A man called Evaldas Rimasauskas scammed Facebook and Google out of $122 million by sending fake invoices—which they unknowingly paid.

A man called Evaldas Rimasauskas scammed Facebook and Google out of $122 million by sending fake invoices—which they unknowingly paid.

Title: How Evaldas Rimasauskas Tricked Facebook and Google into Paying $122 Million in Fake Invoices

Meta Description: Discover how Lithuanian scammer Evaldas Rimasauskas stole $122 million from tech giants Facebook and Google using forged invoices—and the shocking lessons learned.

The $122 Million Heist: How One Man Fooled Facebook and Google

In a cybercrime story that sounds like a Hollywood thriller, Evaldas Rimasauskas—a Lithuanian national—orchestrated one of the most audacious scams of the digital age. Between 2013 and 2015, he tricked two of the world’s largest tech companies, Facebook and Google, into wiring him over $122 million for services they never received. His weapon of choice? Fake invoices sent via email, disguised to look like legitimate bills from a trusted vendor.

Here’s how Rimasauskas pulled off this brazen scheme—and why even Silicon Valley giants aren’t immune to fraud.

The Anatomy of the Scam

1. Creating a Fake Identity

Rimasauskas registered a shell company in Latvia under the name “Quanta Computer,” intentionally mimicking Taiwan-based Quanta Computer Inc.—a legitimate vendor that both Facebook and Google regularly did business with. He even set up bank accounts in Latvia and Cyprus under this alias to receive payments.

2. Forging Invoices & Phishing for Payments

Posing as Quanta’s finance department, Rimasauskas sent spear-phishing emails to employees at Facebook and Google. The emails contained meticulously crafted fake invoices, complete with forged contracts, corporate seals, and signatures. The requests were for routine payments related to IT equipment and services, which the companies regularly ordered from the real Quanta.

Due to the high volume of transactions at both companies, the fraudulent invoices—ranging from $100,000 to several million dollars—went unnoticed. Finance departments processed them as routine expenses.

3. Laundering the Stolen Millions

Once payments hit Rimasauskas’ offshore accounts, he transferred funds through a maze of global banks, including accounts in Cyprus, Latvia, Lithuania, Hungary, Slovakia, and Hong Kong. He funneled the money into cryptocurrency and shell companies to obscure the paper trail.

The Downfall: How the Fraud Unraveled

The scam ran undetected for two years before banks flagged suspicious transactions in late 2015. Investigators traced the payments to Rimasauskas, who was arrested in Lithuania in 2017 and later extradited to the U.S. In 2019, he pleaded guilty to wire fraud, money laundering, and identity theft in a New York court.

Key Outcomes:

• Rimasauskas was sentenced to five years in prison.
• He agreed to forfeit $49.7 million in restitution (about half the stolen amount).
• Both Facebook and Google recovered a portion of their losses through insurance and legal action.

Why Did Facebook and Google Fall for It?

The scam exploited critical vulnerabilities even large corporations face:

1. Supplier Spoofing: By impersonating a trusted vendor, Rimasauskas bypassed initial scrutiny.
2. Payment Automation: High-volume finance departments often approve smaller invoices without thorough verification.
3. Human Error: Employees overlooked subtle red flags, like minor discrepancies in email addresses or bank details.

Lessons Learned: Protecting Against Invoice Fraud

Rimasauskas’ scheme serves as a wake-up call for businesses worldwide:

1. Multi-Layer Verification: Always confirm large payments via phone or in-person with known contacts at vendors.
2. Vendor Due Diligence: Regularly audit supplier databases and update payment protocols.
3. AI-Driven Fraud Detection: Use machine learning tools to flag anomalies in invoices, such as mismatched bank details.
4. Employee Training: Educate finance teams to spot phishing tactics and fake domain lookalikes (e.g., “quantta.com” vs. “quanta.com”).

Conclusion: The Audacity of a “Simple” Scam

Evaldas Rimasauskas didn’t hack firewalls or deploy malware—he exploited human trust and corporate complacency. His story is a stark reminder that even tech titans can fall victim to old-school fraud. As cybercriminals grow bolder, businesses must stay vigilant, question the mundane, and never underestimate the power of a well-crafted email.

Tags: Evaldas Rimasauskas, Facebook Google Scam, Fake Invoices Fraud, Quanta Computer Scam, Cybercrime Case Study, Business Email Compromise (BEC), Silicon Valley Fraud

Optimized for SEO Keywords:

• “Facebook Google $122 million scam”
• “Evaldas Rimasauskas fake invoices”
• “How Quanta Computer scam worked”
• “Lessons from tech company fraud”
• “Business email compromise case study”