Unit 5: Related Attacks
Facebook and Google Attack
Between 2013-2015, a 50 year old man, Evaldas Rimasauskas, together with his co-conspirators stole over $100 million from 2 of the biggest company in the world, Google and Facebook.
.jpg)
What happened?
Rimasauskas and his co-conspirators set up a fake company called Quanta Computer. They chose this Taiwan-based company because the computer company worked and do business with Google and Facebook.
The emails forged using fake email accounts looked very much like the real employees of the actual Quanta Computer company.
​
They sent fake invoices to trusted Facebook and Google employees and they conducted a $100 million transaction.
​
Rimasauskas was said to be sentenced to up to 30 years in prison
Voice phishing scam
Voice phishing is also know as vishing
​
The attacker used a voice deepfake to scam a CEO of a UK-based energy firm. In total, $243,000 was scammed.
What happened?
The fraudster who pretended to be the boss of the CEO used AI voice technology to spoof the German CEO into sending funds to a Hungarian supplier.
​
According to Kirsch, who is the firm's insurance company, said that the CEO recognized the German accent in his boss's voice.
The CEO later realised that the call was made from an Austrian phone number but the transaction had already been made
​
The transaction was moved to a Hungarian bank account, then disbursed to other locations.
​
The attacker has not been caught up till now.
How are they both related?
Similar to the twitter attack, social engineering was involved as well. While the attackers used a phishing website to trick twitter, Rimasauskas created multiple phishing emails to trick those employees and the unknown fraudster used deepfake voice to scam the CEO.
​
In both attacks, we can see that social engineering techniques like phishing and voice phishing were used
