Skip to content
Open menu Close menu

Fraudulent purchase orders

This message is for the attention of existing and potential suppliers to the University of Bradford. We want to alert you to a scam that is targeting existing and potential suppliers to Universities and businesses nationally.

This group is thought to still be active in contacting suppliers using University names to obtain goods. Please take the necessary precautions so that you do not become a victim of this scam. The scam involves purchase orders and requests for product quotations that purport to originate from the University but are in fact fraudulent.

How the scam operates

The scam operates in the following way:

  1. The supplier will receive an email requesting a quotation for specific item(s) of equipment. These may be in large or small quantities and of low to high values. In some of these instances the fraudster has used the name of an individual connected to the University. They will ask for the quote to be sent to an email address resembling a legitimate university email address. For instance they may use -ac.uk instead of .ac.uk or universityof...procurement@outlook.com
  2. Once the quotation has been provided, a purchase order is emailed to the supplier that bears resemblance to an authentic University purchase order. The purchase order typically instructs delivery to an address not affiliated with the University. If the University address is used, they then try to intercept or redirect the delivery using courier dispatch notification and tracking portals. The fraudster gives a mobile number and asks that this is the first number to try as they may be away from their desk or in meetings, therefore will not able to take calls on the office extension.
  3. After shipping the item(s) of equipment, the supplier never receives payment and is unable to retrieve the shipped products.

Indicators of fraud

 

  • Incorrect domain name used to send emails and purchase orders. A valid University email address will always end in @bradford.ac.uk. Hovering over the email address may reveal the originator’s email address if different from that displayed. An example of an incorrect domain being used is bradfordac.co.uk
  • The delivery address is not a University address. A genuine University purchase order will request delivery to Department of XXXXX, University of Bradford, Richmond Road, BD7 1DP, UoB Health Centre, Laisteridge Lane, BD5 0HR, UoB Sports Facilities, Laisteridge Lane BD5 0NW, UoB, Emm Lane, Bradford BD9 4JL, Woodhall Pavillion, Pudsey, LS28 7TS and a legitimate third-party address, DHEZ, Little Germany BD1 5BD
  • Fraudulent addresses will typically be a domestic residence or a self-storage facility (though they may purport to be a University address).
  • Poorly written email with grammatical errors.
  • Use of a false or unknown contact from the University.
  • Phone numbers not associated with the University. University landlines commence with the numbers 01274 23 followed by the 4 digit extension number.
  • Unusually large quantities are requested.
  • Rush to ship priority/overnight.

 

What to do if you suspect fraudulent activity

If you receive a request for quotation or purchase order that raises your suspicion, please contact a member of the Procurement Office to verify the validity of the request. Do not contact the name or number used on the email or purchase order. 

If the request cannot be verified as valid, then please report to Action Fraud.

Please do not attempt to call any phone numbers contained within the fraudulent emails that purport to be University numbers as they will attract a service charge. Typically, these numbers begin with 0843/0844/0845/070.

What the University is doing

 

  • Contacting all its existing suppliers that may be subject to this type of fraudulent activity in order to raise awareness and provide basic guidance on how to deal with it.
  • Requesting that domain names used for fraudulent activity are closed when they have been brought to our attention.
  • Reporting any instances of known fraudulent activity to Action Fraud.

 

This message is for the attention of existing and potential suppliers to the University of Bradford. We want to alert you to a scam that is targeting existing and potential suppliers to Universities and businesses nationally.

 

This group is thought to still be active in contacting suppliers using University names to obtain goods. Please take the necessary precautions so that you do not become a victim of this scam. The scam involves purchase orders and requests for product quotations that purport to originate from the University but are in fact fraudulent.

 

How the scam operates

 

The scam operates in the following way:

 

  1. The supplier will receive an email requesting a quotation for specific item(s) of equipment. These may be in large or small quantities and of low to high values. In some of these instances the fraudster has used the name of an individual connected to the University. They will ask for the quote to be sent to an email address resembling a legitimate university email address. For instance they may use –ac.uk instead of .ac.uk or universityof….procurement@outlook.com

 

  1. Once the quotation has been provided, a purchase order is emailed to the supplier that bears resemblance to an authentic University purchase order. The purchase order typically instructs delivery to an address not affiliated with the University. If the University address is used, they then try to intercept or redirect the delivery using courier dispatch notification and tracking portals. The fraudster gives a mobile number and asks that this is the first number to try as they may be away from their desk or in meetings, therefore will not able to take calls on the office extension.

 

  1. After shipping the item(s) of equipment, the supplier never receives payment and is unable to retrieve the shipped products.

 

Indicators of fraud

 

  • Incorrect domain name used to send emails and purchase orders. A valid University email address will always end in @bradford.ac.uk. Hovering over the email address may reveal the originator’s email address if different from that displayed. An example of an incorrect domain being used is bradfordac.co.uk
  • The delivery address is not a University address. A genuine University purchase order will request delivery to Department of XXXXX, University of Bradford, Richmond Road, BD7 1DP, UoB Health Centre, Laisteridge Lane, BD5 0HR, UoB Sports Facilities, Laisteridge Lane BD5 0NW, UoB, Emm Lane, Bradford BD9 4JL, Woodhall Pavillion, Pudsey, LS28 7TS  and a legitimate third-party address, DHEZ, Little Germany BD1 5BD,
  • Fraudulent addresses will typically be a domestic residence or a self-storage facility (though they may purport to be a University address).
  • Poorly written email with grammatical errors.
  • Use of a false or unknown contact from the University.
  • Phone numbers not associated with the University. University landlines commence with the numbers 01274 23 followed by the 4 digit extension number.
  • Unusually large quantities are requested.
  • Rush to ship priority/overnight.

 

 

What to do if you suspect fraudulent activity

 

If you receive a request for quotation or purchase order that raises your suspicion, please contact a member of the Procurement Office using the link below to verify the validity of the request. Do not contact the name or number used on the email or purchase order. https://www.bradford.ac.uk/purchasing/internal/contact-and-find-us/

 

 If the request cannot be verified as valid, then please report to Action Fraud.

Please do not attempt to call any phone numbers contained within the fraudulent emails that purport to be University numbers as they will attract a service charge. Typically, these numbers begin with 0843/0844/0845/070.

 

What the University is doing

 

  • Contacting all its existing suppliers that may be subject to this type of fraudulent activity in order to raise awareness and provide basic guidance on how to deal with it.
  • Requesting that domain names used for fraudulent activity are closed when they have been brought to our attention.

Reporting any instances of known fraudulent activity to Action Fraud.