Fraudulent emails and purchase orders
This message is for the attention of existing and potential suppliers to the University of Reading.
We want to alert you to a fraud scam that is targeting existing and potential suppliers of equipment to the University of Reading, as well as other Universities and businesses, nationally and globally. Please take the necessary precautions so that you are not a victim of this scam.
The scam operates in the following way:
- A supplier will receive an email or phone call from the fraudster requesting a quotation for specific item/s of equipment or goods. These may be in large or small quantities and of low to high values, or requesting extended payment terms.
- There are instances where the fraudster has used the name of an individual connected with the University.
- Once the quotation has been provided, a purchase order is emailed to the supplier that resembles an authentic University purchase order (PO).
- The PO typically instructs delivery to an address that may or may not be affiliated to the University. If the University address is used, the fraudsters intercept or redirect the delivery once they are notified of despatch and tracking from the courier.
- The fraudster will provide a mobile number, asking for it to be the first number to try as they may be away from their desk or in meetings and therefore unable to take calls on the office extension.
- After shipping the goods, they are collected and despatched, usually abroad.
We advise all suppliers to consult with their IT or cyber security advisors to ensure they remain vigilant and informed on how to identify suspicious communications.
How to identify the fraudulent emails/POs:
- Incorrect domain name used to send emails and purchase orders. A valid University email address will always end in @reading.ac.uk. Hovering over the email address may reveal the originator's email address if different from that displayed. An example of an incorrect domain being used is reading@-ac.co.uk
- The delivery address is not a University address, or in some cases, the delivery address may be a genuine University address, which is later changed or redirected. Fraudulent addresses will typically be a domestic residence, freight forwarders or a self-storage facility, often not anywhere near Reading.
- Poorly written email with grammatical errors.
- Use of a false or unknown contact from the University. If requests for quotations or purchase orders are received from a new University contact that raises your suspicion, please contact a member of the Procurement team to verify the validity of the request. There may be an instruction for the supplier / courier to use a mobile number rather than an office number. Do not contact the name/number used on the email/purchase order.
- Phone numbers not associated with the University. ALWAYS contact through the main University switchboard, if unsure.
- Unusually large quantities are requested.
- Rush to ship priority/overnight
If you are ever unsure about a quotation request sent by email, or the subsequent Purchase Order, please do contact the University of Reading Procurement Team.
Please do not attempt to call any phone numbers contained within the fraudulent emails that purport to be University numbers as they will attract a service charge.
The University has made reports to the police via Action Fraud. If you have received any suspicious emails we would also be very grateful if you forward to firstname.lastname@example.org so these can added to the evidence.