WEBVTT 00:00:00.320 --> 00:00:01.990 JACK: Hey, it’s Jack, host of the show. 00:00:01.990 --> 00:00:05.830 I’m a little under the weather this week, so this will be a short episode. 00:00:05.830 --> 00:00:10.589 I don’t want to leave you hanging, but I also don’t have it in me to deliver an hour’s 00:00:10.589 --> 00:00:11.929 worth of stories for you. 00:00:11.929 --> 00:00:15.860 So, I’m sorry, but I hope you like the episode anyway. 00:00:15.860 --> 00:00:19.539 Warren Buffet has been one of the top ten richest people in the world for quite a while 00:00:19.539 --> 00:00:20.539 now. 00:00:20.539 --> 00:00:25.490 He got rich mostly from investing, and his main strategy is to invest in wonderful companies 00:00:25.490 --> 00:00:26.550 at a fair price. 00:00:26.550 --> 00:00:32.099 One day, Jeff Bezos asked him well, your investment thesis is so simple; why doesn’t everyone 00:00:32.099 --> 00:00:33.300 just copy you? 00:00:33.300 --> 00:00:36.530 Warren Buffet said because nobody wants to get rich slow. 00:00:36.530 --> 00:00:41.449 If you look around the internet, you will see loads of get-rich-quick schemes, people 00:00:41.449 --> 00:00:45.820 claiming to make over $500,000 a year, and if you buy their training course, you too 00:00:45.820 --> 00:00:47.780 can learn the secrets of their success. 00:00:47.780 --> 00:00:53.309 There’s so many others, but this story is about a guy who had a brilliant get-rich-quick 00:00:53.309 --> 00:00:56.120 scheme that actually worked. 00:00:56.120 --> 00:01:04.589 (INTRO): [INTRO MUSIC] These are true stories from the dark side of the internet. 00:01:04.589 --> 00:01:09.310 I’m Jack Rhysider. 00:01:09.310 --> 00:01:13.490 This is Darknet Diaries. 00:01:13.490 --> 00:01:22.590 [INTRO MUSIC ENDS] 00:01:22.590 --> 00:01:28.430 JACK: Facebook is a company that knows how to make money. 00:01:28.430 --> 00:01:32.340 In 2012, their revenue for the year was $5 billion. 00:01:32.340 --> 00:01:34.009 That’s a lot of money. 00:01:34.009 --> 00:01:39.189 They are incredibly profitable, and it’s the kind of money that makes you wish maybe 00:01:39.189 --> 00:01:42.119 I should start a business to get that rich, too. 00:01:42.119 --> 00:01:45.659 [MUSIC] But no; no, no, no. 00:01:45.659 --> 00:01:47.650 That’s way too hard. 00:01:47.650 --> 00:01:54.479 Building a unique website, marketing it, getting users, and waiting for it to grow crazy big? 00:01:54.479 --> 00:02:00.420 All that takes a long time and a lot of energy, and you have to be really lucky, too. 00:02:00.420 --> 00:02:06.409 Facebook was started in 2004 and it took them over five years before they began to make 00:02:06.409 --> 00:02:08.229 any kind of profit. 00:02:08.229 --> 00:02:11.890 Who has five years to sit around waiting to get rich? 00:02:11.890 --> 00:02:18.830 Facebook does not have a get-rich-quick scheme, but they did get rich over time, really rich. 00:02:18.830 --> 00:02:25.610 $5 billion in revenue in 2012 is a lot of money to flow through the coffers over at 00:02:25.610 --> 00:02:27.970 1 Hacker Way in Silicon Valley. 00:02:27.970 --> 00:02:30.180 Who’s counting all that money? 00:02:30.180 --> 00:02:32.570 Who’s got control of that? 00:02:32.570 --> 00:02:34.250 Well, a lot of people. 00:02:34.250 --> 00:02:39.030 A company like that probably has scores of people who have purchasing power. 00:02:39.030 --> 00:02:44.440 Perhaps a lot of employees have company credit cards to pay for travel or training, or managers 00:02:44.440 --> 00:02:49.720 might have a checkbook to buy major things like renting a new office space or leasing 00:02:49.720 --> 00:02:53.270 company vehicles or purchasing another company. 