Boston, April 8

Businesses have lost billions of dollars to fast-growing scams where fraudsters impersonate company executives in e-mails that order staff to transfer to accounts controlled by criminals, according to the US Federal Bureau of Investigation (FBI).

Losses from these scams, which are known as ‘business e-mail compromise’, totalled more than $2.3 billion from October 2013 through February of this year, the FBI said in an alert issued this week, citing reports to law enforcement agencies around the globe.

The cases involved some 17,642 businesses of all sizes scattered across at least 79 countries, according to the FBI alert posted on the website of the agency’s Phoenix bureau.

Law enforcement and cyber security experts have been warning that business e-mail compromise was on the rise, but the extent of losses has not previously been disclosed. Cyber security experts say they expect losses to grow as high profits attract more criminals.

“It’s a low-risk, high-reward crime. It’s going to continue to get worse before it gets better,” said Tom Brown, a former federal prosecutor in Manhattan.

The FBI’s alert said that fraudsters go to great lengths to spoof company e-mail accounts and use other methods to trick employees into believing that they are receiving money-transfer requests from CEOs, corporate attorneys or trusted vendors.

“They research employees who manage money and use language specific to the firm they are targeting, then they request a wire fraud transfer using dollar amounts that lend legitimacy,” the alert said. It said they often target businesses that work with foreign suppliers or regularly perform wire transfers. The size of losses vary widely.

Austrian aircraft parts manufacturer FACC said in January that it lost about $55 million through such a scam. In Arizona, average loss ranges from $25,000 to $75,000, as per FBI.

The FBI said in its alert, which was dated Monday, that it has seen a 270 per cent increase in identified victims and exposed loss since January 2015.