Watch out for scams hitting the Construction Industry

The Australian Cyber Security Centre (ACSC) has issued a high alert for construction companies and their customers in Australia. The ACSC has reported in the past six months there has been an increase in cybercriminals targeting builders and construction companies to conduct business email compromise (BEC) scams within Australia.
In a BEC scam, cybercriminals send fraudulent emails posing as a legitimate business. These emails typically target the customers of the business and will ask them to change bank account details for future invoice payments. Victims assume this request is legitimate and send invoice payments to a bank account operated by the scammer.
According to Michael McKinnon, Chief Information Officer at cybersecurity company Tesserent, the Australian construction and manufacturing industry is one of the most vulnerable and targeted sectors for cybercriminals.
“Australia’s construction industry is highly vulnerable to not only BEC scams, but also for phishing and ransomware attacks. This is a result of years of neglect in IT spending in the sector,” Mr McKinnon said.
“Construction companies have frequently underestimated the importance of investing in technology and now many are exposed through outdated technologies running in their business and their reliance on less sophisticated managed service providers.”