University of Waterloo vendors being targeted by look-alike domains, phishing, and procurement fraud attempts

Thursday, February 21, 2019
What is happening? University of Waterloo vendors are being targeted by malicious email imposters:
  • Imposters are impersonating employees from Procurement & Contract Services in order to contact vendors for product quotes.
  • Once a vendor responds to the quote request email, the imposter asks for the product to be shipped to the University's research facility.
  • The shipping address given to the vendor is a fake address that actually belongs to a logistics company not affiliated with the University.
  • The imposter then contacts the logistics company to re-route the package overseas. The product is gone and the vendor contacts the University for reimbursement. 
     
What should I look out for?  
  • Fake domains: imposters will send emails from domains that look like they are coming from the University, but may be spelled differently (e.g. @uniwaterloo.com).
  • Suspicious requests: imposters will request orders for large quantities of products (e.g. electronics, lab equipment, cameras).
  • Unrecognized shipping address: imposters will provide vendors with shipping addresses that are not affiliated with the University in order to re-route products sent by vendors.
 
Suspected fraud attempts should be reported to the Security Operations Centre at soc@uwaterloo.ca. Reports of successful fraud should be directed to UW Police Services at uwpolice@uwaterloo.ca.
  1. 2019 (115)
    1. December (8)
    2. November (12)
    3. October (11)
    4. September (8)
    5. August (12)
    6. July (9)
    7. June (9)
    8. May (13)
    9. April (8)
    10. March (8)
    11. February (7)
    12. January (10)
  2. 2018 (112)
    1. December (6)
    2. November (7)
    3. October (8)
    4. September (10)
    5. August (9)
    6. July (11)
    7. June (11)
    8. May (12)
    9. April (9)
    10. March (8)
    11. February (5)
    12. January (16)
  3. 2017 (113)
    1. December (11)
    2. November (11)
    3. October (9)
    4. September (8)
    5. August (6)
    6. July (6)
    7. June (16)
    8. May (10)
    9. April (7)
    10. March (7)
    11. February (13)
    12. January (9)
  4. 2016 (136)
  5. 2015 (203)
  6. 2014 (210)
  7. 2013 (95)
  8. 2012 (187)
  9. 2011 (120)
  10. 2010 (114)
  11. 2009 (233)
  12. 2008 (100)
  13. 2007 (2)