The billing scam that cost 2 tech giants $122 million

If Facebook and Google fell for it, what chance do we have? That’s what you might be thinking after hearing a Lithuanian man just pleaded guilty to a slew of charges stemming from a billing scam that flooded these tech giants with fake invoices for a nine-figure loss.

The lesson here: Any company is vulnerable.

But you can minimize your risk … if you know what to look for. Check out what happened in this high-profile case and how you can use it to protect your own company cash.

2 reasons the fraud went on so long

This wasn’t a tremendously sophisticated scheme. But it sure was effective. From 2013-2015 Evaldas Rimasauskas spoofed emails from execs at both Google and Facebook to forge purchase orders, invoices and contracts.

How did the fraud go undetected for two years? Two main reasons:

1. The company sounded legit. The scammer created an LLC in Latvia that had the same name as Chinese computer manufacturer Quanta Computer Inc. So when finance staffers at Google and Facebook saw the bills come in, it seemed like a legitimate supplier.
2. The paperwork looked authentic. Rimasauskas had a corporate stamp made that went on documents that were supposed to have been generated in-house so that they appeared legit.

In fact, we highlighted both of these red flags in a recent Resourceful Finance Pro article on fake invoices.

Red flag 1: A not-so-crisp logo

Yes, your team would notice if bills from a regular supplier looked completely different than they always do. Which is why thieves try to make as little change as possible to the existing bills.

Unless it’s an inside job, they can’t get their hands on company letterhead. So many scan a copy and print it onto their own paper. But things like the logo won’t appear as sharp on a scanned version.

In this case, the crook made his own stamps to mimic Facebook’s and Google’s logos.

But some close scrutiny by their respective A/P teams may have found the slightest difference that signaled something wasn’t right.

Red flag 2: Contact info ever-so-slightly changed

Of course the toughest-to-spot phony invoices look identical to the ones A/P receives every day.

That’s just what the crooks count on. And they’re preparing for the fact that companies are paying closer attention than ever to what crosses their desks.

A sign something fishy may be afoot: Contact info has changed. Again, if there’s a radical difference most finance teams will catch it. Which is why less-than-honest people will change contact info ever so slightly as to be glossed over by most people.

There was a variation on this theme at play here, since the scam artist adopted a name of a well-known company to add legitimacy to the requests. But a little checking could’ve foiled this scheme with the very first invoice.

It takes 10 seconds to type a URL into a PC to verify it’s on the level. Immediately A/P would’ve seen that the Latvian company should’ve been located in China.

That’s a discovery worth millions.