Tag Archives: banking

Facebook And Google Remained Mum At Being Scammed Out Of The $100M Scam

The evolution of phishing techniques by cyber criminals has found a new milestone in the form of the recent scam involving the tech giants Facebook and Google. The scam becoming public after the indictment issued by the US Department of Justice has been based upon consistent defrauding the tech companies of $100 million over a span of two years.

In the interesting case of fraudulent email compromise scheme by a Lithuanian scammer, the indictment statement issued by the court pressed charges:

“for orchestrating a fraudulent business email compromise scheme that induced two U.S.-based internet companies (the “Victim Companies”) to wire a total of over $100 million to bank accounts controlled by RIMASAUSKAS.”

Also Read: Umair Hamid of Axact Diploma Mill Scam Found Guilty Of Committing Wire Fraud

Interestingly, the scheme worked over an elaborate plan, working through proper banking channels. The tech giants, were tricked for a period spanning over two years, into wiring a whopping amount of $100 million to two bank accounts located in Latvia and Cyprus. After the transfer, the poached money was swiftly routed through a variety of bank accounts scattered across different locations throughout the world. The destinations involved banks in Latvia, Cyprus, Slovakia, Lithuania, Hungary and Hong Kong.

It was in March this year that the the scammer Evaldas Rimasauskas was arrested by the local authorities in Lithuania. He was later charged with orchestrating the scam scheme. Interestingly, both the tech companies targeted through the fraud stayed anonymous throughout the case. However, through an investigation study carried out by Fortune revealed the identity of the victim companies.

Also Read: Ministry of IT warns WhatsApp users to beware of fake video calling scam

What emerges out of the proceedings of the case is not one, but two major concerns. Where the immediate concern is, obviously, the safety against the scams involving email phishing and fake suppliers which can successfully target even the tech-lord corporations; the second concern is more subtle in nature. The crime has raised certain questions, whose validity can not be ignored, about why the companies have so far kept mum over the matter. The Fortune report quoted a former head of the Securities and Exchange Commission, Mary Jo White’s observation:

“It triggers an obligation to tell investors about what happened.”

White further said:

“I understand the dynamic. You don’t want to provide a road map to future hackers into your system. But that doesn’t excuse not disclosing an event if it’s material.”

Warning after high volume of phishing emails sent – here's what to look for

Comments (0)

A warning has been issued after high volumes of phishing emails from fraudsters were sent to individuals and businesses across Lincolnshire.

The warning was shared by Lincolnshire Alert, which says the email attempts to obtain sensitive data from victims, such as banking credentials and passwords.

The subject line contains the recipient’s name, and the main body of text is as below:

“Hi, [name]! I am disturbing you for a very serious reason. Although we are not familiar, but I have significant amount of individual info concerning you. The thing is that, most likely mistakenly, the data of your account has been emailed to me.

READ MORE: Man beaten after being chased into fish and chip shop

“For instance, your address is: [real home address] I am a law-abiding citizen, so I decided to personal data may have been hacked. I attached the file – [surname].dot that I received, that you could explore what info has become obtainable for scammers. File password is – 2811 Best Wishes.”

The emails include an attachment – a ‘.dot’ file usually titled with the recipient’s name. This attachment is thought to contain the Banking Trojan Ursniff/Gozi, hidden within an image in the document.

READ MORE: Council to invest £1m into ambitious 9-screen cinema and restaurant plan for Grimsby town centre

The Ursniff Banking Trojan attempts to obtain sensitive data from victims, such as banking credentials and passwords. The data is subsequently used by criminals for monetary gain.

Lincolnshire Alert has issued the following advice in an effort to help internet users protect themselves online:

  • Don’t click on links or open any attachments you receive in unsolicited emails or SMS messages: Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication (you can find out how by searching the internet for relevant advice for your email provider).
  • Do not enable macros in downloads; enabling macros will allow Trojan/malware to be installed onto your device.
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It is important that the device you back up to is not connected to your computer as any malware infection could spread to that as well.
  • If you think your bank details have been compromised, you should contact your bank immediately. If you have been affected by this or any other fraud, report it to Action Fraud by calling 0300 123 2040, or visit www.actionfraud.police.uk.

More of today’s Grimsby news


Follow us on Facebook and Twitter

Fraud alert: Police warn after phishing emails increase

Share on Facebook

Tweet on Twitter

Fraudsters are sending out a high volume of phishing emails to personal and business email addresses.

The subject line contains the recipient’s name, and the main body of text is as below:

“Hi, [name]!

banner ad

I am disturbing you for a very serious reason. Although we are not familiar, but I have significant amount of individual info concerning you. The thing is that, most likely mistakenly, the data of your account has been emailed to me.

For instance, your address is:

[real home address]

I am a law-abiding citizen, so I decided to personal data may have been hacked. I attached the file – [surname].dot that I received, that you could explore what info has become obtainable for scammers. File password is – 2811

READ MORE:  Two Nottingham men jailed for drug and firearms offences

Best Wishes,”

The emails include an attachment – a ‘.dot’ file usually titled with the recipient’s name.

This attachment is thought to contain the Banking Trojan Ursniff/Gozi, hidden within an image in the document. The Ursniff Banking Trojan attempts to obtain sensitive data from victims, such as banking credentials and passwords. The data is subsequently used by criminals for monetary gain.

  • Protect Yourself:

    Having up-to-date virus protection is essential; however it will not always prevent your device(s) from becoming infected.

    Please consider the following actions:

  • Don’t click on links or open any attachments you receive in unsolicited emails or SMS messages: Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of communication (you can find out how by searching the internet for relevant advice for your email provider).
  • Do not enable macros in downloads; enabling macros will allow Trojan/malware to be installed onto your device.
  • Always install software updates as soon as they become available. Whether you are updating the operating system or an application, the update will often include fixes for critical security vulnerabilities.
  • Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It is important that the device you back up to is not connected to your computer as any malware infection could spread to that as well.
    If you think your bank details have been compromised, you should contact your bank immediately.If you have been affected by this or any other fraud, report it to Action Fraud by calling 0300 123 2040, or visit www.actionfraud.police.uk.