Construction and Cybercrime

Historically, cybercrime hasn’t been a priority for the construction industry, but cybersecurity is becoming critical as more businesses embrace digital technologies. The construction industry is an attractive target for cybercriminals because of the number of people and dollar amounts involved. 
email fraud
Email Spoofing
How do Cybercriminals Do it?
Scammers monitor building permits and research builders and owners to gain access to their contact information. Then the scammers hack into the owner and builder emails to monitor correspondence to gain key information. The scammer sends a fraudulent email with wire transfer instructions attempting to divert money from the builder to the scammer. If the fraudulent email is not caught, money is lost.

How do I prevent this from happening to ME?
Multi-Factor Authentication
  • Enabling Multi-factor Authentication (MFA) on all email accounts 
  • Setting up Domain-based Message Authentication, Reporting, and Conformance (DMARC) to detect and prevent email spoofing
  • Working with industry professionals who are aware of the risks of Business Email Compromise (BEC) and Email Account Compromise (EAC)
Real-Life Examples
West Allis, WI
Milwaukee Journal Sentinel - March 10th, 2020
In October 2019, the West Allis-West Milwaukee School District attempted to pay a contractor for a new recreation center. The contractor did not receive the payment. The wired funds were intercepted by cybercriminals, sent to various US accounts, and moved overseas.
Actual Loss = $840,255
Southern Oregon University
Mail Tribue - September 19th, 2017
In April 2017, the university wired $1.9 million to a fraudster posing as the contractor for a new recreation center on campus.  The university was contacted via email to send funds for the construction project to a bank account not controlled by the contractor.  Three days later, the contractor told the university they had not received the funds.  The FBI was made aware of the situation, and some funds remained in the fraudulent bank account.  The university recovered $609,000 of the $1.9 million payment.
Actual Loss = $1.3 million
Port Washington, WI
Milwaukee Journal Sentinel - July 24th, 2019
In February 2019, after receiving a spoofed email impersonating a contractor, a Port Washington Church wired $500K to cybercriminals rather than the true contractor. With the assistance of law enforcement, some of the lost funds were recovered.
Amount Sent = $510,058
Amount Recovered = $143,166
Elkin Valley Baptist Church in North Carolina
Journal Now - January 27th, 2023
After fundraising for over a decade, Elkin Valley Baptist Church began constructing a new worship center.  In November 2022, they received an email from the general contractor with an invoice attached.  Shortly after the invoice was emailed, they received another email they believed was from the general contractor with wire instructions and a copy of the invoice.  A payment of nearly $800,000 was wired to the instructions in the email.  Nine days later, the general contractor reached out as a follow-up to the outstanding invoice.  The wire instructions received were from a cloned email.  The GC had yet to receive payment.
Estimated Loss = $800K
Marinette County, WI
The lender on a construction file with KBT received an email from the “general contractor” asking for a draw to be wired to them. The lender forwarded the request to the KBT office working on the project. That is not customary for draw requests, so the KBT office contacted the general contractor using previous contact information.  The general contractor replied they had not asked for a draw at this time.
Actual Loss = $0
Vernon County, WI
Scammers hacked an email account of a general contractor and created a spoof email of a subcontractor to email the builder invoices. The hacker emailed KBT posing as the subcontractor requesting the funds be wired because their bank would no longer accept checks due to someone previously paying with a counterfeit check.  KBT phoned the subcontractor using a known number and informed them about the fraud. KBT also contacted the builder to encourage using multi-factor authentication on his email.
Actual Loss = $0
The Knight Barry Team
Our employees are trained in fraud prevention and are on high alert for attempted scams. The numbers speak for themselves.
Attempted Loss in 2022 = Over $600K
Actual Loss = $0
For more information on how to protect yourself from wire fraud, contact your local Knight Barry Office