BUSINESS & FINANCIAL SERVICES
February 9, 2017
There has been a recent spike in 'vendor imposter' fraud where change of payment instructions are received from crooks purporting to be known vendors. UC San Diego has been targeted for this type of fraud, along with UC Davis, UCLA and other higher education institutions. In the case of UC San Diego, the fraudster called the department directly asking them to facilitate the change in banking information. Numerous institutions have incurred losses in excess of $1 million. These fraud schemes are sophisticated and focused using tactics like issuing 'certified' letters on vendor specific letterhead, use of vendor email addresses and mention of specific campus projects or purchases to appear legitimate.
As a result, IPPS Disbursements is implementing a two-step verification process when new banking or payment information is submitted by vendors or departments to minimize UC San Diego's risk. These additional controls will likely increase processing time for banking or payment information changes but IPPS Disbursements will work as efficiently as possible.
Please contact IPPS Disbursements via BFSupport if you receive banking or payment information directly from a vendor.
UC San Diego Health System is taking similar actions to mitigate risk and more information will be issued shortly.