¶¶Òõ

¶¶Òõ of Reading cookie policy

We use cookies on reading.ac.uk to improve your experience, monitor site performance and tailor content to you.

Read our cookie policy to find out how to manage your cookie settings.

Fraudulent emails and purchase orders

This message is for the attention of existing and potential suppliers to the ¶¶Òõ of Reading.

We want to alert you to a fraud scam that is targeting existing and potential suppliers of equipment to the ¶¶Òõ of Reading, as well as other Universities and businesses, nationally and globally. Please take the necessary precautions so that you are not a victim of this scam.

The scam operates in the following way:

  1. A supplier will receive an email or phone call from the fraudster requesting a quotation for specific item/s of equipment or goods. These may be in large or small quantities and of low to high values, or requesting extended payment terms.
  2. There are instances where the fraudster has used the name of an individual connected with the ¶¶Òõ.
  3. Once the quotation has been provided, a purchase order is emailed to the supplier that resembles an authentic ¶¶Òõ purchase order (PO).
  4. The PO typically instructs delivery to an address that may or may not be affiliated to the ¶¶Òõ. If the ¶¶Òõ address is used, the fraudsters intercept or redirect the delivery once they are notified of despatch and tracking from the courier.
  5. The fraudster will provide a mobile number, asking for it to be the first number to try as they may be away from their desk or in meetings and therefore unable to take calls on the office extension.
  6. After shipping the goods, they are collected and despatched, usually abroad.  

We advise all suppliers to consult with their IT or cyber security advisors to ensure they remain vigilant and informed on how to identify suspicious communications.

 

How to identify the fraudulent emails/POs:

  • Incorrect domain name used to send emails and purchase orders. A valid ¶¶Òõ email address will always end in @reading.ac.uk. Hovering over the email address may reveal the originator's email address if different from that displayed. An example of an incorrect domain being used is reading@-ac.co.uk
  • The delivery address is not a ¶¶Òõ address, or in some cases, the delivery address may be a genuine ¶¶Òõ address, which is later changed or redirected. Fraudulent addresses will typically be a domestic residence, freight forwarders or a self-storage facility, often not anywhere near Reading. 
  • Poorly written email with grammatical errors.
  • Use of a false or unknown contact from the ¶¶Òõ. If requests for quotations or purchase orders are received from a new ¶¶Òõ contact that raises your suspicion, please contact a member of the Procurement team to verify the validity of the request. There may be an instruction for the supplier / courier to use a mobile number rather than an office number. Do not contact the name/number used on the email/purchase order.
  • Phone numbers not associated with the ¶¶Òõ. ALWAYS contact through the main ¶¶Òõ switchboard, if unsure.
  • Unusually large quantities are requested.
  • Rush to ship priority/overnight

If you are ever unsure about a quotation request sent by email, or the subsequent Purchase Order, please do contact the ¶¶Òõ of Reading Procurement Team.

Please do not attempt to call any phone numbers contained within the fraudulent emails that purport to be ¶¶Òõ numbers as they will attract a service charge.

The ¶¶Òõ has made reports to the police via Action Fraud. If you have received any suspicious emails we would also be very grateful if you forward to procurement@reading.ac.uk so these can added to the evidence.

.

Things to do now

If you are unsure or suspicious about a quotation request, email procurement@reading.ac.uk