Businesses of all sizes, and in all industries, around the world are at risk of sending payments to fraudsters who pose as someone known and trusted by a company employee. This scam, called impostor fraud, cost U.S. companies $179 million from October 2013 to November 2014, according to the Internet Crime Complaint Center. And losses continue to mount as crooks get better at their impersonation tactics.

A scammer may claim to be the company's CEO, CFO, a longtime vendor, or someone else whose name and position makes the scam believable. While impersonating this trusted business acquaintance, the scammer sends the company employee a fake invoice, payment request, or change in payment instructions. If the employee isn't careful about confirming that the request is legitimate, the company will end up sending funds to the scammer.

There are two main variations on the impostor fraud theme. In the first, the fraudster poses as a company executive and instructs an employee to make one or more payments, usually by wire transfer. The scammer will do research in advance to identify the company's typical payees, along with common methods for payment requests and acceptable amounts for each method, so that the email appears legitimate. In this type of fraud, the scammer often impersonates the CEO. Requests from the corporate CEO are less likely to be questioned than requests from lower-level managers, and some CEOs can be hard to get in touch with to verify such a request.