00:02:53.270 --> 00:02:57.270 In 2012, we heard this on the ABC Nightly News. 00:02:57.270 --> 00:03:02.690 HOST: Instagram, a company with only thirteen employees, bought today by Facebook for one 00:03:02.690 --> 00:03:04.150 billion dollars. 00:03:04.150 --> 00:03:06.340 JACK: [MUSIC] Whoa. 00:03:06.340 --> 00:03:08.590 How does that make you feel? 00:03:08.590 --> 00:03:14.840 When you hear that Facebook bought another company for a billion dollars, what goes through 00:03:14.840 --> 00:03:15.840 your mind? 00:03:15.840 --> 00:03:21.060 I mean, news like that makes me stop and think for a moment. 00:03:21.060 --> 00:03:25.240 My hand goes up to my chin and I start gazing out the window. 00:03:25.240 --> 00:03:27.340 That’s a lot of money. 00:03:27.340 --> 00:03:34.440 A guy named Evaldas Rimasauskas heard that news, and it put him in deep thought, too. 00:03:34.440 --> 00:03:40.770 He was forty-three years old in 2012 and was living in Vilnius, the capital of Lithuania. 00:03:40.770 --> 00:03:44.660 The thing that ran through his head was who wrote that check? 00:03:44.660 --> 00:03:51.640 Who’s the person in Facebook that has the ability to write a one-billion-dollar check? 00:03:51.640 --> 00:03:54.180 Was it Mark Zuckerberg himself? 00:03:54.180 --> 00:03:58.130 Surely no; he must have people to do that, and those people must listen to Mark when 00:03:58.130 --> 00:04:00.980 Mark says hey, can you write a check for a billion dollars? 00:04:00.980 --> 00:04:02.170 We just bought another company. 00:04:02.170 --> 00:04:04.950 Yes, Mr. Zuckerberg, right away, Mr. Zuckerberg. 00:04:04.950 --> 00:04:11.010 Whoever has that power to write those checks must be really trusted over at Facebook. 00:04:11.010 --> 00:04:15.840 See, Evaldas had been learning a lot about how checks work during that time. 00:04:15.840 --> 00:04:20.120 He was fascinated with the whole system; a little piece of paper with the right numbers 00:04:20.120 --> 00:04:25.220 and signatures on it is all you need to take money from someone else. 00:04:25.220 --> 00:04:30.030 Evaldas was interested in different scams and thefts that you could do with checks and 00:04:30.030 --> 00:04:33.160 bank accounts and money-processing centers. 00:04:33.160 --> 00:04:38.500 He heard about how some people make bogus checks and how payroll fraud works and other 00:04:38.500 --> 00:04:41.160 ways to steal money from companies. 00:04:41.160 --> 00:04:44.310 I imagine Evaldas had some small wins during all this. 00:04:44.310 --> 00:04:48.120 I don’t know what, though, but my guess is that he probably started where a lot of 00:04:48.120 --> 00:04:53.030 other people like him start, with buying stolen credit cards online and then cashing them 00:04:53.030 --> 00:04:55.080 out and taking the money from them. 00:04:55.080 --> 00:04:59.370 But these kind of schemes only make you a few hundred dollars at a time. 00:04:59.370 --> 00:05:03.870 You really have to work your tail off to make the big bucks from this, and maybe that’s 00:05:03.870 --> 00:05:05.690 what he was doing when he heard this news. 00:05:05.690 --> 00:05:09.140 HOST: …bought today by Facebook for one billion dollars. 00:05:09.140 --> 00:05:11.420 [‘BILLION DOLLARS’ ECHOING] 00:05:11.420 --> 00:05:15.010 JACK: One billion dollars. 00:05:15.010 --> 00:05:19.620 Evaldas didn’t want to bother with petty $200-thefts. 00:05:19.620 --> 00:05:24.080 He wanted a piece of these big-time deals that Facebook was making. 