Thursday, February 21, 2019
What is happening? University of Waterloo vendors are being targeted by malicious email imposters:
- Imposters are impersonating employees from Procurement & Contract Services in order to contact vendors for product quotes.
- Once a vendor responds to the quote request email, the imposter asks for the product to be shipped to the University's research facility.
- The shipping address given to the vendor is a fake address that actually belongs to a logistics company not affiliated with the University.
- The imposter then contacts the logistics company to re-route the package overseas. The product is gone and the vendor contacts the University for reimbursement.
What should I look out for?
- Fake domains: imposters will send emails from domains that look like they are coming from the University, but may be spelled differently (e.g. @uniwaterloo.com).
- Suspicious requests: imposters will request orders for large quantities of products (e.g. electronics, lab equipment, cameras).
- Unrecognized shipping address: imposters will provide vendors with shipping addresses that are not affiliated with the University in order to re-route products sent by vendors.