Phishing remains one of the top attack vectors cyber criminals employ, making the human factor one of the most vulnerable parts of an organization. According to a phishing report, the construction sector is the most at risk among industries in terms of vulnerabilities to phishing attacks. Ransomware and malware directed at construction firms are particularly dangerous as highly confidential plans, blueprints, bids, financial information, and even personally identifiable information (PII) are usually stored within one system. In addition to financial loss, companies subjected to attacks face long-term consequences like lost business and bad press coverage.