Fraud scams targeting suppliers and the University
Details of currently known fraud scams and how to avoid being affected.
We would like to make suppliers aware of fraud scams currently targeting universities and their suppliers. Please take all necessary precautions so that your company does not fall victim.
Fraudulent purchase orders
The supplier receives an email requesting a quotation for specific items of equipment, often in large quantities and of high value. Once the quotation is provided, a purchase order resembling an authentic UWE Bristol purchase order is emailed to the supplier requesting delivery to an address not affiliated to the University. After shipping the item(s), the supplier never receives payment and is unable to get the goods back.
How to identify a fraudulent email or purchase order
- a valid UWE Bristol email address will always end in @uwe.ac.uk. Hovering over the email address may reveal the originators email address if different from the one displayed. An example of an incorrect email address being used is uwe-ac.co.uk.
- check that the delivery address relates to the University. Fraudulent addresses will typically be a domestic residence or self-storage facility, often not anywhere near Bristol.
- emails and purchase orders are often poorly written with grammatical errors.
- use of a false or unknown contact from the University. If requests for quotation or purchase orders are received from a new University contact that raises your suspicion, please contact a member of the Procurement team to verify the validity of the request. Do not make contact using the name or 'phone number on the email/purchase order.
- telephone number on the email/purchase order is not associated with the University.
- unusually large quantities of goods have been requested.
- there is a request to ship goods as a priority.
If you are ever unsure whether a purchase order/quotation request is genuine please contact the UWE Bristol Procurement team:
Fraudulent change of bank details
There have been a number of occasions where the University has been asked to change the bank details of its legitimate suppliers to divert payment to a fraudsters bank account.
The fraudster contacts the supplier claiming to be from the University to gather information such as bank account details, purchase order numbers, outstanding invoices, supplier number, contact name and contact details. Having acquired this information, the fraudster then contacts the University claiming to be from the supplier and requesting a change in bank details. Letters sent look identical to authentic letters from the supplier and in some instances where the letter has been sent via email the email addresses have appeared to be genuine too.
Preventing this fraud
UWE Bristol has implemented robust procedures for changing supplier bank details. We will always contact suppliers directly using contact details already on our finance system. We also request proof of bank details, eg the top of a bank statement or a copy of a paying in book showing bank account and sort code details. We will not amend a suppliers bank details until we are satisfied that the request is genuine.
Reporting of fraud
The University will report any potential fraud attempts to the Police via Action Fraud. If you have received suspicious emails please forward them to the purchasing team at firstname.lastname@example.org so that they can be used as evidence.