A Lithuanian man has been charged with phishing two US technology firms out of $100 million. Posing as an Asian-based manufacturer that regularly did multi-million-dollar transactions with the victim companies, Evaldas Rimasauskas, 48, tricked staff into wiring money into bank accounts under his control.
The scheme is a type of phishing attack known as ‘whaling’, in which fraudulent emails specifically target people in high-ranking positions. Rimasauskas’ emails replicated genuine emails from the manufacturer and detailed money owed for legitimate goods and services.
None of the companies involved have been named, but the US Department of Justice described both victims as US-based multinationals. One operates in Internet-related services and products, and the other in social media.
A wake-up call
Acting US Attorney Joon H. Kim called this case a wake-up call to “even the most sophisticated” firms. Rimasauskas, who was arrested in Lithuania last week, allegedly deceived the companies from at least 2013 until 2015.
He is believed to have registered a company in Latvia under the same name as an Asian-based computer hardware manufacturer. He then targeted two companies that dealt with that firm.
Rimasauskas instructed the companies to wire money into bank accounts that he had set up in Latvia and Cyprus. He then moved the money into other accounts across the world, including Slovakia, Lithuania, Hungary, and Hong Kong.
Officials said he siphoned off more than $100 million in total, although much of the money has been recovered.
Rimasauskas is charged with wire fraud, aggravated identity theft and three counts of money laundering.
How to defend against business email attacks
Last year, the FBI warned of a dramatic increase in business email attacks, with whaling cases in particular on the rise. Whaling attacks are harder to spot than typical phishing attacks because they are highly personalized.
Because there is a greater reward for defrauding high value individuals, cyber criminals spend more time and effort making their correspondences seem as legitimate as possible. Attackers often gather personal details of their victims in advance, searching on social media or profiling targets’ company information.
Still, the way whaling attacks work is essentially the same as phishing attacks – so many of the same defenses can be applied to protect against the risks.
There is no technology that can be guaranteed to detect and block these threats. No matter how senior or junior an employee is, fraudulent emails can pass through a spam filter. Once that happens, the company’s security is in the employee’s hands.
Learning how to detect and respond to a phishing email is essential to mitigate the threat they present. That is why IT Governance offers a Phishing Staff Awareness Course that provides companies and their employees with everything they need to know about how phishing attacks work, how to spot them, and the best practices to follow to stay secure.