By Kate Fazzini
Updated Mar 28, 2019
This week, the Department of Justice announced the indictment of a Lithuanian man who bilked Google and Facebook out of $123 million.
He did it using one of the most common and devastating cyberattacks: business email compromise, also known as invoice fraud. It’s a type of fraud where a criminal poses as a vendor or business partner and convinces a company to wire huge sums of money to an offshore account as “payment” for services that were never rendered.
Representatives for Google and Facebook both said their respective companies recovered the stolen funds. That’s rare. People who are defrauded out of their mortgage down payment, small businesses that mistakenly wire millions of their meager funds offshore, and even hedge funds without enough oversight have been hit much harder by business email compromise — sometimes so hard they go out of business.