How this scammer used phishing emails to steal over $100 million from Google and Facebook

Scammers stole over $100 million from Facebook and Google in a creative way: They emailed the tech giants and asked for it.

Evaldas Rimasauskas, 50, pleaded guilty last week to wire fraud after helping to orchestrate a scheme that included setting up a fake business and sending phishing emails to employees of Facebook and Google. The scheme ultimately duped those multibillion-dollar companies out of more than $100 million in total between 2013 and 2015, according to the U.S. Attorney's Office for the Southern District of New York.

How the phishing scam worked

Prosecutors accused Rimasauskas in 2016 of incorporating a company that posed as another company, Taiwan-based Quanta Computer — which actually does business with Facebook and Google. Rimasauskas served as the "sole member of the board of directors" of the fake company and "opened, maintained and controlled various accounts at banks" in Latvia and Cyprus in the name of the fake company, authorities said.

In the scam, Rimasauskas and his co-conspirators created fairly convincing forgery emails using fake email accounts, which looked like they were sent by employees of the actual Quanta in Taiwan. They sent phishing emails with fake invoices to employees at Facebook and Google who "regularly conducted multimillion-dollar transactions" with Quanta, and those employees responded by paying out more than $100 million to the fake company's bank accounts, prosecutors said.

Petras Malukas | AFP | Getty Images
Evaldas Rimasauskas in district court in Lithuania in 2017.

Rimasauskas' work also involved "forged invoices, contracts, and letters that falsely appeared to have been executed and signed by executives and agents" of the companies he was impersonating and fleecing, prosecutors said in a statement. The scheme tried to avoid suspicion from banks by creating false supporting documents for the transactions, which even had fake corporate seals embossed with the names of those companies.

The consequences

"Rimasauskas thought he could hide behind a computer screen halfway across the world while he conducted his fraudulent scheme, but as he has learned, the arms of American justice are long, and he now faces significant time in a U.S. prison," U.S. Attorney Geoffrey Berman said in a statement.

While the charges do not specifically name the companies involved in the scheme, Quanta has reportedly confirmed that it was the company Rimasauskas impersonated, while Facebook and Google were named in a Lithuanian court order in 2017, according to Reuters. The government's 2016 indictment refers to multiple unidentified co-conspirators who helped pull off the massive fraud, but no other charges have been filed.

Lithuanian authorities arrested Rimasauskas in March 2017, and he was extradited to the U.S. a month later. As part of his guilty plea, Rimasauskas agreed to forfeit roughly $49.7 million that he obtained from the scheme. His sentencing is scheduled for July 24, when he could be sentenced to up to 30 years in prison.

Bloomberg reported that while entering his guilty plea in federal court last week, Rimasauskas told the judge, "I was asked to open bank accounts. After that I did not do anything with these accounts."

In an email to CNBC Make It, Paul D. Petrus Jr., an attorney for Rimasauskas, said his client's actions "did not rise to the level" of what is described in the prosecutors' press release. Petrus said he intends "to ask for a punishment at sentencing that fits the crime he committed, which calls for leniency."

"We detected this fraud and promptly alerted the authorities," a Google spokesperson told CNBC Make It in a statement. "We recouped the funds and we're pleased this matter is resolved."

"Facebook recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation," a Facebook spokesperson told CNBC Make It in a statement.

Quanta did not immediately respond to CNBC Make It's requests for comment.

It's not the first time a tech behemoth has been scammed

This is far from the first time that a major tech company has been defrauded out of millions of dollars.

Last year, an Indiana couple was sentenced to six years in prison apiece after they stole more than $1.2 million worth of consumer electronics from Amazon by scamming the e-commerce giant's return policy.

And in another alleged scam involving Amazon, federal authorities last year charged a former contestant on NBC's "The Apprentice" and her husband of duping people out of over $15 million by claiming to teach them how to make millions of dollars selling products on the e-commerce site. The case was settled in November. The defendants did not admit or deny the allegations but had to surrender $20.8 million in the judgment.

Meanwhile, federal investigators say that the practice of defrauding businesses via email is an increasingly prevalent scam. In 2017, the FBI noted that the type of fraud labeled "business email compromise" had resulted in over $3 billion in losses since 2013.

Don't Miss: How this young Indiana couple stole $1.2 million from Amazon

Like this story? Subscribe to CNBC Make It on YouTube!

Click to show more