Google
A Google logo is seen in a store in Los Angeles, March 24, 2017. Reuters/Lucy Nicholson

U.S. tech giants Google and Facebook have been ripped off $100 million in an email scam, Fortune reported Thursday.

The fact that the tech giants were swindled by a man impersonating as an Asian supplier of tech equipments, who was arrested last month for the crime, came to light during Fortune’s interviews with the law enforcement, as was revealed in its findings.

Read: Cyberattacks: Phishing, Ransomware Attacks Rose In 2016

Evaldas Rimasauskas, the accused, allegedly designed an elaborate scheme to defraud tech companies in 2013. To do so, according to the Justice Department, he forged documents, email addresses and corporate digital signatures to create an impersonation of a large Asian manufacturer with whom the companies regularly did business. He then tricked the companies into making payments for computer supplies they never ordered.

From 2013-2015, Rimasauskas allegedly managed to convince the finance and accounts departments of both Facebook and Google to make large transfers in lieu of payments. Before the companies caught on to what was happening, they had already transferred around $100 million. He then stashed the money in multiple banks across Eastern Europe.

He was finally arrested for the scam last year and charges of wire fraud were pressed against him. According to a press release issued by the United States Attorney’s office, southern district of New York on March 21, most of money has already been recovered.

The authorities are still pursuing the extradition of Rimasauskas, who has denied the charges.

“Mr. Rimasauskas cannot expect a fair and impartial trial in the USA. The uncertainty is further increased taking into account the behavior of FBI agents during the interrogations of Mr. Rimašaukas, frightening him with long years in US prisons, and the transfer of computers to US law enforcement officials, which was made without the presence of the owner,” his lawyer, Linas Kuprusevičius, told Fortune in an email.

Rimasauskas also claimed that the Justice Department and Lithuanian authorities not naming the companies was infringing on his right to a fair trial. He is still in custody in Lithuania, according to a spokesperson of the U.S. Attorney’s office in New York.

How the company’s names were revealed is also interesting. Quanta Computer, a major supplier of computer and electronic parts, conceded in March that it was actually the supplier that Rimasauskas allegedly impersonated. After repeated interviews with law enforcement officials, Fortune contacted Facebook, which responded in an email, saying: “Facebook recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation."

Google also responded saying: “We detected this fraud against our vendor management team and promptly alerted the authorities. We recouped the funds and we're pleased this matter is resolved," said a Google spokesperson.”

The scam involved email phishing and impersonation and has raised questions as to why the companies have been silent about the issue. Their silence is peculiar, since both companies owe an obligation to tell investors what happened.

Read: Americans Are The Leading Target Of Ransomware

The scam is interesting in its simplicity — there was no hacking, no insiders and no other complicated techniques involved. The fact is that many consumers use these companies’ applications and share valuable data with them. If they can be so easily scammed, it raises questions about how consumers could remain safe from such scams.