Criminals are exploiting vulnerabilities in Australia’s construction industry to steal millions of dollars through increasingly sophisticated Business Email Compromise (BEC) scams, the Australian Federal Police has warned.
AFP Assistant Commissioner Cyber Command Richard Chin said the agency was seeing a concerning rise in BEC attacks across the construction sector, with cybercriminals impersonating businesses or employees to divert legitimate payments into fraudulent accounts.
“The construction sector, with its high-value transactions and complex subcontracting chains, has become an attractive target for organised cybercrime groups operating both domestically and offshore,” Assistant Commissioner Chin said.
He urged businesses to take extra care verifying payments, warning that victims often only discover the fraud when the money has already been transferred through multiple international accounts.
“No matter how legitimate a request may appear, always confirm payment instructions through a secondary communication channel,” he said.
“Cybercrime prevention is a shared responsibility, and even small steps can stop significant financial losses.”
BEC attacks cost Australians more than $152.6 million in 2024 — up 66 per cent from 2023, according to the National Anti-Scams Centre. They now rank among the top three cybercrimes reported by Australian businesses, accounting for 13 per cent of all reports to ReportCyber.
To combat the growing threat, the AFP established Operation Dolos in January 2020 — a multi-agency taskforce with state and territory police, AUSTRAC, the Australian Criminal Intelligence Commission, the Australian Cyber Security Centre, and the financial sector.
The construction industry remains a prime target due to high-value invoices, frequent payments, and limited cybersecurity resources — particularly within small and family-run businesses. Many operators lack dedicated finance teams and are vulnerable to scams exploiting urgency and trust.
Cybercriminals use advanced social engineering and malware to infiltrate email systems, monitor conversations, and manipulate invoices. These viruses can operate undetected for months, capturing logins and deleting or forwarding key messages to facilitate fraudulent transactions.
Support our Journalism
No-nonsense journalism. No paywalls. Whether you’re in Australia, the UK, Canada, the USA, or India, you can support The Australia Today by taking a paid subscription via Patreon or donating via PayPal — and help keep honest, fearless journalism alive.