00:05:24.080 --> 00:05:25.180 But how? 00:05:25.180 --> 00:05:30.990 It’s not like he has a wildly popular photo-sharing app that he can sell to Facebook for a billion 00:05:30.990 --> 00:05:32.990 dollars. Hm. 00:05:32.990 --> 00:05:35.370 He began to think about it. 00:05:35.370 --> 00:05:40.850 With all this money flowing in and out of Facebook, there has to be a way to somehow 00:05:40.850 --> 00:05:45.330 steal some of that or scam a piece of it for himself. 00:05:45.330 --> 00:05:47.320 He needed more information. 00:05:47.320 --> 00:05:53.030 He rounded up a few people to help him and he told them hey, call up Facebook and try 00:05:53.030 --> 00:05:56.490 to figure out who’s writing these huge checks and what companies they’re writing checks 00:05:56.490 --> 00:05:57.490 to. 00:05:57.490 --> 00:05:59.680 His buddies were like, huh? 00:05:59.680 --> 00:06:01.770 Call up Facebook and what? 00:06:01.770 --> 00:06:03.650 The end goal seemed impossible. 00:06:03.650 --> 00:06:06.990 How can you just call up Facebook and ask who’s writing the checks over there and 00:06:06.990 --> 00:06:08.490 where are you writing them to? 00:06:08.490 --> 00:06:09.490 You can’t. 00:06:09.490 --> 00:06:11.100 You’re gonna get nowhere fast if you do that. 00:06:11.100 --> 00:06:16.370 [MUSIC] So, they had to do it piece by piece and slowly social-engineer their way into 00:06:16.370 --> 00:06:18.810 the company to get this information. 00:06:18.810 --> 00:06:22.780 At first they called up Facebook’s customer support, and maybe they asked basic questions 00:06:22.780 --> 00:06:25.560 like what’s the number to the Accounting department? 00:06:25.560 --> 00:06:30.510 Or if I have an unpaid bill and Facebook owes me money, who should I talk to? 00:06:30.510 --> 00:06:34.740 Or maybe his team just looked on LinkedIn to see who’s working in the Finance and 00:06:34.740 --> 00:06:37.320 Accounting departments over at Facebook. 00:06:37.320 --> 00:06:41.450 Surely it would be a huge help to know who’s who over there, and maybe from there you can 00:06:41.450 --> 00:06:43.570 guess someone’s e-mail address. 00:06:43.570 --> 00:06:45.300 Maybe it’s just firstname.lastname@facebook.com? 00:06:45.300 --> 00:06:48.600 I don’t know. 00:06:48.600 --> 00:06:53.700 But if the e-mail is guessable, you could use that to try to gather more information 00:06:53.700 --> 00:06:58.650 from someone there, maybe by e-mailing them and asking them just for a basic piece of 00:06:58.650 --> 00:07:03.600 information, but when they reply, boom, their phone number might show up right in the footer 00:07:03.600 --> 00:07:08.630 of the e-mail, and now you can call them and try social-engineering them to give you more 00:07:08.630 --> 00:07:10.150 information. 00:07:10.150 --> 00:07:15.200 This is how Evaldas was chipping away at all the layers of security within Facebook, and 00:07:15.200 --> 00:07:19.860 all these little pieces of information can add up to give you quite a detailed understanding 00:07:19.860 --> 00:07:24.360 of the internal operations of their business. 00:07:24.360 --> 00:07:29.800 If you know who Facebook is doing business with, like maybe partners or contractors, 00:07:29.800 --> 00:07:32.580 then maybe you can attack this from the other side, too. 00:07:32.580 --> 00:07:37.889 Like, if you hear on social media that Facebook has contracted with Company XYZ, then you 00:07:37.889 --> 00:07:42.180 can call up Company XYZ and try to social-engineer them. 00:07:42.180 --> 00:07:48.199 Like, maybe you ask them who over at Facebook is paying invoices, or something like that. 00:07:48.199 --> 00:07:53.260 All these bits of information add up to be really helpful when trying to scam a company. 