskas, 48, allegedly posed as an Asia-based manufacturer and deceived the companies from at least 2013 until 2015.<\/p>\n
“Fraudulent phishing emails were sent to employees and agents of the victim companies, which regularly conducted multimillion-dollar transactions with [the Asian] company,” the US Department of Justice (DOJ) said in March.<\/p>\n
These emails purported to be from employees of the Asia-based firm, the DOJ alleged, and were sent from email accounts designed to look like they had come from the company, but in fact had not.<\/p>\n
The DOJ also accused Mr Rimasauskas of forging invoices, contracts and letters “that falsely appeared to have been executed and signed by executives and agents of the victim companies”.<\/p>\n
“We detected this fraud against our vendor management team and promptly alerted the authorities,” a spokeswoman for Google said in a statement.<\/p>\n
“We recouped the funds and we’re pleased this matter is resolved.”<\/p>\n
However, the firm did not reveal how much money it had transferred and recouped.<\/p>\n
Nor did Facebook – but a spokeswoman said: “Facebook recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation.”<\/p>\n
Big firms targeted
\n“Sometimes staff [at large firms] think that they are defended, that security isn’t part of their job,” said James Maude at cyber-security firm Avecto, commenting on the phishing threat facing big companies.<\/p>\n
“But people are part of the best security you can have – that’s why you have to train them.”<\/p>\n
He also told the BBC that Avecto’s clients have recounted phishing attempts that used senior staff’s hacked email accounts to convince employees that a request to wire out money was genuine.<\/p>\n
The sophistication of phishing scams has increased lately, according to a recent Europol report.<\/p>\n
“CEO fraud” – in which executives are impersonated by the scammer – was a particular worry.<\/p>\n
“The request is usually time-sensitive and often coincides with the close of business hours to make verification of the request difficult,” the report explained.<\/p>\n
“Such attacks often take advantage of publicly reported events such as mergers, where there may be some degree of internal flux and uncertainty.”<\/p>\n
In order to avoid succumbing to such fraud, firms are advised to carefully verify new payment requests before authorising them.<\/p>\n
–<\/p>\n
Source: BBC<\/p>\n","protected":false},"excerpt":{"rendered":"
Google and Facebook have confirmed that they fell victim to an alleged $100m (\u00a377m) scam. In March, it was reported that a Lithuanian man had been charged over an email phishing attack against “two US-based internet companies” who were not named at the time. They had allegedly been tricked into wiring more than $100m to […]<\/p>\n","protected":false},"author":14,"featured_media":314854,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[106],"tags":[339,225],"yoast_head":"\n