ePay icon
TIS Insurance Services logo
Get a Quote

Cyber Crime in Construction: Why “Trusted Emails” Are Costing Contractors Real Money

In today’s construction environment, your business runs on speed and trust—quick payments, wire transfers, ACH instructions, and constant communication between owners, GCs, subs, lenders, and vendors. Unfortunately, cyber criminals understand this just as well as you do.

Over the last year, we have seen a noticeable uptick in cyber crime claims involving construction companies, specifically where funds are sent to fraudulent bank accounts after a seemingly legitimate request. These losses can be significant—often well into six figures—and many contractors are surprised to learn that traditional insurance policies do not address this exposure.

How These Losses Typically Happen

Common real-world scenarios include:

  • A contractor receives an email that appears to come from a known vendor or project partner with “updated wiring instructions.”
  • A project administrator receives what looks like a legitimate request from an owner or lender to send funds to a new account.
  • A client is emailed fraudulent payment instructions that appear to come directly from the contractor.
  • A subcontractor’s system is breached, and emails are sent to General Contractor clients changing payment instructions.

The email addresses, logos, tone, and timing are often nearly indistinguishable from legitimate communication, especially when criminals have been monitoring email threads for weeks or months. By the time the fraud is discovered, the money is gone.

Why Construction Is a Prime Target

Construction companies are attractive targets because:

  • Large sums move frequently via wire or ACH
  • Payment instructions change regularly
  • Multiple parties are involved on every project
  • It’s common to rely on email for financial direction
  • Tight timelines reduce double‑checking

Cyber criminals don’t need to breach your system—they only need one convincing email at the right moment.

Where Insurance Coverage Comes Into Play

These losses are not covered under a General Liability policy, Builder’s Risk policy, Standard Crime policy, or Property coverage. However, they can be addressed through Cyber Coverage or Crime policy, if endorsed with the proper fraud endorsements.

Two coverages are especially important for contractors:

Social Engineering Fraud Coverage

This applies when your company is duped into voluntarily sending funds to a fraudulent account.

Example:

  • Your accounting team receives an email that appears to come from a trusted vendor requesting updated wiring instructions.
  • Funds are sent based on that request.
  • It later turns out the email was fraudulent.

In this case, Social Engineering Fraud coverage can respond—if it is properly included and structured within your Cyber policy.

Client Deception Coverage

This applies when your client is tricked into sending funds intended for you to a fraudulent account.

Example:

  • A client receives fake payment instructions that appear to come from your company.
  • They send payment to a criminal’s account instead of yours.
  • The funds were never paid to you—even though the client acted in good faith.

Without Client Deception coverage, this situation can quickly turn into a dispute over who absorbs the loss. With this coverage in place, your Cyber policy can help respond.

Why “Having Cyber Insurance” Isn’t Enough

Not all Cyber policies are created equal. Many include sub‑limitsstrict coverage conditions, or exclusions related to:

  • Verification procedures
  • Call-back requirements
  • Vendor instruction changes
  • Client-caused losses

Practical Risk Management Steps

In addition to insurance, contractors should:

  • Require verbal verification for any change in payment instructions
  • Limit who can approve fund transfers
  • Train staff to identify red flags in emails
  • Use written procedures for financial changes
  • Confirm payment instructions from known contacts using previously verified phone numbers

Cyber insurance works best when paired with strong internal controls.

Final Thoughts

Cyber crime is no longer just an IT issue—it’s a financial risk that directly affects cash flow, project timelines, and client relationships. As criminals grow more sophisticated, construction companies must stay one step ahead with both process and protection.

If you’re unsure whether your current Cyber policy includes Social Engineering Fraud or Client Deception coverage, or whether the limits are adequate for the size of payments you handle, now is the time to review it—before a claim tests it for you.

More Insurance

Insights
Businessman touching on screen to Risk Management for assessment

How Local Businesses Can Leverage Insurance as a Risk-Management Tool

Running a local business comes with opportunity, growth, and pride, but it also comes with risk. From property damage and employee injuries to lawsuits and unexpected interruptions, even a single incident can create financial strain. Smart business owners shouldn’t rely

Read more
Filling Worker Compensation After Injury Application Form

Why Small Businesses in Knoxville Should Consider Workers’ Compensation Coverage

Operating a small business in Knoxville involves managing various risks, and ensuring the well-being of your employees is a primary responsibility. Workers’ compensation coverage is a critical component of a comprehensive risk management strategy. This type of insurance provides medical,

Read more

How AI and Predictive Analytics Are Transforming Benefits Strategies

The term “AI” was a futuristic concept not long ago. Not anymore – AI is our reality and is being integrated into all facets of our lives. The world of employee benefits is no exception. By embracing AI and predictive

Read more

Get a Quote

Provide us with a little information about yourself and your insurance needs.