April 1 comes and goes. The pranks disappear. Unfortunately, the cybersecurity threats targeting Salt Lake City engineering firms don't disappear with them.
Spring is one of the most active seasons for cybercriminals — and Utah engineering consultancies are a high-value target. Not because your engineering team is careless, but because project engineers and staff are focused on submittals, analysis runs, and client deliverables. That's when the almost-believable scams slip through: the kind that blend into a normal project day and don't feel dangerous until it's too late.
Here are three active cybersecurity threats hitting engineering firms right now. Not targeting gullible people, but sharp, analytically-minded professionals who are just trying to meet their project deadlines. As you read through these, apply your usual risk assessment framework — and ask whether your firm has adequate controls in place.
Scam #1: The Toll Road (or Parking Fee) Text
A project engineer gets a text between analysis reviews: "You have an unpaid toll balance of $6.99. Pay within 12 hours to avoid late fees." The amount is small. They're between project reviews, so they click and pay. Except the link wasn't real. The FBI received more than 60,000 complaints about fake toll texts in 2024 alone, volume jumped 900% in 2025.
The guardrail: Legitimate toll agencies don't demand immediate payment via text. No payments through text-message links. Go directly to the official website. Convenience is the bait. Process is the defense.
Scam #2: 'Your File Is Ready'
A project manager receives an email that a file was shared — a drawing in Newforma, a project document in SharePoint, or a file from what appears to be a subconsultant or client. The formatting looks exactly like every other project notification. They click, enter their credentials, and now an attacker has access to your document control system and the engineering project data it contains.
Phishing campaigns abusing platforms like SharePoint, Procore, and Newforma increased 67% in 2025. For engineering firms, a compromised project management credential exposes client project files, engineering calculations, and potentially government or DOT project data with specific security requirements.
The guardrail: If a shared file wasn't expected, don't click the link — log directly into Newforma or the platform. Enable multi-factor authentication on all project management and document control accounts.
Scam #3: The Email That Impersonates a Client or DOT Contact
A 2025 study found that AI-generated phishing emails achieved a 54% click rate. For engineering firms, the most targeted variant impersonates a client agency, a government contact, or a subconsultant — requesting updated invoice or contract information. The email references the right project number and the right contacts. In one recent test, 72% of employees engaged with vendor impersonation emails.
For engineering firms working on government projects or DOT contracts, the data security implications of a successful breach can extend beyond the firm to project security requirements and client notification obligations.
The guardrail: Any request involving payment changes or sensitive project data gets verified through a second channel — a call to a contact already on file, not a number provided in the email. Urgency is the warning sign.
What This Means for Your Salt Lake City Engineering Firm
Your engineering calculations, project specifications, and design files represent significant intellectual property and, for government work, may carry specific data security requirements. A cybersecurity breach at an engineering firm isn't just a data problem — it's an IP problem, a client relationship problem, and potentially a contractual compliance issue.
Applying the same risk mitigation discipline to your IT systems that you apply to your engineering work is the foundation of a defensible cybersecurity posture. Process design that protects project data and client information even when your engineering team is under submittal pressure is the goal.
Frequently Asked Questions
What cybersecurity threats are most relevant to Salt Lake City engineering firms?
Project management platform phishing (Newforma, SharePoint, Procore) is a growing threat for engineering firms, as compromised credentials expose complete project portfolios. Ransomware targeting CAD and simulation environments is increasing, as attackers know engineering project files are critical and difficult to recreate. Vendor and client impersonation targeting invoice and contract payments rounds out the top threats.
How can engineering firms protect project data and engineering calculations from cybersecurity threats?
Multi-factor authentication on all document control and project management platforms is the highest-leverage technical control. Proper access permissions for subconsultants — limiting access to only the project files they need — reduces exposure. Regular, verified backups of CAD files, simulation data, and project documentation protect against ransomware. For government projects, confirm applicable data security requirements with your contracting officer.
Does Qualit offer IT support and cybersecurity for engineering firms in Salt Lake City?
Yes. Qualit provides cybersecurity and managed IT services for engineering firms across Salt Lake City and the greater Utah area, including project management platform security, high-performance workstation management, and proactive threat monitoring. A quick discovery call is a good place to start.
That's Where We Can Help
Most Salt Lake City engineering principals want to focus on technical work and client deliverables — not on cybersecurity policy documentation. They want to know their project data is protected and their firm's IT infrastructure is reliable.
- The cybersecurity risks Salt Lake City engineering firms are seeing right now
- Where project IP and data security risks surface through normal engineering workflows
- How to build a defensible cybersecurity posture aligned with your firm's project and contract requirements