00:07:53.260 --> 00:07:57.680 The more Evaldas and his team scraped this information together, the more he understood 00:07:57.680 --> 00:08:00.270 about what options there were. 00:08:00.270 --> 00:08:05.139 After a while, they had a pretty good understanding of the social and accounting infrastructure 00:08:05.139 --> 00:08:06.830 within Facebook. 00:08:06.830 --> 00:08:11.270 [MUSIC] During all this, Evaldas learned that Facebook does a lot of business with a company 00:08:11.270 --> 00:08:12.820 called Quanta Computer. 00:08:12.820 --> 00:08:16.820 HOST2: Welcome to the Quanta Resource MFGT. 00:08:16.820 --> 00:08:22.949 Quanta Manufacturing Nashville repairs and refurbishes tablets and point-of-sale devices 00:08:22.949 --> 00:08:28.040 as well as bill servers, and provides Cloud computing services. 00:08:28.040 --> 00:08:34.169 Our customers include the world’s largest online retailer and the world’s largest 00:08:34.169 --> 00:08:35.669 social media company. 00:08:35.669 --> 00:08:37.960 JACK: This was it. 00:08:37.960 --> 00:08:43.589 Knowing this gave Evaldas all the information he needed to make his move. 00:08:43.589 --> 00:08:50.250 His big idea was that he was going to pose as Quanta Computing and issue an invoice to 00:08:50.250 --> 00:08:57.510 Facebook to pay a bill, and he hoped Facebook would pay him instead of Quanta. 00:08:57.510 --> 00:09:02.310 But in order for this to work, he had to make everything look really good. 00:09:02.310 --> 00:09:06.430 All the information he collected earlier was going to come into play here. 00:09:06.430 --> 00:09:11.529 [MUSIC] First, he set up a company called Quanta Computer, the exact same name. 00:09:11.529 --> 00:09:14.560 See, the real Quanta Computer is in Taiwan. 00:09:14.560 --> 00:09:20.110 He set his Quanta Computer company up in Latvia and Cypress, and then opened bank accounts 00:09:20.110 --> 00:09:21.530 under that name. 00:09:21.530 --> 00:09:26.150 Then he somehow got ahold of a real Quanta Computer invoice and knew exactly who was 00:09:26.150 --> 00:09:28.810 paying these invoices over at Facebook. 00:09:28.810 --> 00:09:33.700 He altered the invoice to simply change where the payment should be sent, which was to his 00:09:33.700 --> 00:09:35.380 bank instead of theirs. 00:09:35.380 --> 00:09:40.060 Now, you would think this might be enough; a fake invoice that looks exactly like the 00:09:40.060 --> 00:09:44.560 real one but with one minor thing changed, and you know exactly who pays these invoices 00:09:44.560 --> 00:09:46.240 over at Facebook. 00:09:46.240 --> 00:09:52.220 But Evaldas took this a step further, conducting what’s called a BEC scam. 00:09:52.220 --> 00:09:57.460 BEC stands for Business E-mail Compromise, but I can’t stand that term because there’s 00:09:57.460 --> 00:09:59.400 nothing actually compromised here. 00:09:59.400 --> 00:10:05.279 BEC is basically a phishing attack, but you’re posing as someone that the victim knows already. 00:10:05.279 --> 00:10:10.950 So, the problem here is if Evaldas just sent an e-mail to Facebook saying pay this bill, 00:10:10.950 --> 00:10:13.649 what e-mail address should he use? 00:10:13.649 --> 00:10:18.000 He’s not gonna use his personal e-mail address because that would be a huge red flag. 00:10:18.000 --> 00:10:23.050 You’d hope someone at Facebook would notice who sent him the invoice and realize it wasn’t 00:10:23.050 --> 00:10:24.050 someone from Quanta. 