Cybercriminals are impersonating construction companies and using business email compromise (BEC) to defraud businesses that have pre-existing relationships with those construction companies.
How the BEC fraud works
First, cybercriminals use online services to collect information on construction companies and their clients, including project costs and contact information. Then, they register a domain that closely resembles the construction company’s domain (e.g., changing ABCD Corp. to ABCD Group or ABCD Inc.) and create email accounts attached to the new domain.
Finally, the cybercriminals send fraudulent emails to the construction company’s clients instructing them to update their automated clearing house (ACH) or direct deposit information — thereby redirecting the client’s payments from the legitimate construction company to the cybercriminals.
How to mitigate your risk
Cybercriminals tailor the email using the information they’ve gathered, including logos and a signature line. Here are five common ways to mitigate your business’s risk of falling for BEC fraud:
- Segregate duties: Analyze your segregation of duties to make sure one employee cannot make ACH/direct deposit changes or run a transaction through the company without a secondary approval.
- Use bill pay software: Bill pay software enables you to perform remote approvals, making it much easier to ensure there is always a secondary approval.
- Enable positive pay: Positive pay is one of the best methods of stopping counterfeit checks. Use four-factor authentication, not two-factor.
- Train employees: Educate employees on common fraud schemes, how to recognize the signs and what steps to take.
- Have a fraud prevention checkup performed: What risks is your business unknowingly taking? What can you do to reduce the risk of fraud and cybercrime?
Wipfli can help. We not only perform fraud prevention checkups and identify your risks but also have the capabilities to help you close those gaps.