A Lithuanian man pleaded guilty today to wire fraud, aggravated identity theft, and three counts of money laundering, after tricking employees of Alphabet’s Google unit and Facebook into wiring more than $100 million into bank accounts he controlled as part of multiple business email compromise (BEC) fraud attacks spanning from at least in or around 2013 through in or about 2015.
Credit where credit is due. This is by far one of the most astoundingly simple cases of fleecing cash from gigantic corporations I’ve ever seen. The fact it’s was carried out against two of the largest tech companies in the world is just the icing on the cake.
Described as a “blatant scheme” by Manhattan U.S. Attorney Geoffrey S. Berman, the man simply registered a company in Lithuania with the same name as an Asian hardware supplier and started sending the two companies invoices.
Clearly fooled, both Google & Facebook then went on to pay over US$120m to the man’s shell company between 2013 and 2015.
Since caught he’s surrendered nearly US$50m back to the US and pleaded guilty to wire fraud. The man now faces up to 30 years in prison.