00:10:24.050 --> 00:10:29.820 He can’t use something like quantacomputer@gmail.com because that’s not what Quanta’s e-mails 00:10:29.820 --> 00:10:31.140 look like, either. 00:10:31.140 --> 00:10:37.350 So, Evaldas had to figure out who at Quanta typically sends these invoices out so he could 00:10:37.350 --> 00:10:40.149 look as close as he could to them. 00:10:40.149 --> 00:10:44.630 I’m not sure exactly what he did here, but my guess is he probably registered a domain 00:10:44.630 --> 00:10:50.270 that was very similar to Quanta’s actual domain and made his e-mail look super close 00:10:50.270 --> 00:10:53.480 to it, with maybe one letter off. 00:10:53.480 --> 00:10:57.020 Once he had all this set up, he was ready. 00:10:57.020 --> 00:11:02.100 He had his fake invoice, his fake domain, and fake business all set up. 00:11:02.100 --> 00:11:06.850 He put it together and sent the e-mail to the right person at Facebook, telling them 00:11:06.850 --> 00:11:12.260 to update where payments should be sent when paying bills for Quanta, and the person at 00:11:12.260 --> 00:11:17.080 Facebook saw this e-mail and fell for it, making the change so that the payments are 00:11:17.080 --> 00:11:21.880 now sent to Evaldas’ bank instead of the real Quanta’s bank account. 00:11:21.880 --> 00:11:26.310 Not too long after that, he got a notice from his bank that said a large deposit has been 00:11:26.310 --> 00:11:29.050 made into your account from Facebook. 00:11:29.050 --> 00:11:30.810 [MUSIC] It worked. 00:11:30.810 --> 00:11:36.060 I don’t know how much this payment was for, but it was a lot; maybe a few hundred thousand 00:11:36.060 --> 00:11:37.290 dollars, maybe more. 00:11:37.290 --> 00:11:40.140 This was a huge win for Evaldas and his team. 00:11:40.140 --> 00:11:43.149 They got their piece of the Facebook riches. 00:11:43.149 --> 00:11:46.030 What a rush that must have been. 00:11:46.030 --> 00:11:51.709 But hey, if it worked once, could it work a second time? 00:11:51.709 --> 00:11:56.140 Yeah, sure enough, money kept rolling in from Facebook. 00:11:56.140 --> 00:12:01.279 Every time they’d go to pay a Quanta bill, they’d end up paying Evaldas instead. 00:12:01.279 --> 00:12:02.390 Incredible. 00:12:02.390 --> 00:12:09.149 Then he noticed something; Quanta also does business with Google, and Google is also a 00:12:09.149 --> 00:12:12.709 massive company with billions of dollars going in and out. 00:12:12.709 --> 00:12:17.880 So, he decided to social-engineer his way into Google and learn how their financial 00:12:17.880 --> 00:12:19.860 infrastructure was set up. 00:12:19.860 --> 00:12:25.920 Then he was able to trick someone at Google to send him money instead of Quanta. 00:12:25.920 --> 00:12:30.640 Because his system was so meticulously detailed and planned out, Google also fell for it and 00:12:30.640 --> 00:12:32.490 started paying him, too. 00:12:32.490 --> 00:12:36.810 Talk about a passive income scheme; Quanta would do all the work and he would get all 00:12:36.810 --> 00:12:38.050 the pay from it. 00:12:38.050 --> 00:12:42.720 Now, Quanta also does a lot of business with Apple and Amazon, too, and I’m not sure 00:12:42.720 --> 00:12:47.230 if Evaldas knew that, or maybe he tried to get into those companies, too. 00:12:47.230 --> 00:12:51.320 But at this point, Evaldas and his team had made millions of dollars off of Facebook and 00:12:51.320 --> 00:12:54.180 Google, which is just unreal. 