The Victorian Building Authority (VBA) is warning builders and plumbers about a growing trend of cybercriminals targeting construction companies and their customers via business email compromise (BEC) scams.
The warning follows an Australian Cyber Security Centre (ACSC) alert, noting these emails typically target the customers of the business and will ask them to change bank account details for future invoice payments.
In a BEC scam, cybercriminals will send fraudulent emails posing as a legitimate business.
Victims assume this request is legitimate and will then send invoice payments to a bank account operated by the scammer.
These fraudulent emails may come from hacked email accounts, or cybercriminals might register domain names that are similar to legitimate companies, typically by swapping letters or adding additional characters.
All parties to construction projects should be cautious when communicating by email, particularly when discussing bank…