Recently, the US Department of Justice filed a lawsuit alleging that a Lithuanian man used e-mail to defraud $123 million. The victims in the case were technically strong on Facebook and Google. In this most common e-mail invoice fraud, Google lost. For $23 million, Facebook lost as much as $100 million, but unlike other heavily deceived companies, Google and Facebook have recovered fraudulent payments.
There is nothing special about Google and Facebook’s e-mail scams. This is one of the most common and dangerous online scams. The company’s mailbox is leaked or maliciously attacked. Scammers use other people’s mail to communicate with other companies. Send fake invoices and ask the latter to pay for non-existent cooperative content or services. Since many companies cannot verify the payment of all projects in real time, the financial invoice verification directly pays the fees, which ultimately leads to huge financial loss.
Invoice fraud can be so dangerous mainly because it involves direct financial losses. Most other cyber attacks cause damage to the company’s reputation, such as customer information, core technical documents, etc. These results will have a negative impact on the company’s operations, but will not Direct competition losses occur, while invoice fraud leads to economic losses.
In the past few years, email fraud has been increasing through emails. According to the US FBI, the total amount of frauds used by fraudsters from December 2016 to May 2018 increased by 136%. From October 2013 to May 2018, the global e-mail fraud involved more than $12 billion.
Counterfeit partner requires payment
In this type of fraud, scammers often get the company’s e-mail messages through cyber attacks, and look for suitable targets when monitoring the content of the e-mail, such as long-term cooperation and capital supply of component suppliers, law firms, etc., fraud By sending a fake invoice or a remittance message requesting payment, the financial department of the partner cannot identify the virtual payment request and pay the funds in time. Often in the mail, scammers provide specific service content, real payment accounts, and often review the long-term partner payment requirements are the grassroots financial assistant.
It is basically difficult for companies that encounter fraud to recover losses. Since the payment is made by the company’s financial initiative, the bank usually does not assist in recovering the money. Some small companies that suffer from this bad luck may even face bankruptcy due to one or two invoice frauds. .
In the invoice fraud involving Google and Facebook, a Lithuanian man named Evaldas Rimasauskas pleaded guilty in a trial on March 20, 2019. He spent two years completing the amazing fraud and forged it. A large number of e-mails, contracts and invoices, some of which have been signed by Google and Facebook executives or representatives, and submitted fake payment requests to banks in their names, transferring large amounts of funds to fraudster accounts via electronic remittances, funds Upon arrival, Evaldas Rimasauskas will immediately be transferred directly to the bank accounts located in each country. According to court documents, Google lost $23 million in this fraud and Facebook lost more than $100 million.
The amount involved was huge, but unfortunately, both Google and Facebook recovered their losses. A Google spokesperson said that the company immediately reported the fraud to the police and eventually recovered the funds. I am glad that the case was finally resolved. A Facebook spokesperson said that most of the funds had been recovered shortly after the incident and that they had been working with law enforcement agencies to investigate. But the two companies did not disclose how they recovered their losses.
The US FBI recommends that companies of any size or individual users who make large transactions can take steps to avoid invoice fraud, inform employees of the way invoice fraud and how to respond, if you see a sudden change in payment terms at work, or ask for Funds should be paid in a very useful account, and should be especially vigilant. At the same time, the right to review payment should not be limited to one party. Instead, a multi-audit system should be established to discuss with the bank to establish more verification processes, such as voice verification, in the transfer process. If you find that you are cheated, you need to call the police immediately and retain relevant evidence.