00:12:54.180 --> 00:12:58.140 This get-rich scheme was working amazingly well. 00:12:58.140 --> 00:13:03.020 It’s kind of hilarious to just take a step back for a moment and look at this from a 00:13:03.020 --> 00:13:04.020 distance. 00:13:04.020 --> 00:13:07.860 He sent fake invoices to Facebook and Google, and they just paid them. 00:13:07.860 --> 00:13:10.150 He was making millions of dollars from these fake bills. 00:13:10.150 --> 00:13:12.180 It’s a crazy story. 00:13:12.180 --> 00:13:15.440 Oh, and he had a whole system to clean the money, too. 00:13:15.440 --> 00:13:18.800 Remember those bank accounts Evaldas set up in Latvia and Cypress? 00:13:18.800 --> 00:13:22.880 Well, after Google and Facebook had wired money to these accounts, Evaldas would then 00:13:22.880 --> 00:13:28.450 spring into action, sending the money to even more accounts in banks around the world; Slovakia, 00:13:28.450 --> 00:13:31.210 Lithuania, Hungary, and Hong Kong. 00:13:31.210 --> 00:13:35.240 Moving the money around would make it harder to track where it ultimately would end up, 00:13:35.240 --> 00:13:37.520 which was in Evaldas’ pockets. 00:13:37.520 --> 00:13:42.140 If any representative of these banks raised an eyebrow at these massive transfers, Evaldas 00:13:42.140 --> 00:13:47.060 would just send them fake legal documents that made it look like his money laundering 00:13:47.060 --> 00:13:49.640 scheme was just normal business dealings. 00:13:49.640 --> 00:13:56.360 So, Evaldas was doing great, making tons of money from this BEC scam that he had set up. 00:13:56.360 --> 00:14:03.300 Over the next two years, he extracted $23 million from Google and a whopping $98 million 00:14:03.300 --> 00:14:05.160 from Facebook. 00:14:05.160 --> 00:14:09.420 Things were better than good for him; they were going great, and his system for laundering 00:14:09.420 --> 00:14:13.250 money by moving it around different banks was working well, too. 00:14:13.250 --> 00:14:19.910 Everything felt pretty secure for him, [MUSIC] until one tiny detail he overlooked came into 00:14:19.910 --> 00:14:21.140 light. 00:14:21.140 --> 00:14:24.440 At some point, someone at Google or Facebook noticed this scam. 00:14:24.440 --> 00:14:27.760 I bet it was Quanta calling them up, like where’s our money? 00:14:27.760 --> 00:14:31.370 They must have been like ‘uh-oh’ when they realized that they’d been tricked into 00:14:31.370 --> 00:14:32.660 sending it to the wrong place. 00:14:32.660 --> 00:14:36.240 So, someone started investigating this, and they were tracing the footsteps. 00:14:36.240 --> 00:14:39.690 They saw that they had wired all the money to a bank in Cypress, then they looked to 00:14:39.690 --> 00:14:44.839 see which e-mail it was that switched banks, and this made them realized oh, it was the 00:14:44.839 --> 00:14:51.180 domain that wasn’t exactly the same when we got this e-mail, one that looked like Quanta’s 00:14:51.180 --> 00:14:52.550 but really wasn’t. 00:14:52.550 --> 00:14:58.250 Okay, so the next question then is who owns this lookalike domain? 00:14:58.250 --> 00:15:00.970 To figure that out, you can do a WHOIS lookup on a domain. 00:15:00.970 --> 00:15:04.310 It’ll tell you who registered it and who controls it. 00:15:04.310 --> 00:15:06.760 This is where Evaldas made his mistake. 00:15:06.760 --> 00:15:10.950 He registered it under his own personal e-mail address. 00:15:10.950 --> 00:15:12.820 It all unraveled from there. 