Google and Facebook named as victims in $100 million scam
Even tech giants aren't immune to email schemes.
The tech companies that fell victim to a $100 million email scam reported in March are no inexperienced newbies fresh off their first funding round. According to Fortune, they're none other than Google and Facebook. When the incident was first exposed, feds revealed that they arrested a Lithuanian man named Evaldas Rimasauskas for perpetrating the phishing scheme. However, they chose to keep the companies' identities a secret. It became pretty easy to find the victims once Taiwanese parts supplier Quanta Computer admitted that the scammer used its company's name.
Quanta supplies parts for various tech titans, including Apple and Amazon. The sources Forbes talked to pinpointed Google and Facebook, though: one said the social network asked the US Attorney's Office in Manhattan for help in getting back its money. Both companies eventually admitted that they were the unnamed victims in the case.
Facebook told the publication that it "recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation." Google said it "detected this fraud against [its] vendor management team and promptly alerted the authorities." Mountain View also confirmed recouping the funds it lost. While they already got their money back, the investigation still isn't done. Rimasauskas, who allegedly stashed the money in banks across Europe, continues to deny his involvement and to fight his extradition to the US.
Fortune's source said companies fall to phishing schemes involving fake suppliers all the time, and Facebook was far from the the first one to ask the US Attorney's Office for help. The office's personnel thought this particular case was huge, though, considering how much was involved. That's why it was a bit strange that neither corporation disclosed the incident to their investors, which they're legally required to do. While the companies declined to comment on that, it could be because Google and Facebook don't consider $100 million big enough to require disclosure. Whatever their reasons are, fact remains that even they aren't immune to phishing schemes, and ordinary folks who fell victim to them shouldn't feel that bad either.