How a Construction Company Lost Over $40,000 to an Email Phishing Attack, And How We Helped Secure Them After

Email phishing attacks are no longer just a “big company” problem.

Recently, a construction company in Irving, Texas contacted us after discovering they had lost over $40,000 from their business bank account due to an email phishing campaign. Like many small and mid-sized businesses, they never expected email to be the doorway an attacker would use.

Unfortunately, it happens far more often than most business owners realize.

WHAT HAPPENED: A SIMPLE EMAIL WITH EXPENSIVE CONSEQUENCES

In this case, the attack started with a phishing email that looked legitimate. The message appeared to come from a trusted source and prompted a user to take action quickly.

Once credentials were compromised, the attacker was able to:

  • Monitor email conversations
  • Intercept financial communications
  • Manipulate banking or payment-related information
  • Initiate fraudulent transactions

By the time the issue was discovered, more than $40,000 had already been stolen.

This type of attack is commonly known as Business Email Compromise (BEC), and it targets industries like construction especially hard due to:

  • High-dollar invoices
  • Frequent vendor payments
  • Fast-moving job timelines
  • Reliance on email for approvals

OUR IMMEDIATE RESPONSE

When the company reached out to us, our first priority was containment and cleanup.

1. Device & Malware Scanning: We performed full malware and security scans on all company devices, including workstations and laptops. This ensured there were no lingering infections, no remote access tools, and no additional threats hiding on the network.

2. Securing Their Email Environment: Email was the entry point — so email security became the focus.

We deployed advanced email security on every company email address, adding an additional layer of protection beyond standard email filtering. This included phishing and impersonation detection, malicious link and attachment scanning, and protection against spoofed emails pretending to be vendors or executives.

Why email? Because email is the one door you cannot simply “lock.”

WHY EMAIL IS THE MOST DANGEROUS DOOR IN YOUR BUSINESS

Firewalls, antivirus, and backups are important — but email is different.

You can lock down your network, control device access, and secure your servers. But email must remain open to customers, vendors, banks, and partners.

That’s why over 90% of cyberattacks start with email, small businesses are increasingly targeted, and construction companies are prime targets for financial fraud.

THE BIGGER LESSON FOR BUSINESS OWNERS

Many small and mid-sized businesses assume they are too small to be targeted or that Microsoft 365 or Gmail alone is enough protection. Unfortunately, attackers are counting on those assumptions.

Email phishing attacks today are highly targeted, well-written, timed around real business activity, and designed to bypass basic filters.

HOW NERDSTOGO MCKINNEY HELPS BUSINESSES STAY PROTECTED

At NerdsToGo McKinney, we help businesses move from reactive IT to proactive protection by focusing on endpoint security, advanced email security, post-incident risk assessments, and ongoing IT monitoring.

Our goal is simple: reduce risk before it turns into downtime, lost money, or lost trust.

IS YOUR BUSINESS PROTECTED AGAINST EMAIL-BASED ATTACKS?

If your business relies heavily on email, handles invoices or payments, or has never reviewed its email security, it may be time to take a closer look.

Contact NerdsToGo McKinney to schedule a business IT security review and find out whether your email is properly protected — before it becomes the next entry point for an attack.