00:15:12.820 --> 00:15:17.459 After consulting internally, the employee notified the FBI, and with millions of dollars 00:15:17.459 --> 00:15:21.990 stolen, the FBI jumped right into action; first freezing Evaldas’ funds so they couldn’t 00:15:21.990 --> 00:15:26.560 be transferred anywhere, and then the FBI started gathering all the evidence they could, 00:15:26.560 --> 00:15:32.200 which was actually a vast paper trail of phony invoices and contracts that Evaldas had so 00:15:32.200 --> 00:15:33.740 carefully crafted. 00:15:33.740 --> 00:15:41.060 Evaldas didn’t know it, but the paper trail led right to him in Lithuania. 00:15:41.060 --> 00:15:44.269 The Lithuanian authorities arrested Evaldas. 00:15:44.269 --> 00:15:47.530 From there, he was extradited to New York to be tried. 00:15:47.530 --> 00:15:52.930 Evaldas pleaded guilty to wire fraud, and two years later, in 2019, he was sentenced 00:15:52.930 --> 00:15:59.360 to five years in prison, plus a hefty bill for $26 million. 00:15:59.360 --> 00:16:03.060 With the help of the government, Google and Facebook were able to recover a bulk of their 00:16:03.060 --> 00:16:06.450 losses and hopefully learn some lessons from all this. 00:16:06.450 --> 00:16:10.899 Oh, and I don’t know what happened to Evaldas’ co-conspirators. 00:16:10.899 --> 00:16:16.500 While this scam caused two companies to take a massive hit, that was only a drop in the 00:16:16.500 --> 00:16:17.500 bucket. 00:16:17.500 --> 00:16:22.570 Between 2013 and 2019, the Internet Crime Complaint Center received reports of over 00:16:22.570 --> 00:16:26.960 $10 billion in losses from similar BEC scams like this. 00:16:26.960 --> 00:16:31.149 We’re talking spoofed e-mails, spear phishing, malware attacks, all with the intention of 00:16:31.149 --> 00:16:34.770 getting a company to send payments to the wrong person. 00:16:34.770 --> 00:16:39.520 This is not a new attack, but it’s certainly becoming a popular one, and it’s adding 00:16:39.520 --> 00:16:42.899 up to be quite a lot of damage to a lot of businesses. 00:16:42.899 --> 00:16:47.760 It’s important for businesses of every size to take protective measures to defend against 00:16:47.760 --> 00:16:48.760 this. 00:16:48.760 --> 00:16:52.440 I imagine the more profitable your company is, the more likely you’ll be targeted by 00:16:52.440 --> 00:16:54.710 thieves trying to steal some of your profits. 00:16:54.710 --> 00:17:01.610 But what’s scary here is that a small, clever team outsmarted the sophisticated security 00:17:01.610 --> 00:17:06.609 team at Google who sees a massive amount of attacks every day. 00:17:06.609 --> 00:17:10.299 You might say well, this is not a hacking incident, so how could the security team even 00:17:10.299 --> 00:17:11.600 help defend against this? 00:17:11.600 --> 00:17:15.489 Well, there are a lot of tools that are getting better at detecting this sort of thing, such 00:17:15.489 --> 00:17:20.529 as identifying when a lookalike domain has e-mailed you, or tools that just do basic 00:17:20.529 --> 00:17:25.390 domain reputation checking and then quarantine any e-mails that just don’t look right. 00:17:25.390 --> 00:17:31.269 But this story should also remind us that security is everyone’s responsibility in 00:17:31.269 --> 00:17:33.749 a company. 00:17:33.749 --> 00:17:43.809 (OUTRO): [OUTRO MUSIC] This show is made by me, the comptroller, Jack Rhysider. 00:17:43.809 --> 00:17:48.489 This episode was researched and written by the diversified Lydia Horne, mixing done by 00:17:48.489 --> 00:17:54.090 Proximity Sound, and our theme music is by the liability known as Breakmaster Cylinder. 00:17:54.090 --> 00:17:57.590 What does a baby computer call its father? 00:17:57.590 --> 00:17:58.590 Data. 00:17:58.590 --> 00:18:00.659 This is Darknet Diaries.