Online criminals spoof university e-mail addresses in six-figure supply chain fraud

Action Fraud is issuing a warning as reports show that fraudsters are registering domain names to look like they belong to UK university e-mail addresses. UK and European supply companies are being defrauded out of vast sums of money as a result of this. Fraudsters imitating one university’s address realised a total victim loss of over £350,000.

This type of fraud, which is known as European distribution fraud, happens when a company from overseas (usually from Europe) delivers products to the UK, but isn’t paid for the goods or the cost of shipping.

Fraudsters are registering domains that are similar to genuine university domains such as and These domains are then used to contact suppliers and order high value goods such as IT equipment and pharmaceutical chemicals in the university’s name.

Quotation for goods

Suppliers will receive an e-mail that claims to be from a university, requesting a quotation for goods on extended payment terms. Once the quotation has been provided, a purchase order is e-mailed to the supplier that’s similar to a real university purchase order. The purchase order typically instructs delivery to an address, which may or may not be affiliated with the university. The items are then received by the criminals before being moved on. However, no payment is received by the supplier.

Pauline Smith, director of Action Fraud, said:“This type of fraud can have a serious impact on businesses. This is why it’s so important to spot the signs and carry out all the necessary checks, such as verifying the order and checking any documents for poor spelling and grammar. We know that there’s a lack of reporting by affected companies and, without this vital intelligence, a true picture of European distribution fraud cannot be reflected. If you or your business has been a victim, report it to Action Fraud.”

Protection against European distribution fraud

Ensure that you verify and corroborate all order requests from new customers. Use telephone numbers or e-mail addresses found on the retailer’s website. Do not use the details given on the suspicious e-mail for verification purposes.

If the order request is from a new contact at an organisation that’s an existing customer, verify the request through an established contact to make sure that it’s legitimate.

Check any documents for poor spelling and grammar. This is often a sign that fraudsters are at work.

Every report matters… If you’ve been a victim of European distribution fraud, report it to Action Fraud online or by calling 0300 123 2040.

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts